Class: Devise::Strategies::TwoFactorAuthenticatable

Inherits:
DatabaseAuthenticatable
  • Object
show all
Defined in:
lib/rose_quartz/devise/strategies/two_factor_authenticatable.rb

Instance Method Summary collapse

Instance Method Details

#authenticate!Object 



7
8
9
10
11
 
# File 'lib/rose_quartz/devise/strategies/two_factor_authenticatable.rb', line 7

def authenticate!
  resource = password.present? && mapping.to.find_for_database_authentication(authentication_hash)

  super if validate(resource) { authenticated?(resource) }
end

#authenticated?(resource) ⇒ Boolean 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/rose_quartz/devise/strategies/two_factor_authenticatable.rb', line 13

def authenticated?(resource)
  authenticator = RoseQuartz::UserAuthenticator.find_by(user_id: resource.id)
  token = params['otp']

  # Two-factor authentication is disabled
  return true if authenticator.nil?

  # Token is not provided
  return false if token.nil?

  # Token is a valid OTP
  return true if authenticator.authenticate_otp!(token)

  # Token is a valid backup code
  if authenticator.authenticate_backup_code!(token)
    env['rose_quartz.backup_code_used'] = true
    return true
  end

  # Token is not a valid OTP or backup code
  false
end