Module: Devise::Models::OtpAuthenticatable

Extended by:

ActiveSupport::Concern

Defined in:

lib/devise_otp_authenticatable/models/otp_authenticatable.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #clear_otp_fields! ⇒ Object
• #disable_otp! ⇒ Object
• #enable_otp! ⇒ Object
• #generate_otp_challenge!(expires = nil) ⇒ Object
• #next_otp_recovery_tokens(number = self.class.otp_recovery_tokens) ⇒ Object
• #otp_challenge_valid? ⇒ Boolean
• #otp_provisioning_identifier ⇒ Object
• #otp_provisioning_uri ⇒ Object
• #populate_otp_secrets! ⇒ Object
• #recovery_otp ⇒ Object
• #reset_otp_persistence ⇒ Object
• #reset_otp_persistence! ⇒ Object
• #time_based_otp ⇒ Object
• #validate_otp_recovery_token(token) ⇒ Object (also: #valid_otp_recovery_token?)
• #validate_otp_time_token(token) ⇒ Object (also: #valid_otp_time_token?)
• #validate_otp_token(token, recovery = false) ⇒ Object (also: #valid_otp_token?)

Instance Method Details

#clear_otp_fields! ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 54

def clear_otp_fields!
  @time_based_otp = nil
  @recovery_otp = nil

  self.update!(
    :otp_auth_secret => nil,
    :otp_recovery_secret => nil,
    :otp_persistence_seed => nil,
    :otp_session_challenge => nil,
    :otp_challenge_expires => nil,
    :otp_failed_attempts => 0,
    :otp_recovery_counter => 0
  )
end

#disable_otp! ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 73

def disable_otp!
  update!(otp_enabled: false, otp_enabled_on: nil)
end

#enable_otp! ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 69

def enable_otp!
  update!(otp_enabled: true, otp_enabled_on: Time.now)
end

#generate_otp_challenge!(expires = nil) ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 77

def generate_otp_challenge!(expires = nil)
  update!(otp_session_challenge: SecureRandom.hex,
    otp_challenge_expires: DateTime.now + (expires || self.class.otp_authentication_timeout))
  otp_session_challenge
end

#next_otp_recovery_tokens(number = self.class.otp_recovery_tokens) ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 102

def next_otp_recovery_tokens(number = self.class.otp_recovery_tokens)
  (otp_recovery_counter..otp_recovery_counter + number).each_with_object({}) do |index, h|
    h[index] = recovery_otp.at(index)
  end
end

#otp_challenge_valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 83

def otp_challenge_valid?
  (otp_challenge_expires.nil? || otp_challenge_expires > Time.now)
end

#otp_provisioning_identifier ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 33

def otp_provisioning_identifier
  email
end

#otp_provisioning_uri ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 29

def otp_provisioning_uri
  time_based_otp.provisioning_uri(otp_provisioning_identifier)
end

#populate_otp_secrets! ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 46

def populate_otp_secrets!
  if [otp_auth_secret, otp_recovery_secret, otp_persistence_seed].any? { |a| a.blank? }
    generate_otp_auth_secret
    generate_otp_persistence_seed
    self.save!
  end
end

#recovery_otp ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 25

def recovery_otp
  @recovery_otp ||= ROTP::HOTP.new(otp_recovery_secret)
end

#reset_otp_persistence ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 37

def reset_otp_persistence
  generate_otp_persistence_seed
end

#reset_otp_persistence! ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 41

def reset_otp_persistence!
  reset_otp_persistence
  save!
end

#time_based_otp ⇒ Object

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 21

def time_based_otp
  @time_based_otp ||= ROTP::TOTP.new(otp_auth_secret, issuer: (self.class.otp_issuer || Rails.application.class.module_parent_name).to_s)
end

#validate_otp_recovery_token(token) ⇒ Object Also known as: valid_otp_recovery_token?

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 108

def validate_otp_recovery_token(token)
  recovery_otp.verify(token, otp_recovery_counter).tap do
    self.otp_recovery_counter += 1
    save!
  end
end

#validate_otp_time_token(token) ⇒ Object Also known as: valid_otp_time_token?

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 96

def validate_otp_time_token(token)
  return false if token.blank?
  validate_otp_token_with_drift(token)
end

#validate_otp_token(token, recovery = false) ⇒ Object Also known as: valid_otp_token?

# File 'lib/devise_otp_authenticatable/models/otp_authenticatable.rb', line 87

def validate_otp_token(token, recovery = false)
  if recovery
    validate_otp_recovery_token token
  else
    validate_otp_time_token token
  end
end