Module: Koi::Controller::HasWebauthn

Extended by:
ActiveSupport::Concern
Included in:
Admin::CredentialsController, Admin::SessionsController
Defined in:
app/controllers/concerns/koi/controller/has_webauthn.rb

Instance Method Summary collapse

Instance Method Details

#webauthn_auth_optionsObject



20
21
22
23
24
25
26
27
# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 20

def webauthn_auth_options
  options = webauthn_relying_party.options_for_authentication(
    allow: Admin::Credential.pluck(:external_id),
  )
  session[:authentication_challenge] = options.challenge

  options
end

#webauthn_authenticate!Object



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 29

def webauthn_authenticate!
  return if session_params[:response].blank?

  webauthn_credential, stored_credential = webauthn_relying_party.verify_authentication(
    JSON.parse(session_params[:response]),
    session[:authentication_challenge],
  ) do |credential|
    Admin::Credential.find_by!(external_id: credential.id)
  end

  stored_credential.update(
    sign_count: webauthn_credential.sign_count,
    updated_at: DateTime.current,
  )

  stored_credential.admin
end

#webauthn_relying_partyObject



12
13
14
15
16
17
18
# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 12

def webauthn_relying_party
  @webauthn_relying_party ||=
    WebAuthn::RelyingParty.new(
      name:   Koi.config.admin_name,
      origin: request.base_url,
    )
end