More writing role changes in sessions controller

This commit is contained in:
Fosco Marotto 2021-02-14 23:21:53 -05:00
parent 5e7cec5345
commit 7bfe6c7709

View File

@ -12,19 +12,23 @@ class Auth::SessionsController < Devise::SessionsController
before_action :set_body_classes before_action :set_body_classes
def new def new
ActiveRecord::Base.connected_to(role: :writing) do
Devise.omniauth_configs.each do |provider, config| Devise.omniauth_configs.each do |provider, config|
return redirect_to(omniauth_authorize_path(resource_name, provider)) if config.strategy.redirect_at_sign_in return redirect_to(omniauth_authorize_path(resource_name, provider)) if config.strategy.redirect_at_sign_in
end end
super super
end end
end
def create def create
ActiveRecord::Base.connected_to(role: :writing) do
super do |resource| super do |resource|
remember_me(resource) remember_me(resource)
flash.delete(:notice) flash.delete(:notice)
end end
end end
end
def destroy def destroy
tmp_stored_location = stored_location_for(:user) tmp_stored_location = stored_location_for(:user)
@ -36,6 +40,7 @@ class Auth::SessionsController < Devise::SessionsController
protected protected
def find_user def find_user
ActiveRecord::Base.connected_to(role: :writing) do
if session[:otp_user_id] if session[:otp_user_id]
User.find(session[:otp_user_id]) User.find(session[:otp_user_id])
elsif user_params[:email] elsif user_params[:email]
@ -46,6 +51,7 @@ class Auth::SessionsController < Devise::SessionsController
end end
end end
end end
end
def user_params def user_params
params.require(:user).permit(:email, :password, :otp_attempt) params.require(:user).permit(:email, :password, :otp_attempt)
@ -74,13 +80,16 @@ class Auth::SessionsController < Devise::SessionsController
end end
def valid_otp_attempt?(user) def valid_otp_attempt?(user)
ActiveRecord::Base.connected_to(role: :writing) do
user.validate_and_consume_otp!(user_params[:otp_attempt]) || user.validate_and_consume_otp!(user_params[:otp_attempt]) ||
user.invalidate_otp_backup_code!(user_params[:otp_attempt]) user.invalidate_otp_backup_code!(user_params[:otp_attempt])
end
rescue OpenSSL::Cipher::CipherError => _error rescue OpenSSL::Cipher::CipherError => _error
false false
end end
def authenticate_with_two_factor def authenticate_with_two_factor
ActiveRecord::Base.connected_to(role: :writing) do
user = self.resource = find_user user = self.resource = find_user
if user_params[:otp_attempt].present? && session[:otp_user_id] if user_params[:otp_attempt].present? && session[:otp_user_id]
@ -89,8 +98,10 @@ class Auth::SessionsController < Devise::SessionsController
prompt_for_two_factor(user) prompt_for_two_factor(user)
end end
end end
end
def authenticate_with_two_factor_via_otp(user) def authenticate_with_two_factor_via_otp(user)
ActiveRecord::Base.connected_to(role: :writing) do
if valid_otp_attempt?(user) if valid_otp_attempt?(user)
session.delete(:otp_user_id) session.delete(:otp_user_id)
remember_me(user) remember_me(user)
@ -100,6 +111,7 @@ class Auth::SessionsController < Devise::SessionsController
prompt_for_two_factor(user) prompt_for_two_factor(user)
end end
end end
end
def prompt_for_two_factor(user) def prompt_for_two_factor(user)
session[:otp_user_id] = user.id session[:otp_user_id] = user.id