Class: EasyAdmin::SessionsController

Inherits:
Devise::SessionsController
  • Object
show all
Defined in:
app/controllers/easy_admin/sessions_controller.rb

Instance Method Summary collapse

Instance Method Details

#cancel_2faObject

GET /easy_admin/cancel_2fa



60
61
62
63
64
65
66
67
68
69
 
# File 'app/controllers/easy_admin/sessions_controller.rb', line 60

def cancel_2fa
  # Clear the pending 2FA session
  session.delete(:pending_2fa_user_id)
  
  # Sign out the user completely
  sign_out(current_admin_user) if current_admin_user
  
  # Redirect to sign in with a message
  redirect_to new_admin_user_session_path, notice: "2FA verification cancelled. Please sign in again."
end

#createObject

POST /easy_admin/sign_in



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'app/controllers/easy_admin/sessions_controller.rb', line 13

def create
  # First, try to authenticate with email/password
  self.resource = warden.authenticate!(auth_options)
  
  if resource
    # Check if 2FA is required for this user
    if resource.two_factor_enabled?
      # Store user ID in session for 2FA verification
      session[:pending_2fa_user_id] = resource.id
      
      # Don't sign in yet - redirect to 2FA verification page
      redirect_to two_factor_verification_path
    else
      # No 2FA required, proceed with normal sign in
      set_flash_message!(:notice, :signed_in)
      (resource_name, resource)
      yield resource if block_given?
      respond_with resource, location: (resource)
    end
  else
    # Authentication failed
    super
  end
rescue => e
  # Handle authentication errors
  super
end

#destroyObject

DELETE /easy_admin/sign_out



114
115
116
117
118
 
# File 'app/controllers/easy_admin/sessions_controller.rb', line 114

def destroy
  # Clear any pending 2FA session on sign out
  session.delete(:pending_2fa_user_id)
  super
end

#newObject

GET /easy_admin/sign_in



6
7
8
9
10
 
# File 'app/controllers/easy_admin/sessions_controller.rb', line 6

def new
  # Clear any pending 2FA session
  session.delete(:pending_2fa_user_id)
  super
end

#two_factor_verificationObject

GET /easy_admin/two_factor_verification



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'app/controllers/easy_admin/sessions_controller.rb', line 42

def two_factor_verification
  user_id = session[:pending_2fa_user_id]
  
  unless user_id
    redirect_to new_admin_user_session_path, alert: "Session expired. Please sign in again."
    return
  end
  
  @user = EasyAdmin::AdminUser.find_by(id: user_id)
  
  unless @user&.two_factor_enabled?
    session.delete(:pending_2fa_user_id)
    redirect_to new_admin_user_session_path, alert: "Invalid session. Please sign in again."
    return
  end
end

#verify_2faObject

POST /easy_admin/verify_2fa



72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'app/controllers/easy_admin/sessions_controller.rb', line 72

def verify_2fa
  user_id = session[:pending_2fa_user_id]
  
  unless user_id
    redirect_to new_admin_user_session_path, alert: "Session expired. Please sign in again."
    return
  end
  
  user = EasyAdmin::AdminUser.find_by(id: user_id)
  
  unless user&.two_factor_enabled?
    session.delete(:pending_2fa_user_id)
    redirect_to new_admin_user_session_path, alert: "Invalid session. Please sign in again."
    return
  end
  
  otp_code = params[:otp_code]&.strip
  
  if otp_code.present? && user.validate_and_consume_otp!(otp_code)
    # 2FA verification successful
    session.delete(:pending_2fa_user_id)
    set_flash_message!(:notice, :signed_in)
    (resource_name, user)
    
    redirect_to (user)
  else
    # 2FA verification failed
    @user = user # Make sure @user is available for the view
    
    respond_to do |format|
      format.html do
        flash.now[:alert] = "Invalid authentication code. Please try again."
        render :two_factor_verification
      end
      format.turbo_stream do
        render "verify_2fa_error"
      end
    end
  end
end