Class: RailsBase::Authentication::DecisionTwofaType

Inherits:
ServiceBase
  • Object
show all
Includes:
ActionView::Helpers::DateHelper
Defined in:
app/services/rails_base/authentication/decision_twofa_type.rb

Instance Method Summary collapse

Methods inherited from ServiceBase

inherited, #internal_validate, #service_base_logging

Methods included from ServiceLogging

#aletered_message, #class_name, #log, #log_prefix, #logger, #service_id

Instance Method Details

#callObject 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 7

def call
	# default return values
	context.set_mfa_randomized_token = false
	context. = false

	mfa_decision =
		if user.email_validated
			if RailsBase.config.mfa.enable? && user.mfa_enabled
				mfa_enabled_context!
			else
				# user has signed up and validated email
				# user does not have mfa enabled
				
				context.flash = { notice: "Welcome. You have succesfully signed in. We suggest enabling 2fa authentication to secure your account" }
				nil
			end
		else
			validate_email_context!
		end

	if mfa_decision && mfa_decision.failure?
		log(level: :error, msg: "Service error bubbled up. Failing with: #{mfa_decision.message}")
		context.fail!(message: mfa_decision.message)
	end

	log(level: :info, msg: "User #{user.id}: redirect_url: #{context.redirect_url}, sign_in_user: #{context.}, flash: #{context.flash}")
end

#mfa_enabled_context!Object 



51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 51

def mfa_enabled_context!
	if user.past_mfa_time_duration?
		# user has signed up and validated email
		# user has mfa enabled
		log(level: :warn, msg: "User needs to go through mfa flow. #{user.} < #{User.time_bound}")
		context.redirect_url = Constants::URL_HELPER.mfa_code_path
		context.set_mfa_randomized_token = true
		context.mfa_purpose = nil # use default
		context.flash = { notice: "Please check your mobile device. We sent an SMS for 2fa verification" }
		result = SendLoginMfaToUser.call(user: user)
		context.token_ttl = result.short_lived_data.death_time if result.success?
		result
	else
		
		mfa_free_words = distance_of_time_in_words(user., User.time_bound)
		context.flash = { notice: "Welcome. You have succesfully signed in. You will be mfa free for another #{mfa_free_words}" }
		log(level: :info, msg: "User is mfa free for another #{mfa_free_words}")
		nil
	end
end

#sign_in_user_context!Object 



45
46
47
48
49
 
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 45

def 
	log(level: :warn, msg: "Will log in user #{user.id} and bypass 2fa")
	context.redirect_url = Constants::URL_HELPER.authenticated_root_path
	context. = true
end

#validate!Object 



72
73
74
 
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 72

def validate!
	raise "Expected user to be a User. Received #{user.class}" unless user.is_a? User
end

#validate_email_context!Object 



35
36
37
38
39
40
41
42
43
 
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 35

def validate_email_context!
	# user has signed up but have not validated their email
	context.redirect_url = Constants::URL_HELPER.auth_static_path
	context.set_mfa_randomized_token = true
	context.mfa_purpose = Constants::SSOVE_PURPOSE
	context.flash = { notice: Constants::STATIC_WAIT_FLASH }
	context.token_ttl = Time.zone.now + 5.minutes
	SendVerificationEmail.call(user: user, reason: Constants::SVE_LOGIN_REASON)
end