Module: Koi::Controller::HasWebauthn

Extended by:

ActiveSupport::Concern

Included in:

Admin::CredentialsController, Admin::SessionsController

Defined in:

app/controllers/concerns/koi/controller/has_webauthn.rb

Instance Method Summary

• #webauthn_auth_options ⇒ Object
• #webauthn_authenticate! ⇒ Object
• #webauthn_relying_party ⇒ Object

Instance Method Details

#webauthn_auth_options ⇒ Object

# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 20

def webauthn_auth_options
  options = webauthn_relying_party.options_for_authentication(
    allow: Admin::Credential.pluck(:external_id),
  )
  session[:authentication_challenge] = options.challenge

  options
end

#webauthn_authenticate! ⇒ Object

# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 29

def webauthn_authenticate!
  return if session_params[:response].blank?

  webauthn_credential, stored_credential = webauthn_relying_party.verify_authentication(
    JSON.parse(session_params[:response]),
    session[:authentication_challenge],
  ) do |credential|
    Admin::Credential.find_by!(external_id: credential.id)
  end

  stored_credential.update!(sign_count: webauthn_credential.sign_count)

  stored_credential.admin
end

#webauthn_relying_party ⇒ Object

# File 'app/controllers/concerns/koi/controller/has_webauthn.rb', line 12

def webauthn_relying_party
  @webauthn_relying_party ||=
    WebAuthn::RelyingParty.new(
      name:   "Koi Admin",
      origin: request.base_url,
    )
end