Class: RailsBase::Mfa::EncryptToken

Inherits:

ServiceBase

• Object
• ServiceBase
• RailsBase::Mfa::EncryptToken

Defined in:

app/services/rails_base/mfa/encrypt_token.rb

Instance Method Summary

• #call ⇒ Object
• #validate! ⇒ Object
• #value ⇒ Object

Methods inherited from ServiceBase

inherited, #internal_validate, #service_base_logging

Methods included from ServiceLogging

#aletered_message, #class_name, #log, #log_prefix, #logger, #service_id

Instance Method Details

#call ⇒ Object

# File 'app/services/rails_base/mfa/encrypt_token.rb', line 9

def call
  params = {
    value: value,
    purpose: purpose || RailsBase::Authentication::Constants::MSET_PURPOSE,
    expires_at: expires_at
  }

  context.encrypted_val = RailsBase::Encryption.encode(**params)
end

#validate! ⇒ Object

# File 'app/services/rails_base/mfa/encrypt_token.rb', line 27

def validate!
  raise "Expected user to be a User. Received #{user.class}" unless user.is_a? User

  time_class = ActiveSupport::TimeWithZone
  raise "Expected expires_at to be a Received #{time_class}. Received #{expires_at.class}" unless expires_at.is_a? time_class
end

#value ⇒ Object

# File 'app/services/rails_base/mfa/encrypt_token.rb', line 19

def value
  # user_id with the same expires_at will return the same Encryption token
  # to overcome this, do 2 things
  # 1: Rotate the secret on every boot (ensures tplem changes on semi regular basis)
  # 2: Add rand strings to the hash -- Ensures the token is different every time
  { user_id: user.id, rand: rand.to_s, expires_at: expires_at }.to_json
end