class Keycard::Authentication::Result

A Result is the central point of information about an authentication attempt. It logs the authentication methods attempted with their statuses and reports the overall status. When authentication is successful, it holds the user/account that was verified.

Attributes

account[R]
log[R]

Public Class Methods

new() click to toggle source
# File lib/keycard/authentication/result.rb, line 13
def initialize
  @account = nil
  @log = []
  @failed = false
  @csrf_safe = false
end

Public Instance Methods

authenticated?() click to toggle source

Has this authentication completed successfully?

# File lib/keycard/authentication/result.rb, line 21
def authenticated?
  !account.nil?
end
csrf_safe?() click to toggle source

Does a completed verification protect from Cross-Site Request Forgery?

This should be true in cases where the client presents authentication that is not automatic, like an authentication token, rather than automatic credentials like cookies or proxy-applied headers.

# File lib/keycard/authentication/result.rb, line 35
def csrf_safe?
  @csrf_safe
end
failed(message) click to toggle source

Log that the authentication method failed; terminate the chain.

@param message [String] a message about how the authentication method failed @return [Boolean] true, indicating that further authentication should not occur

# File lib/keycard/authentication/result.rb, line 52
def failed(message)
  log << "[FAILURE] #{message}"
  @failed = true
end
failed?() click to toggle source

Was there a failure for an attempted authentication method?

# File lib/keycard/authentication/result.rb, line 26
def failed?
  @failed
end
skipped(message) click to toggle source

Log that the authentication method was not applicable; continue the chain.

@param message [String] a message about why the authentication method was skipped @return [Boolean] false, indicating that the authentication method was inconclusive

# File lib/keycard/authentication/result.rb, line 43
def skipped(message)
  log << "[SKIPPED] #{message}"
  false
end
succeeded(account, message, csrf_safe: false) click to toggle source

Log that the authentication method succeeded; terminate the chain.

@param account [User|Account] Object/model representing the authenticated account @param message [String] a message about how the authentication method succeeded @param csrf_safe [Boolean] set to true if this authentication method precludes

Cross-Site Request Forgery, as with a non-cookie token sent with the request

@return [Boolean] true, indicating that further authentication should not occur

# File lib/keycard/authentication/result.rb, line 64
def succeeded(account, message, csrf_safe: false)
  @account = account
  @csrf_safe ||= csrf_safe
  log << "[SUCCESS] #{message}"
  true
end