23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# File 'app/controllers/munificent/admin/otp_controller.rb', line 23
def verify
otp_secret = current_user.otp_secret || session[:otp_secret]
raise "Missing OTP secret" if otp_secret.blank?
totp = ROTP::TOTP.new(otp_secret, issuer: ENV.fetch("OTP_ISSUER", nil), after: current_user.last_otp_at)
if totp.verify(params[:otp_code], drift_behind: 3)
current_user.otp_secret ||= session[:otp_secret]
current_user.update(last_otp_at: (session[:last_otp_at] = Time.zone.now))
session[:otp_secret] = nil
redirect_to root_path
elsif current_user.has_2sv?
redirect_to otp_input_path
else
redirect_to otp_setup_path
end
end
|