Class: RailsBase::Authentication::DecisionTwofaType
- Inherits:
-
ServiceBase
- Object
- ServiceBase
- RailsBase::Authentication::DecisionTwofaType
show all
- Includes:
- ActionView::Helpers::DateHelper
- Defined in:
- app/services/rails_base/authentication/decision_twofa_type.rb
Instance Method Summary
collapse
Methods inherited from ServiceBase
inherited, #internal_validate, #service_base_logging
#aletered_message, #class_name, #log, #log_prefix, #logger, #service_id
Instance Method Details
#call ⇒ Object
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 7
def call
context.set_mfa_randomized_token = false
context.sign_in_user = false
mfa_decision =
if user.email_validated
if RailsBase.config.mfa.enable? && user.mfa_enabled
mfa_enabled_context!
else
sign_in_user_context!
context.flash = { notice: "Welcome. You have succesfully signed in. We suggest enabling 2fa authentication to secure your account" }
nil
end
else
validate_email_context!
end
if mfa_decision && mfa_decision.failure?
log(level: :error, msg: "Service error bubbled up. Failing with: #{mfa_decision.message}")
context.fail!(message: mfa_decision.message)
end
log(level: :info, msg: "User #{user.id}: redirect_url: #{context.redirect_url}, sign_in_user: #{context.sign_in_user}, flash: #{context.flash}")
end
|
#mfa_enabled_context! ⇒ Object
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 51
def mfa_enabled_context!
if user.past_mfa_time_duration?
log(level: :warn, msg: "User needs to go through mfa flow. #{user.last_mfa_login} < #{User.time_bound}")
context.redirect_url = Constants::URL_HELPER.mfa_code_path
context.set_mfa_randomized_token = true
context.mfa_purpose = nil context.flash = { notice: "Please check your mobile device. We sent an SMS for 2fa verification" }
result = SendLoginMfaToUser.call(user: user)
context.token_ttl = result.short_lived_data.death_time if result.success?
result
else
sign_in_user_context!
mfa_free_words = distance_of_time_in_words(user.last_mfa_login, User.time_bound)
context.flash = { notice: "Welcome. You have succesfully signed in. You will be mfa free for another #{mfa_free_words}" }
log(level: :info, msg: "User is mfa free for another #{mfa_free_words}")
nil
end
end
|
#sign_in_user_context! ⇒ Object
45
46
47
48
49
|
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 45
def sign_in_user_context!
log(level: :warn, msg: "Will log in user #{user.id} and bypass 2fa")
context.redirect_url = Constants::URL_HELPER.authenticated_root_path
context.sign_in_user = true
end
|
#validate! ⇒ Object
72
73
74
|
# File 'app/services/rails_base/authentication/decision_twofa_type.rb', line 72
def validate!
raise "Expected user to be a User. Received #{user.class}" unless user.is_a? User
end
|
#validate_email_context! ⇒ Object