Module: Rails::Auth::Authenticatable

Extended by:

ActiveSupport::Concern

Defined in:

app/models/concerns/rails/auth/authenticatable.rb

Instance Method Summary

• #access_locked? ⇒ Boolean
• #clear_password_reset_token! ⇒ Object
• #confirm! ⇒ Object

  Confirmable.

• #confirmed? ⇒ Boolean
• #generate_confirmation_token ⇒ Object
• #generate_otp_secret! ⇒ Object

  MFA.

• #generate_password_reset_token! ⇒ Object
• #increment_failed_attempts! ⇒ Object
• #lock_access! ⇒ Object

  Lockable.

• #log_security_event!(event_type, request = nil, details = {}) ⇒ Object
• #otp_provisioning_uri ⇒ Object
• #password_reset_token_valid? ⇒ Boolean
• #send_confirmation_instructions ⇒ Object
• #unlock_access! ⇒ Object
• #verify_otp(code) ⇒ Object

Instance Method Details

#access_locked? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 54

def access_locked?
  locked_at.present? && locked_at > 1.hour.ago
end

#clear_password_reset_token! ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 106

def clear_password_reset_token!
  update!(reset_token: nil, reset_sent_at: nil)
end

#confirm! ⇒ Object

Confirmable

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 21

def confirm!
  update!(confirmed_at: Time.current, confirmation_token: nil)
end

#confirmed? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 25

def confirmed?
  confirmed_at.present?
end

#generate_confirmation_token ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 29

def generate_confirmation_token
  if Rails::Auth.confirmation_token_format == :numeric
    self.confirmation_token = Array.new(Rails::Auth.confirmation_token_length) { rand(10) }.join
  else
    self.confirmation_token = SecureRandom.hex(Rails::Auth.confirmation_token_length / 2)
  end
  self.confirmation_sent_at = Time.current
end

#generate_otp_secret! ⇒ Object

MFA

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 68

def generate_otp_secret!
  update!(otp_secret: ::ROTP::Base32.random)
end

#generate_password_reset_token! ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 95

def generate_password_reset_token!
  update!(
    reset_token: SecureRandom.hex(20),
    reset_sent_at: Time.current
  )
end

#increment_failed_attempts! ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 58

def increment_failed_attempts!
  self.failed_attempts += 1
  if failed_attempts >= 5
    lock_access!
  else
    save!
  end
end

#lock_access! ⇒ Object

Lockable

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 45

def lock_access!
  update!(locked_at: Time.current, unlock_token: SecureRandom.hex(20))
  Rails::Auth::UserMailer.unlock_instructions(self).deliver_now
end

#log_security_event!(event_type, request = nil, details = {}) ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 83

def log_security_event!(event_type, request = nil, details = {})
  security_events.create!(
    event_type: event_type,
    ip_address: request&.remote_ip,
    user_agent: request&.user_agent,
    details: details
  )
end

#otp_provisioning_uri ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 78

def otp_provisioning_uri
  totp = ::ROTP::TOTP.new(otp_secret, issuer: "RailsAuth")
  totp.provisioning_uri(email)
end

#password_reset_token_valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 102

def password_reset_token_valid?
  reset_sent_at.present? && reset_sent_at > 2.hours.ago
end

#send_confirmation_instructions ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 38

def send_confirmation_instructions
  generate_confirmation_token
  save!
  Rails::Auth::UserMailer.confirmation_instructions(self).deliver_now
end

#unlock_access! ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 50

def unlock_access!
  update!(locked_at: nil, failed_attempts: 0, unlock_token: nil)
end

#verify_otp(code) ⇒ Object

# File 'app/models/concerns/rails/auth/authenticatable.rb', line 72

def verify_otp(code)
  return false unless otp_secret.present?
  totp = ::ROTP::TOTP.new(otp_secret, issuer: "RailsAuth")
  totp.verify(code, drift_behind: 15)
end