class RoseQuartz::UserAuthenticator

Public Instance Methods

authenticate_backup_code!(token) click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 26
def authenticate_backup_code!(token)
  if token == backup_code
    reset_backup_code!
    true
  else
    false
  end
end
authenticate_otp!(token) click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 15
def authenticate_otp!(token)
  authenticated_at = totp.verify_with_drift_and_prior(
      token, RoseQuartz.configuration.time_drift, last_authenticated_at)
  if authenticated_at
    update_columns last_authenticated_at: authenticated_at if persisted?
    true
  else
    false
  end
end
provisioning_uri() click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 43
def provisioning_uri
  totp.provisioning_uri(user.send(RoseQuartz.configuration.user_identifier))
end
reset_backup_code!() click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 35
def reset_backup_code!
  update_columns backup_code: generate_backup_code
end
set_secret_and_backup_code() click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 10
def set_secret_and_backup_code
  self.secret ||= ROTP::Base32.random_base32
  self.backup_code ||= generate_backup_code
end
totp() click to toggle source
# File lib/rose_quartz/user_authenticator.rb, line 39
def totp
  @authenticator ||= ROTP::TOTP.new(secret, issuer: RoseQuartz.configuration.issuer)
end

Private Instance Methods

generate_backup_code() click to toggle source

Four groups of 4-character base32 strings joined by dashes, e.g. “gs3w-ntpt-hrse-v23t”

# File lib/rose_quartz/user_authenticator.rb, line 52
def generate_backup_code
  ROTP::Base32.random_base32(16).scan(/.{1,4}/).join('-')
end