module DeviseAuthy::Controllers::Helpers

Private Instance Methods

check_request_and_redirect_to_verify_token() click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 52
def check_request_and_redirect_to_verify_token
  if signed_in?(resource_name) &&
     warden.session(resource_name)[:with_authy_authentication] &&
     require_token?
    # login with 2fa
    id = warden.session(resource_name)[:id]

    remember_me = (params.fetch(resource_name, {})[:remember_me].to_s == "1")
    return_to = session["#{resource_name}_return_to"]
    sign_out

    session["#{resource_name}_id"] = id
    # this is safe to put in the session because the cookie is signed
    session["#{resource_name}_password_checked"] = true
    session["#{resource_name}_remember_me"] = remember_me
    session["#{resource_name}_return_to"] = return_to if return_to

    redirect_to verify_authy_path_for(resource_name)
    return
  end
end
forget_device() click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 21
def forget_device
  cookies.delete :remember_device
end
is_devise_sessions_controller?() click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 38
def is_devise_sessions_controller?
  self.class == Devise::SessionsController || self.class.ancestors.include?(Devise::SessionsController)
end
is_signing_in?() click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 42
def is_signing_in?
  if devise_controller? &&
    is_devise_sessions_controller? &&
    self.action_name == "create"
    return true
  end

  return false
end
record_authy_authentication() click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 83
def record_authy_authentication
  @resource.update_attribute(:last_sign_in_with_authy, DateTime.now)
  session["#{resource_name}_authy_token_checked"] = true
  sign_in(resource_name, @resource)
  set_flash_message(:notice, :signed_in) if is_navigational_format?
end
remember_device(id) click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 12
def remember_device(id)
  cookies.signed[:remember_device] = {
    :value => {expires: Time.now.to_i, id: id}.to_json,
    :secure => !(Rails.env.test? || Rails.env.development?),
    :httponly => !(Rails.env.test? || Rails.env.development?),
    :expires => resource_class.authy_remember_device.from_now
  }
end
require_token?() click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 25
def require_token?
  id = warden.session(resource_name)[:id]
  cookie = cookies.signed[:remember_device]
  return true if cookie.blank?

  # require token for old cookies which just have expiration time and no id
  return true if cookie.to_s =~ %r{\A\d+\z}

  cookie = JSON.parse(cookie) rescue ""
  return cookie.blank? || (Time.now.to_i - cookie['expires'].to_i) > \
         resource_class.authy_remember_device.to_i || cookie['id'] != id
end
send_one_touch_request(authy_id) click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 79
def send_one_touch_request(authy_id)
  Authy::OneTouch.send_approval_request(id: authy_id, message: I18n.t('request_to_login', scope: 'devise'))
end
verify_authy_path_for(resource_or_scope = nil) click to toggle source
# File lib/devise-authy/controllers/helpers.rb, line 74
def verify_authy_path_for(resource_or_scope = nil)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  send(:"#{scope}_verify_authy_path")
end