class RoseQuartz::UserAuthenticator
Public Instance Methods
authenticate_backup_code!(token)
click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 26 def authenticate_backup_code!(token) if token == backup_code reset_backup_code! true else false end end
authenticate_otp!(token)
click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 15 def authenticate_otp!(token) authenticated_at = totp.verify_with_drift_and_prior( token, RoseQuartz.configuration.time_drift, last_authenticated_at) if authenticated_at update_columns last_authenticated_at: authenticated_at if persisted? true else false end end
provisioning_uri()
click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 43 def provisioning_uri totp.provisioning_uri(user.send(RoseQuartz.configuration.user_identifier)) end
reset_backup_code!()
click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 35 def reset_backup_code! update_columns backup_code: generate_backup_code end
set_secret_and_backup_code()
click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 10 def set_secret_and_backup_code self.secret ||= ROTP::Base32.random_base32 self.backup_code ||= generate_backup_code end
totp()
click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 39 def totp @authenticator ||= ROTP::TOTP.new(secret, issuer: RoseQuartz.configuration.issuer) end
Private Instance Methods
generate_backup_code()
click to toggle source
Four groups of 4-character base32 strings joined by dashes, e.g. “gs3w-ntpt-hrse-v23t”
# File lib/rose_quartz/user_authenticator.rb, line 52 def generate_backup_code ROTP::Base32.random_base32(16).scan(/.{1,4}/).join('-') end