Class: Admin::CredentialsController
Instance Method Summary
collapse
#webauthn_auth_options, #webauthn_authenticate!, #webauthn_relying_party
Instance Method Details
#create ⇒ Object
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
# File 'app/controllers/admin/credentials_controller.rb', line 30
def create
redirect_to(action: :new) if session[:creation_challenge].blank?
webauthn_credential = webauthn_relying_party.verify_registration(
JSON.parse(credential_params[:response]),
session.delete(:creation_challenge),
)
credential = @admin_user.credentials.find_or_initialize_by(
external_id: webauthn_credential.id,
)
credential.update!(
nickname: credential_params[:nickname],
public_key: webauthn_credential.public_key,
sign_count: webauthn_credential.sign_count,
)
respond_to do |format|
format.html { redirect_to admin_admin_user_path(@admin_user), status: :see_other }
format.turbo_stream { render locals: { admin: @admin_user } }
end
end
|
#destroy ⇒ Object
54
55
56
57
58
59
60
61
62
|
# File 'app/controllers/admin/credentials_controller.rb', line 54
def destroy
credential = @admin_user.credentials.find(params[:id])
credential.destroy!
respond_to do |format|
format.html { redirect_to admin_admin_user_path(@admin_user), status: :see_other }
format.turbo_stream { render locals: { admin: @admin_user } }
end
end
|
#new ⇒ Object
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# File 'app/controllers/admin/credentials_controller.rb', line 9
def new
unless @admin_user.webauthn_id
@admin_user.update!(webauthn_id: WebAuthn.generate_user_id)
end
options = webauthn_relying_party.options_for_registration(
user: {
id: @admin_user.webauthn_id,
name: @admin_user.email,
display_name: @admin_user.to_s,
},
exclude: @admin_user.credentials.map(&:external_id),
)
session[:creation_challenge] = options.challenge
render :new, locals: { admin: @admin_user, options: }
end
|