Class: RailsBase::Users::SessionsController
- Inherits:
-
Devise::SessionsController
- Object
- Devise::SessionsController
- RailsBase::Users::SessionsController
- Defined in:
- app/controllers/rails_base/users/sessions_controller.rb
Instance Method Summary collapse
-
#create ⇒ Object
POST /user/sign_in.
-
#destroy ⇒ Object
DELETE /user/sign_out.
-
#hearbeat_with_auth ⇒ Object
POST /heartbeat.
-
#hearbeat_without_auth ⇒ Object
GET /heartbeat.
-
#new ⇒ Object
GET /user/sign_in.
Instance Method Details
#create ⇒ Object
POST /user/sign_in
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'app/controllers/rails_base/users/sessions_controller.rb', line 14 def create # Warden/Devise will try to sign the user in before we explicitly do # Sign ou the user when this happens so we can sign them back in later sign_out(current_user) if current_user authenticate = RailsBase::Authentication::AuthenticateUser.call(email: params[:user][:email], password: params[:user][:password]) if authenticate.failure? @user = User.new(email: params[:user][:email]) flash[:alert] = authenticate. render template: 'rails_base/devise/sessions/new' return end mfa_decision = RailsBase::Authentication::DecisionTwofaType.call(user: authenticate.user) if mfa_decision.failure? redirect_to RailsBase.url_routes.new_user_session_path, email: params[:user][:email], alert: mfa_decision. return end if mfa_decision.set_mfa_randomized_token session[:mfa_randomized_token] = RailsBase::Authentication::MfaSetEncryptToken.call( user: authenticate.user, expires_at: mfa_decision.token_ttl, purpose: mfa_decision.mfa_purpose, ).encrypted_val end redirect = if mfa_decision.sign_in_user sign_in(authenticate.user) # only referentially redirect when we know the user should sign in redirect_from_reference end redirect ||= mfa_decision.redirect_url logger.info { "Successful sign in: Redirecting to #{redirect}" } redirect_to(redirect, mfa_decision.flash) end |
#destroy ⇒ Object
DELETE /user/sign_out
58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'app/controllers/rails_base/users/sessions_controller.rb', line 58 def destroy session[:mfa_randomized_token] = nil # force the user to sign out sign_out(current_user) reset_session admin_reset_session! flash[:notice] = 'You have been succesfully signed out' redirect_to RailsBase.url_routes.unauthenticated_root_path end |
#hearbeat_with_auth ⇒ Object
POST /heartbeat
78 79 80 |
# File 'app/controllers/rails_base/users/sessions_controller.rb', line 78 def hearbeat_with_auth heartbeat end |
#hearbeat_without_auth ⇒ Object
GET /heartbeat
72 73 74 75 |
# File 'app/controllers/rails_base/users/sessions_controller.rb', line 72 def hearbeat_without_auth skip_capture_reference! heartbeat end |
#new ⇒ Object
GET /user/sign_in
8 9 10 11 |
# File 'app/controllers/rails_base/users/sessions_controller.rb', line 8 def new @user = User.new render template: 'rails_base/devise/sessions/new' end |