More writing role changes in sessions controller

This commit is contained in:
Fosco Marotto 2021-02-14 23:21:53 -05:00
parent 5e7cec5345
commit 7bfe6c7709
1 changed files with 40 additions and 28 deletions

View File

@ -12,19 +12,23 @@ class Auth::SessionsController < Devise::SessionsController
before_action :set_body_classes
def new
ActiveRecord::Base.connected_to(role: :writing) do
Devise.omniauth_configs.each do |provider, config|
return redirect_to(omniauth_authorize_path(resource_name, provider)) if config.strategy.redirect_at_sign_in
end
super
end
end
def create
ActiveRecord::Base.connected_to(role: :writing) do
super do |resource|
remember_me(resource)
flash.delete(:notice)
end
end
end
def destroy
tmp_stored_location = stored_location_for(:user)
@ -36,6 +40,7 @@ class Auth::SessionsController < Devise::SessionsController
protected
def find_user
ActiveRecord::Base.connected_to(role: :writing) do
if session[:otp_user_id]
User.find(session[:otp_user_id])
elsif user_params[:email]
@ -46,6 +51,7 @@ class Auth::SessionsController < Devise::SessionsController
end
end
end
end
def user_params
params.require(:user).permit(:email, :password, :otp_attempt)
@ -74,13 +80,16 @@ class Auth::SessionsController < Devise::SessionsController
end
def valid_otp_attempt?(user)
ActiveRecord::Base.connected_to(role: :writing) do
user.validate_and_consume_otp!(user_params[:otp_attempt]) ||
user.invalidate_otp_backup_code!(user_params[:otp_attempt])
end
rescue OpenSSL::Cipher::CipherError => _error
false
end
def authenticate_with_two_factor
ActiveRecord::Base.connected_to(role: :writing) do
user = self.resource = find_user
if user_params[:otp_attempt].present? && session[:otp_user_id]
@ -89,8 +98,10 @@ class Auth::SessionsController < Devise::SessionsController
prompt_for_two_factor(user)
end
end
end
def authenticate_with_two_factor_via_otp(user)
ActiveRecord::Base.connected_to(role: :writing) do
if valid_otp_attempt?(user)
session.delete(:otp_user_id)
remember_me(user)
@ -100,6 +111,7 @@ class Auth::SessionsController < Devise::SessionsController
prompt_for_two_factor(user)
end
end
end
def prompt_for_two_factor(user)
session[:otp_user_id] = user.id