Module: Devise::Passkeys::Controllers::Concerns::ReauthenticationChallenge

Extended by:: ActiveSupport::Concern

Defined in:: lib/devise/passkeys/controllers/concerns/reauthentication_challenge.rb

Overview

This concern is responsible for storing the reauthentication challenge in the session.

A reauthentication challenge is a WebAuthn challenge exchange (i.e. authentication) to verify the user's identity and confirm they're able to perform a sensitive action by performing the entire authentication process.

This can be used for scenarios such as:

Adding a new passkey
Deleting a passkey
Performing sensitive actions inside your application

You can customize which reauthentication challenge you're using by changing the passkey_reauthentication_challenge_session_key method after including this concern

Instance Method Summary collapse

#passkey_reauthentication_challenge_session_key ⇒ String
This method is responsible for generating the key that will be used to store the reauthentication challenge in the session hash.
#store_reauthentication_challenge_in_session(options_for_authentication:) ⇒ String
This method is responsible for storing the reauthentication challenge in the session.

Instance Method Details

#passkey_reauthentication_challenge_session_key ⇒ `String`

This method is responsible for generating the key that will be used to store the reauthentication challenge in the session hash.

Returns:

(String) —
The reauthentication challenge session key



30
31
32

# File 'lib/devise/passkeys/controllers/concerns/reauthentication_challenge.rb', line 30

def passkey_reauthentication_challenge_session_key
  "#{resource_name}_current_reauthentication_challenge"
end

#store_reauthentication_challenge_in_session(options_for_authentication:) ⇒ `String`

This method is responsible for storing the reauthentication challenge in the session.

Parameters:

options_for_authentication (WebAuthn::PublicKeyCredential::RequestOptions) —
the options for authentication, generated by webauthn-ruby