Module: Rails::Auth::Authenticatable

Extended by:
ActiveSupport::Concern
Defined in:
app/models/concerns/rails/auth/authenticatable.rb

Instance Method Summary collapse

Instance Method Details

#access_locked?Boolean

Returns:

  • (Boolean) 


50
51
52
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 50

def access_locked?
  locked_at.present? && locked_at > 1.hour.ago
end

#clear_password_reset_token!Object 



102
103
104
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 102

def clear_password_reset_token!
  update!(reset_token: nil, reset_sent_at: nil)
end

#confirm!Object

Confirmable



21
22
23
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 21

def confirm!
  update!(confirmed_at: Time.current, confirmation_token: nil)
end

#confirmed?Boolean

Returns:

  • (Boolean) 


25
26
27
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 25

def confirmed?
  confirmed_at.present?
end

#generate_confirmation_tokenObject 



29
30
31
32
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 29

def generate_confirmation_token
  self.confirmation_token = SecureRandom.hex(20)
  self.confirmation_sent_at = Time.current
end

#generate_otp_secret!Object

MFA



64
65
66
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 64

def generate_otp_secret!
  update!(otp_secret: ::ROTP::Base32.random)
end

#generate_password_reset_token!Object 



91
92
93
94
95
96
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 91

def generate_password_reset_token!
  update!(
    reset_token: SecureRandom.hex(20),
    reset_sent_at: Time.current
  )
end

#increment_failed_attempts!Object 



54
55
56
57
58
59
60
61
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 54

def increment_failed_attempts!
  self.failed_attempts += 1
  if failed_attempts >= 5
    lock_access!
  else
    save!
  end
end

#lock_access!Object

Lockable



41
42
43
44
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 41

def lock_access!
  update!(locked_at: Time.current, unlock_token: SecureRandom.hex(20))
  Rails::Auth::UserMailer.unlock_instructions(self).deliver_now
end

#log_security_event!(event_type, request = nil, details = {}) ⇒ Object 



79
80
81
82
83
84
85
86
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 79

def log_security_event!(event_type, request = nil, details = {})
  security_events.create!(
    event_type: event_type,
    ip_address: request&.remote_ip,
    user_agent: request&.user_agent,
    details: details
  )
end

#otp_provisioning_uriObject 



74
75
76
77
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 74

def otp_provisioning_uri
  totp = ::ROTP::TOTP.new(otp_secret, issuer: "RailsAuth")
  totp.provisioning_uri(email)
end

#password_reset_token_valid?Boolean

Returns:

  • (Boolean) 


98
99
100
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 98

def password_reset_token_valid?
  reset_sent_at.present? && reset_sent_at > 2.hours.ago
end

#send_confirmation_instructionsObject 



34
35
36
37
38
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 34

def send_confirmation_instructions
  generate_confirmation_token
  save!
  Rails::Auth::UserMailer.confirmation_instructions(self).deliver_now
end

#unlock_access!Object 



46
47
48
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 46

def unlock_access!
  update!(locked_at: nil, failed_attempts: 0, unlock_token: nil)
end

#verify_otp(code) ⇒ Object 



68
69
70
71
72
 
# File 'app/models/concerns/rails/auth/authenticatable.rb', line 68

def verify_otp(code)
  return false unless otp_secret.present?
  totp = ::ROTP::TOTP.new(otp_secret, issuer: "RailsAuth")
  totp.verify(code, drift_behind: 15)
end