Module: Koi::Controller::HasWebauthn

Extended by:

ActiveSupport::Concern

Included in:

Admin::CredentialsController, Admin::SessionsController

Defined in:

app/controllers/concerns/koi/controller/has_webauthn.rb

Instance Method Summary

• #webauthn_auth_options ⇒ Object
• #webauthn_authenticate! ⇒ Object
• #webauthn_relying_party ⇒ Object

Instance Method Details

#webauthn_auth_options ⇒ Object

# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 20

def webauthn_auth_options
  options = webauthn_relying_party.options_for_authentication

  session[:authentication_challenge] = options.challenge

  options
end

#webauthn_authenticate! ⇒ Object

# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 28

def webauthn_authenticate!
  return if session_params[:response].blank?

  webauthn_credential, stored_credential = webauthn_relying_party.verify_authentication(
    JSON.parse(session_params[:response]),
    session[:authentication_challenge],
  ) do |credential|
    Admin::Credential.find_by!(external_id: credential.id)
  end

  stored_credential.update(
    sign_count: webauthn_credential.sign_count,
    updated_at: DateTime.current,
  )

  stored_credential.admin
rescue ActiveRecord::RecordNotFound
  false
end

#webauthn_relying_party ⇒ Object

# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 12

def webauthn_relying_party
  @webauthn_relying_party ||=
    WebAuthn::RelyingParty.new(
      name:            Koi.config.admin_name,
      allowed_origins: [request.base_url],
    )
end