File: two_factor_backupable.rb

package info (click to toggle)
ruby-devise-two-factor 4.0.2-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 264 kB
  • sloc: ruby: 528; makefile: 3
file content (25 lines) | stat: -rw-r--r-- 924 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
module Devise
  module Strategies
    class TwoFactorBackupable < Devise::Strategies::DatabaseAuthenticatable

      def authenticate!
        resource = mapping.to.find_for_database_authentication(authentication_hash)

        if validate(resource) { resource.invalidate_otp_backup_code!(params[scope]['otp_attempt']) }
          # Devise fails to authenticate invalidated resources, but if we've
          # gotten here, the object changed (Since we deleted a recovery code)
          resource.save!
          super
        end

        fail(Devise.paranoid ? :invalid : :not_found_in_database) unless resource

        # We want to cascade to the next strategy if this one fails,
        # but database authenticatable automatically halts on a bad password
        @halted = false if @result == :failure
      end
    end
  end
end

Warden::Strategies.add(:two_factor_backupable, Devise::Strategies::TwoFactorBackupable)