Class: QuoVadis::Controller::QuoVadisWrapper

Inherits:
Object
  • Object
show all
Defined in:
lib/quo_vadis/controller.rb

Instance Method Summary collapse

Constructor Details

#initialize(controller) ⇒ QuoVadisWrapper

Returns a new instance of QuoVadisWrapper.



119
120
121
 
# File 'lib/quo_vadis/controller.rb', line 119

def initialize(controller)
  @controller = controller
end

Instance Method Details

#clear_session_idObject 



149
150
151
 
# File 'lib/quo_vadis/controller.rb', line 149

def clear_session_id
  cookies.delete QuoVadis.cookie_name
end

#lifetime_expires_at(browser_session) ⇒ Object 



198
199
200
201
202
203
204
 
# File 'lib/quo_vadis/controller.rb', line 198

def lifetime_expires_at(browser_session)
  return nil if browser_session
  return nil if QuoVadis.session_lifetime == :session

  t = ActiveSupport::Duration.build(QuoVadis.session_lifetime).from_now
  QuoVadis.session_lifetime_extend_to_end_of_day ? t.end_of_day : t
end

#log(account, action, metadata = {}) ⇒ Object 



217
218
219
 
# File 'lib/quo_vadis/controller.rb', line 217

def log(, action, metadata = {})
  Log.create account: , action: action, ip: request.remote_ip, metadata: metadata
end

#logoutObject 



206
207
208
209
210
211
 
# File 'lib/quo_vadis/controller.rb', line 206

def logout
  session&.destroy
  clear_session_id
  prevent_rails_session_fixation
  controller.instance_variable_set :@authenticated_model, nil
end

#logout_other_sessionsObject 



213
214
215
 
# File 'lib/quo_vadis/controller.rb', line 213

def logout_other_sessions
  session.logout_other_sessions
end

#path_after_authenticationObject

Raises:

  • (RuntimeError) 


221
222
223
224
225
226
227
228
229
 
# File 'lib/quo_vadis/controller.rb', line 221

def path_after_authentication
  if (bookmark = rails_session[:qv_bookmark])
    rails_session.delete :qv_bookmark
    return bookmark
  end
  return main_app. if main_app.respond_to?(:after_login_path)
  return main_app.root_path        if main_app.respond_to?(:root_path)
  raise RuntimeError, 'Missing routes: after_login_path, root_path; define at least one of them.'
end

#path_after_password_changeObject

Raises:

  • (RuntimeError) 


231
232
233
234
235
 
# File 'lib/quo_vadis/controller.rb', line 231

def path_after_password_change
  return main_app.after_password_change_path if main_app.respond_to?(:after_password_change_path)
  return main_app.root_path                  if main_app.respond_to?(:root_path)
  raise RuntimeError, 'Missing routes: after_password_change_path, root_path; define at least one of them.'
end

#prevent_rails_session_fixationObject 



153
154
155
156
157
 
# File 'lib/quo_vadis/controller.rb', line 153

def prevent_rails_session_fixation
  old_session = rails_session.to_hash
  reset_session
  old_session.each { |k,v| rails_session[k] = v }
end

#replace_sessionObject 



189
190
191
192
193
194
195
196
 
# File 'lib/quo_vadis/controller.rb', line 189

def replace_session
  prevent_rails_session_fixation

  sess = session.replace
  store_session_id sess.id, sess.lifetime_expires_at

  controller.instance_variable_set :@authenticated_model, sess..model
end

#request_confirmation(model) ⇒ Object 



159
160
161
162
163
164
165
166
167
168
169
170
 
# File 'lib/quo_vadis/controller.rb', line 159

def request_confirmation(model)
  rails_session[:account_pending_confirmation] = model..id

  expiration = QuoVadis..from_now.to_i
  rails_session[:account_confirmation_expires_at] = expiration

  otp = model..otp_for_confirmation(expiration)

  QuoVadis.deliver :account_confirmation, {email: model.email, otp: otp}

  controller.flash[:notice] = QuoVadis.translate 'flash.confirmation.sent'
end

#second_factor_authenticated?Boolean

Returns:

  • (Boolean) 


177
178
179
 
# File 'lib/quo_vadis/controller.rb', line 177

def second_factor_authenticated?
  session.second_factor_authenticated?
end

#second_factor_required?Boolean

Assumes user is logged in.

Returns:

  • (Boolean) 


173
174
175
 
# File 'lib/quo_vadis/controller.rb', line 173

def second_factor_required?
  QuoVadis.two_factor_authentication_mandatory || authenticated_model..has_two_factors?
end

#sessionObject

Returns the current QuoVadis session or nil.



124
125
126
127
 
# File 'lib/quo_vadis/controller.rb', line 124

def session
  return nil unless session_id
  QuoVadis::Session.find_by id: session_id
end

#session_authenticated_with_second_factorObject 



185
186
187
 
# File 'lib/quo_vadis/controller.rb', line 185

def session_authenticated_with_second_factor
  session.authenticated_with_second_factor
end

#session_idObject 



129
130
131
 
# File 'lib/quo_vadis/controller.rb', line 129

def session_id
  cookies.encrypted[QuoVadis.cookie_name]
end

#store_session_id(id, expires_at) ⇒ Object

Store the session id in an encrypted cookie.

Given that the cookie is encrypted, it is safe to store the database primary key of the session rather than a random-value candidate key.

expires_at - the end of the QuoVadis session’s lifetime (regardless of the idle timeout)



139
140
141
142
143
144
145
146
147
 
# File 'lib/quo_vadis/controller.rb', line 139

def store_session_id(id, expires_at)
  cookies.encrypted[QuoVadis.cookie_name] = {
    value:     id,
    httponly:  true,
    secure:    Rails.env.production?,
    same_site: :lax,
    expires:   expires_at  # setting expires_at to nil has the same effect as not setting it
  }
end

#touch_session_last_seen_atObject 



181
182
183
 
# File 'lib/quo_vadis/controller.rb', line 181

def touch_session_last_seen_at
  session&.touch :last_seen_at
end