Class: RailsBase::Authentication::VerifyForgotPassword

Inherits:
ServiceBase
  • Object
show all
Defined in:
app/services/rails_base/authentication/verify_forgot_password.rb

Instance Method Summary collapse

Methods inherited from ServiceBase

inherited, #internal_validate, #service_base_logging

Methods included from ServiceLogging

#aletered_message, #class_name, #log, #log_prefix, #logger, #service_id

Instance Method Details

#callObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 5

def call
  mfa_flow = false
  data_point = short_lived_data
  validate_datum?(data_point)

  log(level: :info, msg: "Validated user 2fa email #{data_point[:user].full_name}")
  context.user = data_point[:user]
  context.encrypted_val =
    MfaSetEncryptToken.call(user: data_point[:user], expires_at: Time.zone.now + 10.minutes, purpose: Constants::VFP_PURPOSE).encrypted_val
  return unless data_point[:user].mfa_enabled

  result = SendLoginMfaToUser.call(user: data_point[:user], expires_at: Time.zone.now + 10.minutes)
  if result.failure?
    log(level: :warn, msg: "Attempted to send MFA to user from #{self.class.name}: Exiting with #{result.message}")
    context.fail!(message: result.message, redirect_url: Constants::URL_HELPER.new_user_password_path, level: :warn)
  end
  context.mfa_flow = true
end

#short_lived_dataObject 



38
39
40
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 38

def short_lived_data
  ShortLivedData.find_datum(data: data, reason: Constants::VFP_REASON)
end

#validate!Object 



42
43
44
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 42

def validate!
  raise "Expected data to be a String. Received #{data.class}" unless data.is_a? String
end

#validate_datum?(datum) ⇒ Boolean

Returns:

  • (Boolean) 


24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 24

def validate_datum?(datum)
  return true if datum[:valid]

  if datum[:found]
    msg = "Errors with email validation: #{datum[:invalid_reason].join(", ")}. Please go through forget password flow again."
    log(level: :warn, msg: msg)
    context.fail!(message: msg, redirect_url: Constants::URL_HELPER.new_user_password_path, level: :warn)
  end

  log(level: :warn, msg: "Could not find MFA code. Incorrect MFA code. User is doing something fishy.")

  context.fail!(message: Constants::MV_FISHY, redirect_url: Constants::URL_HELPER.authenticated_root_path, level: :warn)
end