Module: PasskeysRails

Extended by:

Forwardable

Defined in:

app/interactors/passkeys_rails/debug_login.rb,
lib/passkeys-rails.rb,
lib/passkeys_rails/engine.rb,
lib/passkeys_rails/railtie.rb,
lib/passkeys_rails/version.rb,
app/models/passkeys_rails/agent.rb,
app/models/passkeys_rails/error.rb,
lib/passkeys_rails/configuration.rb,
app/models/passkeys_rails/passkey.rb,
lib/passkeys_rails/test/integration_helpers.rb,
app/interactors/passkeys_rails/refresh_token.rb,
app/models/passkeys_rails/application_record.rb,
app/interactors/passkeys_rails/debug_register.rb,
app/models/concerns/passkeys_rails/debuggable.rb,
app/interactors/passkeys_rails/begin_challenge.rb,
lib/generators/passkeys_rails/install_generator.rb,
app/interactors/passkeys_rails/begin_registration.rb,
app/controllers/passkeys_rails/passkeys_controller.rb,
app/interactors/passkeys_rails/finish_registration.rb,
app/interactors/passkeys_rails/generate_auth_token.rb,
app/interactors/passkeys_rails/validate_auth_token.rb,
app/models/concerns/passkeys_rails/authenticatable.rb,
app/interactors/passkeys_rails/begin_authentication.rb,
app/interactors/passkeys_rails/finish_authentication.rb,
app/controllers/passkeys_rails/application_controller.rb,
app/controllers/concerns/passkeys_rails/authentication.rb,
app/models/concerns/passkeys_rails/authenticatable_creator.rb

Overview

Finish authentication ceremony

Defined Under Namespace

Modules: Authenticatable, AuthenticatableCreator, Authentication, Debuggable, Generators, Test Classes: Agent, ApplicationController, ApplicationRecord, BeginAuthentication, BeginChallenge, BeginRegistration, Configuration, DebugLogin, DebugRegister, Engine, Error, FinishAuthentication, FinishRegistration, GenerateAuthToken, Passkey, PasskeysController, Railtie, RefreshToken, ValidateAuthToken

Constant Summary

VERSION =

"0.3.2".freeze

Class Method Summary

• .apply_webauthn_configuration(config) ⇒ Object
• .authenticate(request) ⇒ Object

  Returns an Interactor::Context that indicates if the request is authentic.

• .authenticate!(request) ⇒ Object

  Raises a PasskeysRails::Error exception if the request is not authentic.

• .config ⇒ Object
• .debug_login_regex ⇒ Object

  This is only used by the debug_login endpoint.

• .subscribe(event_name) ⇒ Object

  Convenience method to subscribe to various events in PasskeysRails.

Class Method Details

.apply_webauthn_configuration(config) ⇒ Object

# File 'lib/passkeys-rails.rb', line 29

def self.apply_webauthn_configuration(config)
  WebAuthn.configure do |c|
    c.origin = config.wa_origin
    c.rp_name = config.wa_relying_party_name if config.wa_relying_party_name
    c.credential_options_timeout = config.wa_credential_options_timeout if config.wa_credential_options_timeout
    c.rp_id = config.wa_rp_id if config.wa_rp_id
    c.encoding = config.wa_encoding if config.wa_encoding
    c.algorithms = config.wa_algorithms if config.wa_algorithms
    c.algorithms << config.wa_algorithm if config.wa_algorithm
  end
end

.authenticate(request) ⇒ Object

Returns an Interactor::Context that indicates if the request is authentic.

‘request` can be a String on an Http Request

.success? is true if authentic .agent is the Passkey::Agent on success

.failure? is true if failed (just the opposite of .success?) .code is the error code on failure .message is the human readable error message on failure

# File 'lib/passkeys-rails.rb', line 77

def self.authenticate(request)
  auth_token = if request.is_a?(String)
                 request
               elsif request.respond_to?(:headers)
                 request.headers['X-Auth']
               else
                 ""
               end

  PasskeysRails::ValidateAuthToken.call(auth_token:)
end

.authenticate!(request) ⇒ Object

Raises a PasskeysRails::Error exception if the request is not authentic. ‘request` can be a String on an Http Request

Raises:

• (PasskeysRails::Error)

# File 'lib/passkeys-rails.rb', line 91

def self.authenticate!(request)
  auth = authenticate(request)
  return if auth.success?

  raise PasskeysRails::Error.new(:authentication,
                                 code: auth.code,
                                 message: auth.message)
end

.config ⇒ Object

# File 'lib/passkeys-rails.rb', line 18

def config
  @config ||= begin
    config = Configuration.new
    yield(config) if block_given?
    apply_webauthn_configuration(config)

    config
  end
end

.debug_login_regex ⇒ Object

This is only used by the debug_login endpoint. CAUTION: It is very insecure to set DEBUG_LOGIN_REGEX in a production environment.

# File 'lib/passkeys-rails.rb', line 63

def self.debug_login_regex
  ENV['DEBUG_LOGIN_REGEX'].present? ? Regexp.new(ENV['DEBUG_LOGIN_REGEX']) : nil
end

.subscribe(event_name) ⇒ Object

Convenience method to subscribe to various events in PasskeysRails.

Valid events:

:did_register
:did_authenticate
:did_refresh

Each event will include the event name, current agent and http request. For example:

subscribe(:did_register) do |event, agent, request|

# do something with the agent and/or request

end

# File 'lib/passkeys-rails.rb', line 55

def self.subscribe(event_name)
  ActiveSupport::Notifications.subscribe("passkeys_rails.#{event_name}") do |name, _start, _finish, _id, payload|
    yield(name.gsub(/^passkeys_rails\./, ''), payload[:agent], payload[:request]) if block_given?
  end
end