Class: RailsBase::Users::SessionsController

Inherits:

Devise::SessionsController

• Object
• Devise::SessionsController
• RailsBase::Users::SessionsController

Defined in:

app/controllers/rails_base/users/sessions_controller.rb

Instance Method Summary

• #create ⇒ Object

  POST /user/sign_in.

• #destroy ⇒ Object

  DELETE /user/sign_out.

• #hearbeat_with_auth ⇒ Object

  POST /heartbeat.

• #hearbeat_without_auth ⇒ Object

  GET /heartbeat.

• #new ⇒ Object

  GET /user/sign_in.

Instance Method Details

#create ⇒ Object

POST /user/sign_in

# File 'app/controllers/rails_base/users/sessions_controller.rb', line 16

def create
  # Warden/Devise will try to sign the user in before we explicitly do
  # Sign out the user when this happens so we can sign them back in later
  sign_out(current_user) if current_user

  authenticate = RailsBase::Authentication::AuthenticateUser.call(email: params[:user][:email], password: params[:user][:password])

  if authenticate.failure?
    @user = User.new(email: params[:user][:email])
    flash[:alert] = authenticate.message
    render template: 'rails_base/devise/sessions/new'
    return
  end

  mfa_decision = RailsBase::Authentication::DecisionTwofaType.call(user: authenticate.user)
  if mfa_decision.failure?
    redirect_to RailsBase.url_routes.new_user_session_path, email: params[:user][:email], alert: mfa_decision.message
    return
  end

  if mfa_decision.set_mfa_randomized_token
    session[:mfa_randomized_token] =
      RailsBase::Mfa::EncryptToken.call(
        user: authenticate.user,
        expires_at: mfa_decision.token_ttl,
        purpose: mfa_decision.mfa_purpose,
      ).encrypted_val
  end

  if mfa_decision.sign_in_user
    sign_in(authenticate.user)
    if mfa_decision.add_mfa_button
      RailsBase::RequestLink.add(link: RailsBase.url_routes.user_settings_path(openmfa: true), text: "Enable MFA")
    end

    # only referentially redirect when we know the user should sign in
    redirect_to(redirect_from_reference || RailsBase.url_routes.authenticated_root_path, mfa_decision.flash)
    return
  end

  ####
  # User needs MFA
  ####
  add_mfa_event_to_session(event: RailsBase::MfaEvent.login_event(user: authenticate.user))
  redirect_to(mfa_decision.redirect_url, mfa_decision.flash)
end

#destroy ⇒ Object

DELETE /user/sign_out

# File 'app/controllers/rails_base/users/sessions_controller.rb', line 64

def destroy
  session[:mfa_randomized_token] = nil

  # force the user to sign out
  sign_out(current_user)
  reset_session

  admin_reset_session!

  flash[:notice] = 'You have been succesfully signed out'
  redirect_to RailsBase.url_routes.unauthenticated_root_path
end

#hearbeat_with_auth ⇒ Object

POST /heartbeat

# File 'app/controllers/rails_base/users/sessions_controller.rb', line 84

def hearbeat_with_auth
  heartbeat
end

#hearbeat_without_auth ⇒ Object

GET /heartbeat

# File 'app/controllers/rails_base/users/sessions_controller.rb', line 78

def hearbeat_without_auth
  skip_capture_reference!
  heartbeat
end

#new ⇒ Object

GET /user/sign_in

# File 'app/controllers/rails_base/users/sessions_controller.rb', line 10

def new
  @user = User.new
  render template: 'rails_base/devise/sessions/new'
end