Class: EmailAuth::Authenticator

Inherits:
Object
  • Object
show all
Defined in:
lib/emailauth/authenticator.rb

Class Method Summary collapse

Class Method Details

.authenticate(user_token, email_token, complete_token) ⇒ Object

Validates whether the provided tokens are correct using SAW protocol



23
24
25
26
27
28
29
 
# File 'lib/emailauth/authenticator.rb', line 23

def self.authenticate(user_token, email_token, complete_token)
  email_token_e = Base64.urlsafe_decode64(email_token)
  complete_token_e = Base64.urlsafe_decode64(complete_token)

  calculated_user_token = Base64.urlsafe_encode64(complete_token_e.unpack('C*').zip(email_token_e.unpack('C*')).map{ |a,b| a ^ b }.pack('C*'))
  return user_token==calculated_user_token
end

.generateTokens(bytes = 16) ⇒ Object

Generates SAW tokens in base64 that are the provided number of bytes



9
10
11
12
13
14
15
16
17
18
 
# File 'lib/emailauth/authenticator.rb', line 9

def self.generateTokens(bytes = 16)
  complete_token = SecureRandom.random_bytes(bytes)
  complete_token_s = Base64.urlsafe_encode64(complete_token)
  email_token = SecureRandom.random_bytes(bytes)
  email_token_s = Base64.urlsafe_encode64(email_token)

  user_token_s = Base64.urlsafe_encode64(complete_token.unpack('C*').zip(email_token.unpack('C*')).map{ |a,b| a ^ b }.pack('C*'))

  return [user_token_s,email_token_s,complete_token_s]
end

.generateTOTPSecretObject

Generates a TOTP secret



42
43
44
 
# File 'lib/emailauth/authenticator.rb', line 42

def self.generateTOTPSecret
  ROTP::Base32.random_base32
end

.validateTOTP(auth_secret, code) ⇒ Object

Validates whether a TOTP code is valid for a particular secret. Allows for a 30 second max transmission delay



35
36
37
 
# File 'lib/emailauth/authenticator.rb', line 35

def self.validateTOTP(auth_secret, code)
  return ROTP::TOTP.new(auth_secret).verify_with_drift(code, 30)
end