logo

mastofe

My custom branche(s) on git.pleroma.social/pleroma/mastofe git clone https://hacktivis.me/git/mastofe.git

sessions_controller.rb (2947B)

    

  1. # frozen_string_literal: true

  2. 

  3. class Auth::SessionsController < Devise::SessionsController

  4.   include Devise::Controllers::Rememberable

  5. 

  6.   layout 'auth'

  7. 

  8.   skip_before_action :require_no_authentication, only: [:create]

  9.   skip_before_action :check_suspension, only: [:destroy]

  10.   prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]

  11.   before_action :set_instance_presenter, only: [:new]

  12. 

  13.   def new

  14.     Devise.omniauth_configs.each do |provider, config|

  15.       return redirect_to(omniauth_authorize_path(resource_name, provider)) if config.strategy.redirect_at_sign_in

  16.     end

  17. 

  18.     super

  19.   end

  20. 

  21.   def create

  22.     super do |resource|

  23.       remember_me(resource)

  24.       flash.delete(:notice)

  25.     end

  26.   end

  27. 

  28.   def destroy

  29.     super

  30.     flash.delete(:notice)

  31.   end

  32. 

  33.   protected

  34. 

  35.   def find_user

  36.     if session[:otp_user_id]

  37.       User.find(session[:otp_user_id])

  38.     elsif user_params[:email]

  39.       if use_seamless_external_login? && Devise.check_at_sign && user_params[:email].index('@').nil?

  40.         User.joins(:account).find_by(accounts: { username: user_params[:email] })

  41.       else

  42.         User.find_for_authentication(email: user_params[:email])

  43.       end

  44.     end

  45.   end

  46. 

  47.   def user_params

  48.     params.require(:user).permit(:email, :password, :otp_attempt)

  49.   end

  50. 

  51.   def after_sign_in_path_for(resource)

  52.     last_url = stored_location_for(:user)

  53. 

  54.     if home_paths(resource).include?(last_url)

  55.       root_path

  56.     else

  57.       last_url || root_path

  58.     end

  59.   end

  60. 

  61.   def after_sign_out_path_for(_resource_or_scope)

  62.     Devise.omniauth_configs.each_value do |config|

  63.       return root_path if config.strategy.redirect_at_sign_in

  64.     end

  65. 

  66.     super

  67.   end

  68. 

  69.   def two_factor_enabled?

  70.     find_user.try(:otp_required_for_login?)

  71.   end

  72. 

  73.   def valid_otp_attempt?(user)

  74.     user.validate_and_consume_otp!(user_params[:otp_attempt]) ||

  75.       user.invalidate_otp_backup_code!(user_params[:otp_attempt])

  76.   rescue OpenSSL::Cipher::CipherError => _error

  77.     false

  78.   end

  79. 

  80.   def authenticate_with_two_factor

  81.     user = self.resource = find_user

  82. 

  83.     if user_params[:otp_attempt].present? && session[:otp_user_id]

  84.       authenticate_with_two_factor_via_otp(user)

  85.     elsif user&.valid_password?(user_params[:password])

  86.       prompt_for_two_factor(user)

  87.     end

  88.   end

  89. 

  90.   def authenticate_with_two_factor_via_otp(user)

  91.     if valid_otp_attempt?(user)

  92.       session.delete(:otp_user_id)

  93.       remember_me(user)

  94.       sign_in(user)

  95.     else

  96.       flash.now[:alert] = I18n.t('users.invalid_otp_token')

  97.       prompt_for_two_factor(user)

  98.     end

  99.   end

  100. 

  101.   def prompt_for_two_factor(user)

  102.     session[:otp_user_id] = user.id

  103.     render :two_factor

  104.   end

  105. 

  106.   private

  107. 

  108.   def set_instance_presenter

  109.     @instance_presenter = InstancePresenter.new

  110.   end

  111. 

  112.   def home_paths(resource)

  113.     paths = [about_path]

  114.     if single_user_mode? && resource.is_a?(User)

  115.       paths << short_account_path(username: resource.account)

  116.     end

  117.     paths

  118.   end

  119. end