Module: CASino::TwoFactorAuthenticatorProcessor

Extended by:
ActiveSupport::Concern
Included in:
SessionsController, TwoFactorAuthenticatorsController
Defined in:
app/processors/casino/two_factor_authenticator_processor.rb

Instance Method Summary collapse

Instance Method Details

#validate_one_time_password(otp, authenticator) ⇒ Object


6
7
8
9
10
11
12
13
14
15
16
17
# File 'app/processors/casino/two_factor_authenticator_processor.rb', line 6

def validate_one_time_password(otp, authenticator)
  if authenticator.nil? || authenticator.expired?
    CASino::ValidationResult.new 'INVALID_AUTHENTICATOR', 'Authenticator does not exist or expired', :warn
  else
    totp = ROTP::TOTP.new(authenticator.secret)
    if totp.verify_with_drift(otp, CASino.config.two_factor_authenticator[:drift])
      CASino::ValidationResult.new
    else
      CASino::ValidationResult.new 'INVALID_OTP', 'One-time password not valid', :warn
    end
  end
end