Module: Devise::Models::YubikeyDatabaseAuthenticatable

Extended by:

ActiveSupport::Concern

Defined in:

lib/devise_yubikey_database_authenticatable/model.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #after_database_authentication ⇒ Object
• #authenticatable_salt ⇒ Object

  A reliable way to expose the salt regardless of the implementation.

• #clean_up_passwords ⇒ Object

  Set password and password confirmation to nil.

• #password=(new_password) ⇒ Object

  Generates password encryption based on the given value.

• #update_with_password(params = {}) ⇒ Object

  Update record attributes when :current_password matches, otherwise returns error on :current_password.

• #valid_password?(password) ⇒ Boolean

  Verifies whether an password (ie from sign in) is the user password.

• #validate_yubikey(yubiotp) ⇒ Object

Instance Method Details

#after_database_authentication ⇒ Object

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 70

def after_database_authentication
end

#authenticatable_salt ⇒ Object

A reliable way to expose the salt regardless of the implementation.

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 74

def authenticatable_salt
  self.encrypted_password[0,29] if self.encrypted_password
end

#clean_up_passwords ⇒ Object

Set password and password confirmation to nil

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 43

def clean_up_passwords
  self.password = self.password_confirmation = ""
end

#password=(new_password) ⇒ Object

Generates password encryption based on the given value.

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 29

def password=(new_password)
  @password = new_password
  self.encrypted_password = password_digest(@password) if @password.present?
end

#update_with_password(params = {}) ⇒ Object

Update record attributes when :current_password matches, otherwise returns error on :current_password. It also automatically rejects :password and :password_confirmation if they are blank.

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 50

def update_with_password(params={})
  current_password = params.delete(:current_password)

  if params[:password].blank?
    params.delete(:password)
    params.delete(:password_confirmation) if params[:password_confirmation].blank?
  end

  result = if valid_password?(current_password)
    update_attributes(params)
  else
    self.errors.add(:current_password, current_password.blank? ? :blank : :invalid)
    self.attributes = params
    false
  end

  clean_up_passwords
  result
end

#valid_password?(password) ⇒ Boolean

Verifies whether an password (ie from sign in) is the user password.

Returns:

• (Boolean)

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 35

def valid_password?(password)
  return false if encrypted_password.blank?
  bcrypt   = ::BCrypt::Password.new(self.encrypted_password)
  password = ::BCrypt::Engine.hash_secret("#{password}#{self.class.pepper}", bcrypt.salt)
  Devise.secure_compare(password, self.encrypted_password)
end

#validate_yubikey(yubiotp) ⇒ Object

# File 'lib/devise_yubikey_database_authenticatable/model.rb', line 14

def validate_yubikey(yubiotp)
  begin
    otp = Yubikey::OTP::Verify.new(:otp => yubiotp, :api_id => Devise.yubikey_api_id, :api_key => Devise.yubikey_api_key)
  
    if otp.valid?
      return true
    else
      return false
    end
  rescue Yubikey::OTP::InvalidOTPError 
    return false
  end
end