Class: Munificent::Admin::OTPController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- Munificent::Admin::OTPController
- Defined in:
- app/controllers/munificent/admin/otp_controller.rb
Instance Method Summary collapse
Instance Method Details
permalink #input ⇒ Object
[View source]
14 |
# File 'app/controllers/munificent/admin/otp_controller.rb', line 14 def input; end |
permalink #setup ⇒ Object
[View source]
16 17 18 19 20 21 |
# File 'app/controllers/munificent/admin/otp_controller.rb', line 16 def setup session[:otp_secret] = ROTP::Base32.random totp = ROTP::TOTP.new(session[:otp_secret], issuer: ENV.fetch("OTP_ISSUER", nil)) @otp_url = totp.provisioning_uri(current_user.email_address) @qr_code = RQRCode::QRCode.new(@otp_url).as_svg(standalone: false, module_size: 5) end |
permalink #verify ⇒ Object
[View source]
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
# File 'app/controllers/munificent/admin/otp_controller.rb', line 23 def verify otp_secret = current_user.otp_secret || session[:otp_secret] raise "Missing OTP secret" if otp_secret.blank? totp = ROTP::TOTP.new(otp_secret, issuer: ENV.fetch("OTP_ISSUER", nil), after: current_user.last_otp_at) if totp.verify(params[:otp_code], drift_behind: 3) current_user.otp_secret ||= session[:otp_secret] current_user.update(last_otp_at: (session[:last_otp_at] = Time.zone.now)) session[:otp_secret] = nil redirect_to root_path elsif current_user.has_2sv? redirect_to otp_input_path else redirect_to otp_setup_path end end |