scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2024-12-27 02:04:33 +08:00
Code Issues Projects Releases Packages Wiki Activity

SCI-5693 refactor of 2fa procedure

Browse source
This commit is contained in:
miha 2021-05-04 20:51:34 +02:00
parent 544c168c4a
commit 136f0cd17f
2 changed files with 12 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
app/controllers/users/sessions_controller.rb
View file

@ -5,7 +5,6 @@ class Users::SessionsController < Devise::SessionsController
after_action :after_sign_in, only: %i(create authenticate_with_two_factor)
before_action :remove_authenticate_mesasge_if_root_path, only: :new
prepend_before_action :redirect_2fa, only: :create
rescue_from ActionController::InvalidAuthenticityToken do
redirect_to new_user_session_path
@ -23,8 +22,15 @@ class Users::SessionsController < Devise::SessionsController
# POST /resource/sign_in
def create
super
super do |user|
if user.two_factor_auth_enabled?
sign_out
session[:otp_user_id] = user.id
store_location_for(:user, request.original_fullpath) if request.get?
redirect_to users_two_factor_auth_path
return
end
end
generate_templates_project
end
@ -34,10 +40,8 @@ class Users::SessionsController < Devise::SessionsController
end
end
# DELETE /resource/sign_out
# def destroy
# super
# end
def two_factor_auth
end
def after_sign_in
flash[:system_notification_modal] = true
@ -93,18 +97,6 @@ class Users::SessionsController < Devise::SessionsController
end
end
def redirect_2fa
user = User.find_by(email: params[:user][:email])
return unless user&.valid_password?(params[:user][:password])
if user&.two_factor_auth_enabled?
session[:otp_user_id] = user.id
store_location_for(:user, request.original_fullpath) if request.get?
render :two_factor_auth
end
end
def generate_templates_project
# Schedule templates creation for user
TemplatesService.new.schedule_creation_for_user(current_user)

1
config/routes.rb
View file

@ -644,6 +644,7 @@ Rails.application.routes.draw do
get 'avatar/:id/:style' => 'users/registrations#avatar', as: 'avatar'
get 'users/sign_up_provider' => 'users/registrations#new_with_provider'
get 'users/two_factor_recovery' => 'users/sessions#two_factor_recovery'
get 'users/two_factor_auth' => 'users/sessions#two_factor_auth'
post 'users/authenticate_with_two_factor' => 'users/sessions#authenticate_with_two_factor'
post 'users/authenticate_with_recovery_code' => 'users/sessions#authenticate_with_recovery_code'
post 'users/complete_sign_up_provider' => 'users/registrations#create_with_provider'