Class: Devise::Strategies::PasskeyAuthenticatable

Inherits:

Authenticatable

• Object
• Authenticatable
• Devise::Strategies::PasskeyAuthenticatable

Includes:

Warden::WebAuthn::StrategyHelpers

Defined in:

lib/devise/passkeys/strategy.rb

Direct Known Subclasses

PasskeyReauthentication

Instance Method Summary

• #authenticate! ⇒ Object
• #authentication_challenge_key ⇒ Object
• #credential_finder ⇒ Object
• #raw_credential ⇒ Object
• #record_passkey_use(passkey:) ⇒ Object
• #store? ⇒ Boolean
• #valid? ⇒ Boolean

Instance Method Details

#authenticate! ⇒ Object

# File 'lib/devise/passkeys/strategy.rb', line 24

def authenticate!
  passkey = verify_authentication_and_find_stored_credential

  return if passkey.nil?

  resource = mapping.to.find_for_passkey(passkey)

  return fail(:invalid_passkey) unless resource

  if validate(resource)
    remember_me(resource)
    resource.after_passkey_authentication(passkey: passkey)
    record_passkey_use(passkey: passkey)
    success!(resource)
    return
  end

  # In paranoid mode, fail with a generic invalid error
  Devise.paranoid ? fail(:invalid_passkey) : fail(:not_found_in_database)
end

#authentication_challenge_key ⇒ Object

# File 'lib/devise/passkeys/strategy.rb', line 53

def authentication_challenge_key
  "#{mapping.singular}_current_webauthn_authentication_challenge"
end

#credential_finder ⇒ Object

# File 'lib/devise/passkeys/strategy.rb', line 45

def credential_finder
  Devise::Passkeys::PasskeyIssuer::CredentialFinder.new(resource_class: mapping.to)
end

#raw_credential ⇒ Object

# File 'lib/devise/passkeys/strategy.rb', line 49

def raw_credential
  params.dig(mapping.singular, :passkey_credential)
end

#record_passkey_use(passkey:) ⇒ Object

# File 'lib/devise/passkeys/strategy.rb', line 57

def record_passkey_use(passkey:)
  passkey.update_attribute(:last_used_at, Time.current)
end

#store? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise/passkeys/strategy.rb', line 11

def store?
  super && !mapping.to.skip_session_storage.include?(:passkey_auth)
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise/passkeys/strategy.rb', line 15

def valid?
  return true unless parsed_credential.nil?

  # rubocop:disable Lint/UnreachableCode
  fail(:credential_missing_or_could_not_be_parsed)
  false
  # rubocop:enable Lint/UnreachableCode
end