module DeviseTwoFactorable::Controllers::Helpers
Public Instance Methods
authenticate_scope!()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 7 def authenticate_scope! send(:"authenticate_#{resource_name}!", force: true) self.resource = send("current_#{resource_name}") end
ensure_resource!()
click to toggle source
Sanity check for resource validity
# File lib/devise_two_factorable/controllers/helpers.rb, line 39 def ensure_resource! raise ArgumentError, 'Should not happen' if resource.nil? end
is_otp_trusted_device_for?(resource)
click to toggle source
is the current browser trusted?
# File lib/devise_two_factorable/controllers/helpers.rb, line 67 def is_otp_trusted_device_for?(resource) return false unless resource.class.otp_trust_persistence if cookies[otp_scoped_persistence_cookie].present? cookies.signed[otp_scoped_persistence_cookie] == [resource.to_key, resource.authenticatable_salt, resource.otp_persistence_seed] else false end end
needs_credentials_refresh?(resource)
click to toggle source
check if the resource needs a credentials refresh. IE, they need to be asked a password again to access this resource.
# File lib/devise_two_factorable/controllers/helpers.rb, line 49 def needs_credentials_refresh?(resource) return false unless resource.class.otp_credentials_refresh (!session[otp_scoped_refresh_property].present? || (session[otp_scoped_refresh_property] < DateTime.now)).tap { |need| otp_set_refresh_return_url if need } end
otp_authenticator_token_image(resource)
click to toggle source
returns the URL for the QR Code to initialize the Authenticator device
# File lib/devise_two_factorable/controllers/helpers.rb, line 127 def otp_authenticator_token_image(resource) data = resource.otp_provisioning_uri qrcode = RQRCode::QRCode.new(data, level: :m, mode: :byte_8bit) png = qrcode.as_png(fill: 'white', color: 'black', border_modules: 1, module_px_size: 4) url = "data:image/png;base64,#{Base64.encode64(png.to_s).strip}" image_tag(url, alt: 'OTP Authenticator QRCode') end
otp_clear_trusted_device_for(_resource)
click to toggle source
make the current browser NOT trusted
# File lib/devise_two_factorable/controllers/helpers.rb, line 112 def otp_clear_trusted_device_for(_resource) cookies.delete(otp_scoped_persistence_cookie) end
otp_fetch_refresh_return_url()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 93 def otp_fetch_refresh_return_url session.delete(otp_scoped_refresh_return_url_property) { :root } end
otp_refresh_credentials_for(resource)
click to toggle source
credentials are refreshed
# File lib/devise_two_factorable/controllers/helpers.rb, line 59 def otp_refresh_credentials_for(resource) return false unless resource.class.otp_credentials_refresh session[otp_scoped_refresh_property] = (Time.now + resource.class.otp_credentials_refresh) end
otp_reset_persistence_for(resource)
click to toggle source
clears the persistence list for this kind of resource
# File lib/devise_two_factorable/controllers/helpers.rb, line 119 def otp_reset_persistence_for(resource) otp_clear_trusted_device_for(resource) resource.reset_otp_persistence! end
otp_scoped_refresh_property()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 101 def otp_scoped_refresh_property "otp_#{resource_name}refresh_after".to_sym end
otp_scoped_refresh_return_url_property()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 97 def otp_scoped_refresh_return_url_property "otp_#{resource_name}refresh_return_url".to_sym end
otp_set_flash_message(key, kind, options = {})
click to toggle source
similar to DeviseController#set_flash_message, but sets the scope inside the otp controller
# File lib/devise_two_factorable/controllers/helpers.rb, line 16 def otp_set_flash_message(key, kind, options = {}) options[:scope] ||= "devise.two_factor.#{controller_name}" options[:default] = Array(options[:default]).unshift(kind.to_sym) options[:resource_name] = resource_name options = devise_i18n_options(options) if respond_to?(:devise_i18n_options, true) message = I18n.t("#{options[:resource_name]}.#{kind}", options) flash[key] = message if message.present? end
otp_set_refresh_return_url()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 89 def otp_set_refresh_return_url session[otp_scoped_refresh_return_url_property] = request.fullpath end
otp_set_trusted_device_for(resource)
click to toggle source
make the current browser trusted
# File lib/devise_two_factorable/controllers/helpers.rb, line 80 def otp_set_trusted_device_for(resource) return unless resource.class.otp_trust_persistence cookies.signed[otp_scoped_persistence_cookie] = { httponly: true, expires: Time.now + resource.class.otp_trust_persistence, value: [resource.to_key, resource.authenticatable_salt, resource.otp_persistence_seed] } end
otp_t()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 25 def otp_t end
recovery_enabled?()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 32 def recovery_enabled? resource_class.otp_recovery_tokens && (resource_class.otp_recovery_tokens > 0) end
trusted_devices_enabled?()
click to toggle source
# File lib/devise_two_factorable/controllers/helpers.rb, line 28 def trusted_devices_enabled? resource.class.otp_trust_persistence && (resource.class.otp_trust_persistence > 0) end