Class: Booth::Requests::Sudo

Inherits:

Object

Object
Booth::Requests::Sudo

show all

Includes:: Logging

Defined in:: lib/booth/requests/sudo.rb

Instance Method Summary collapse

#guard_with_webauth {|Tron.success(:webauth_sudo_needed, step: :sudo, authenticators?: authenticators?, public_message:)| ... } ⇒ Object

Guards.
#initialize(scope:, request:) ⇒ Sudo constructor

A new instance of Sudo.
#lifespan ⇒ Object
#webauth! ⇒ Object

Setters.
#webauth? ⇒ Boolean

Getters.
#webauthn_challenge ⇒ Object
#webauthn_challenge=(new_challenge) ⇒ Object

Constructor Details

#initialize(scope:, request:) ⇒ `Sudo`

Returns a new instance of Sudo.

# File 'lib/booth/requests/sudo.rb', line 8

def initialize(scope:, request:)
  @scope = scope
  @request = request
end

Instance Method Details

#guard_with_webauth {|Tron.success(:webauth_sudo_needed, step: :sudo, authenticators?: authenticators?, public_message:)| ... } ⇒ `Object`

Guards

Yields:

(Tron.success(:webauth_sudo_needed, step: :sudo, authenticators?: authenticators?, public_message:))

# File 'lib/booth/requests/sudo.rb', line 19

def guard_with_webauth
  raise unless block_given?
  return if webauth?

  log { 'You need Webauth sudo' }
  public_message = I18n.t('booth.webauth_sudo_timeout', lifespan_minutes: (lifespan / 60))
  yield Tron.success(:webauth_sudo_needed, step: :sudo, authenticators?: authenticators?, public_message:)
end

#lifespan ⇒ `Object`



13
14
15

# File 'lib/booth/requests/sudo.rb', line 13

def lifespan
  ::Booth.config.interaction_timeout
end

#webauth! ⇒ `Object`

Setters

# File 'lib/booth/requests/sudo.rb', line 43

def webauth!
  log { "Remembering sudo via WebAuth has been granted in scope #{scope}" }
  session[:webauth] = Time.current.to_i
end

#webauth? ⇒ `Boolean`

Getters

Returns:

(Boolean)

# File 'lib/booth/requests/sudo.rb', line 30

def webauth?
  return true if session[:webauth].to_i > lifespan.ago.to_i

  session[:webauth] = nil
  false
end

#webauthn_challenge ⇒ `Object`



37
38
39

# File 'lib/booth/requests/sudo.rb', line 37

def webauthn_challenge
  session[:webauthn_challenge].presence
end

#webauthn_challenge=(new_challenge) ⇒ `Object`

# File 'lib/booth/requests/sudo.rb', line 48

def webauthn_challenge=(new_challenge)
  if new_challenge
    log do
      "Persisting webauth challenge #{new_challenge.inspect} in sudo session for scope #{scope.inspect}"
    end
  else
    log { "Removing webauth challenge from sudo session for scope #{scope.inspect}" }
  end
  session[:webauthn_challenge] = new_challenge.presence
end

Class: Booth::Requests::Sudo

Instance Method Summary collapse

Constructor Details

#initialize(scope:, request:) ⇒ Sudo

Instance Method Details

#guard_with_webauth {|Tron.success(:webauth_sudo_needed, step: :sudo, authenticators?: authenticators?, public_message:)| ... } ⇒ Object

#lifespan ⇒ Object

#webauth! ⇒ Object

#webauth? ⇒ Boolean

#webauthn_challenge ⇒ Object

#webauthn_challenge=(new_challenge) ⇒ Object

#initialize(scope:, request:) ⇒ `Sudo`

#guard_with_webauth {|Tron.success(:webauth_sudo_needed, step: :sudo, authenticators?: authenticators?, public_message:)| ... } ⇒ `Object`

#lifespan ⇒ `Object`

#webauth! ⇒ `Object`

#webauth? ⇒ `Boolean`

#webauthn_challenge ⇒ `Object`

#webauthn_challenge=(new_challenge) ⇒ `Object`