Module: Devise::Models::TwoFactorAuthenticatable::InstanceMethodsOnActivation

Defined in:

lib/two_factor_authentication/models/two_factor_authenticatable.rb

Instance Method Summary

• #authenticate_direct_otp(code) ⇒ Object
• #authenticate_otp(code, options = {}) ⇒ Object
• #authenticate_totp(code, options = {}) ⇒ Object
• #confirm_totp_secret(secret, code, options = {}) ⇒ Object
• #create_direct_otp(options = {}) ⇒ Object
• #generate_totp_secret ⇒ Object
• #max_login_attempts ⇒ Object
• #max_login_attempts? ⇒ Boolean
• #need_two_factor_authentication?(request) ⇒ Boolean
• #provisioning_uri(account = nil, options = {}) ⇒ Object
• #send_new_otp(options = {}) ⇒ Object
• #send_new_otp_after_login? ⇒ Boolean
• #send_two_factor_authentication_code(code) ⇒ Object
• #totp_enabled? ⇒ Boolean

Instance Method Details

#authenticate_direct_otp(code) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 30

def authenticate_direct_otp(code)
  return false if direct_otp.nil? || direct_otp != code || direct_otp_expired?
  clear_direct_otp
  true
end

#authenticate_otp(code, options = {}) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 24

def authenticate_otp(code, options = {})
  return true if direct_otp && authenticate_direct_otp(code)
  return true if totp_enabled? && authenticate_totp(code, options)
  false
end

#authenticate_totp(code, options = {}) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 36

def authenticate_totp(code, options = {})
  totp_secret = options[:otp_secret_key] || otp_secret_key
  digits = options[:otp_length] || self.class.otp_length
  drift = options[:drift] || self.class.allowed_otp_drift_seconds
  raise "authenticate_totp called with no otp_secret_key set" if totp_secret.nil?
  totp = ROTP::TOTP.new(totp_secret, digits: digits)
  new_timestamp = totp.verify_with_drift_and_prior(code, drift, totp_timestamp)
  return false unless new_timestamp
  self.totp_timestamp = new_timestamp
  true
end

#confirm_totp_secret(secret, code, options = {}) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 85

def confirm_totp_secret(secret, code, options = {})
  return false unless authenticate_totp(code, {otp_secret_key: secret})
  self.otp_secret_key = secret
  true
end

#create_direct_otp(options = {}) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 95

def create_direct_otp(options = {})
  # Create a new random OTP and store it in the database
  digits = options[:length] || self.class.direct_otp_length || 6
  update_attributes(
    direct_otp: random_base10(digits),
    direct_otp_sent_at: Time.now.utc
  )
end

#generate_totp_secret ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 91

def generate_totp_secret
  ROTP::Base32.random_base32
end

#max_login_attempts ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 77

def max_login_attempts
  self.class.max_login_attempts
end

#max_login_attempts? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 73

def max_login_attempts?
  second_factor_attempts_count.to_i >= max_login_attempts.to_i
end

#need_two_factor_authentication?(request) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 56

def need_two_factor_authentication?(request)
  true
end

#provisioning_uri(account = nil, options = {}) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 48

def provisioning_uri(account = nil, options = {})
  totp_secret = options[:otp_secret_key] || otp_secret_key
  options[:digits] ||= options[:otp_length] || self.class.otp_length
  raise "provisioning_uri called with no otp_secret_key set" if totp_secret.nil?
  account ||= email if respond_to?(:email)
  ROTP::TOTP.new(totp_secret, options).provisioning_uri(account)
end

#send_new_otp(options = {}) ⇒ Object

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 60

def send_new_otp(options = {})
  create_direct_otp options
  send_two_factor_authentication_code(direct_otp)
end

#send_new_otp_after_login? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 65

def send_new_otp_after_login?
  !totp_enabled?
end

#send_two_factor_authentication_code(code) ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 69

def send_two_factor_authentication_code(code)
  raise NotImplementedError.new("No default implementation - please define in your class.")
end

#totp_enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/two_factor_authentication/models/two_factor_authenticatable.rb', line 81

def totp_enabled?
  respond_to?(:otp_secret_key) && !otp_secret_key.nil?
end