Class: Devise::Strategies::WebauthnTwoFactorAuthenticatable

Inherits:
Base
  • Object
show all
Defined in:
lib/devise/strategies/webauthn_two_factor_authenticatable.rb

Instance Method Summary collapse

Instance Method Details

#authenticate!Object

rubocop:disable Metrics/AbcSize



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/devise/strategies/webauthn_two_factor_authenticatable.rb', line 13

def authenticate!
  credential_from_params = WebAuthn::Credential.from_get(JSON.parse(credential_param))
  resource = resource_class.find_by(id: session[:current_authentication_resource_id])
  stored_credential = resource&.webauthn_credentials&.find_by(external_id: credential_from_params.id)

  return fail!(:webauthn_credential_not_found) if stored_credential.blank?
  if user_handle_mismatch?(credential_from_params, resource)
    return fail!(:webauthn_credential_verification_failed)
  end

  verify_credential(credential_from_params, stored_credential)

  resource.remember_me = session[:current_authentication_remember_me] if resource.respond_to?(:remember_me=)
  success!(resource)

  session.delete(:current_authentication_resource_id)
  session.delete(:current_authentication_remember_me)
rescue WebAuthn::Error
  fail!(:webauthn_credential_verification_failed)
ensure
  session.delete(:two_factor_authentication_challenge)
end

#valid?Boolean

Returns:

  • (Boolean)


6
7
8
9
10
# File 'lib/devise/strategies/webauthn_two_factor_authenticatable.rb', line 6

def valid?
  credential_param.present? &&
    session[:current_authentication_resource_id].present? &&
    session[:two_factor_authentication_challenge].present?
end