Class: RailsBase::Authentication::VerifyForgotPassword

Inherits:
ServiceBase
  • Object
show all
Defined in:
app/services/rails_base/authentication/verify_forgot_password.rb

Instance Method Summary collapse

Methods inherited from ServiceBase

inherited, #internal_validate, #service_base_logging

Methods included from ServiceLogging

#aletered_message, #class_name, #log, #log_prefix, #logger, #service_id

Instance Method Details

#callObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 5

def call
	mfa_flow = false
	data_point = short_lived_data
	validate_datum?(data_point)

	log(level: :info, msg: "Validated user 2fa email #{data_point[:user].full_name}")
	context.user = data_point[:user]
	context.encrypted_val =
		MfaSetEncryptToken.call(user: data_point[:user], expires_at: Time.zone.now + 10.minutes, purpose: Constants::VFP_PURPOSE).encrypted_val
	return unless data_point[:user].mfa_enabled

	result = SendLoginMfaToUser.call(user: data_point[:user], expires_at: Time.zone.now + 10.minutes)
	if result.failure?
		log(level: :warn, msg: "Attempted to send MFA to user from #{self.class.name}: Exiting with #{result.message}")
		context.fail!(message: result.message, redirect_url: Constants::URL_HELPER.new_user_password_path, level: :warn)
	end
	context.mfa_flow = true
end

#short_lived_dataObject 



38
39
40
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 38

def short_lived_data
	ShortLivedData.find_datum(data: data, reason: Constants::VFP_REASON)
end

#validate!Object 



42
43
44
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 42

def validate!
	raise "Expected data to be a String. Received #{data.class}" unless data.is_a? String
end

#validate_datum?(datum) ⇒ Boolean

Returns:

  • (Boolean) 


24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'app/services/rails_base/authentication/verify_forgot_password.rb', line 24

def validate_datum?(datum)
	return true if datum[:valid]

	if datum[:found]
		msg = "Errors with email validation: #{datum[:invalid_reason].join(", ")}. Please go through forget password flow again."
		log(level: :warn, msg: msg)
		context.fail!(message: msg, redirect_url: Constants::URL_HELPER.new_user_password_path, level: :warn)
	end

	log(level: :warn, msg: "Could not find MFA code. Incorrect MFA code. User is doing something fishy.")

	context.fail!(message: Constants::MV_FISHY, redirect_url: Constants::URL_HELPER.authenticated_root_path, level: :warn)
end