Class: CASino::SessionsController

Inherits:
ApplicationController show all
Includes:
AuthenticationProcessor, SessionsHelper, TwoFactorAuthenticatorProcessor
Defined in:
app/controllers/casino/sessions_controller.rb

Constant Summary

Constants included from ServiceTicketProcessor

CASino::ServiceTicketProcessor::RESERVED_CAS_PARAMETER_KEYS

Instance Method Summary collapse

Methods included from TwoFactorAuthenticatorProcessor

#validate_one_time_password

Methods included from AuthenticationProcessor

#authenticators, #load_user_data, #validate_login_credentials

Methods included from SessionsHelper

#create_login_attempt, #current_ticket_granting_ticket, #current_ticket_granting_ticket?, #current_user, #ensure_signed_in, #log_failed_login, #set_tgt_cookie, #sign_in, #sign_out, #signed_in?

Methods included from ServiceTicketProcessor

#acquire_service_ticket, #clean_service_url, #service_allowed?, #ticket_valid_for_service?, #validate_ticket_for_service

Methods included from TicketGrantingTicketProcessor

#acquire_ticket_granting_ticket, #cleanup_expired_ticket_granting_tickets, #find_valid_ticket_granting_ticket, #load_or_initialize_user, #remove_ticket_granting_ticket

Methods included from BrowserProcessor

#browser_info, #same_browser?

Methods inherited from ApplicationController

#cookies

Instance Method Details

#createObject


23
24
25
26
27
28
29
30
31
# File 'app/controllers/casino/sessions_controller.rb', line 23

def create
  validation_result = (params[:username], params[:password])
  if !validation_result
     params[:username]
     I18n.t('login_credential_acceptor.invalid_login_credentials')
  else
    (validation_result, long_term: params[:rememberMe], credentials_supplied: true)
  end
end

#destroyObject


33
34
35
36
37
# File 'app/controllers/casino/sessions_controller.rb', line 33

def destroy
  tickets = current_user.ticket_granting_tickets.where(id: params[:id])
  tickets.first.destroy if tickets.any?
  redirect_to sessions_path
end

#destroy_othersObject


39
40
41
42
43
44
45
# File 'app/controllers/casino/sessions_controller.rb', line 39

def destroy_others
  current_user
    .ticket_granting_tickets
    .where('id != ?', current_ticket_granting_ticket.id)
    .destroy_all if signed_in?
  redirect_to params[:service] || sessions_path
end

#indexObject


11
12
13
14
15
# File 'app/controllers/casino/sessions_controller.rb', line 11

def index
  @ticket_granting_tickets = current_user.ticket_granting_tickets.active
  @two_factor_authenticators = current_user.two_factor_authenticators.active
  @login_attempts = current_user..order(created_at: :desc).first(5)
end

#logoutObject


47
48
49
50
51
52
53
# File 'app/controllers/casino/sessions_controller.rb', line 47

def logout
  sign_out
  @url = params[:url]
  if params[:service].present? && service_allowed?(params[:service])
    redirect_to params[:service], status: :see_other
  end
end

#newObject


17
18
19
20
21
# File 'app/controllers/casino/sessions_controller.rb', line 17

def new
  tgt = current_ticket_granting_ticket
  return handle_signed_in(tgt) unless params[:renew] || tgt.nil?
  redirect_to(params[:service]) if params[:gateway] && params[:service].present?
end

#validate_otpObject


55
56
57
58
59
60
61
# File 'app/controllers/casino/sessions_controller.rb', line 55

def validate_otp
  validation_result = validate_one_time_password(params[:otp], @ticket_granting_ticket.user.active_two_factor_authenticator)
  return flash.now[:error] = I18n.t('validate_otp.invalid_otp') unless validation_result.success?
  @ticket_granting_ticket.update_attribute(:awaiting_two_factor_authentication, false)
  set_tgt_cookie(@ticket_granting_ticket)
  handle_signed_in(@ticket_granting_ticket)
end