Class: Unmagic::Passkeys::SessionsController

Inherits:

ApplicationController

• Object
• ApplicationController
• Unmagic::Passkeys::SessionsController

Defined in:

app/controllers/unmagic/passkeys/sessions_controller.rb

Overview

Passkey sign-in: the sign-in page (+new+), the authentication ceremony (+create+), and sign-out (+destroy+).

Sign-in is usernameless — it relies on discoverable credentials, so the same page signs in any user. Subclass to add rate limiting or to change the redirect targets, then re-point the route:

class SessionsController < Unmagic::Passkeys::SessionsController
rate_limit to: 10, within: 3.minutes
private def after_passkey_sign_in_path = after_authentication_url
end

Instance Method Summary

• #create ⇒ Object
• #destroy ⇒ Object
• #new ⇒ Object

Methods included from Request

#passkey_authentication_options, #passkey_authentication_params, #passkey_registration_options, #passkey_registration_params

Instance Method Details

#create ⇒ Object

# File 'app/controllers/unmagic/passkeys/sessions_controller.rb', line 21

def create
  if credential = Unmagic::Passkeys.authenticate(passkey_authentication_params)
    sign_in_holder(credential.holder)
    redirect_to after_passkey_sign_in_path
  else
    redirect_to after_passkey_sign_in_failure_path, alert: passkey_sign_in_failure_alert
  end
end

#destroy ⇒ Object

# File 'app/controllers/unmagic/passkeys/sessions_controller.rb', line 30

def destroy
  sign_out_holder
  redirect_to after_passkey_sign_out_path, status: :see_other
end

#new ⇒ Object

# File 'app/controllers/unmagic/passkeys/sessions_controller.rb', line 17

def new
  @authentication_options = passkey_authentication_options
end