Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Native Warden Authentication #77

Closed
wants to merge 14 commits into from
Closed

Native Warden Authentication #77

wants to merge 14 commits into from

Conversation

strouptl
Copy link
Collaborator

This PR updates the "database_authenticatable" warden strategy to redirect to OTP challenge if OTP is enabled. Benefits include:

Outstanding issues:

strouptl added 8 commits May 22, 2024 05:22
@strouptl
Update DatabaseAuthenticatable strategy to redirect successful authen…
9fd0076 
…tications directly to OTP Credentials controller rather than logging in; delete Sessions hook with overwritten logout/login "create_session" method (no longer needed);
@strouptl
Refactor DatabaseAuthenticatable strategy;
cffe379
@strouptl
restore skip_challenge functionality via otp_credentials_controller; …
46ba88b 
…move challenge, recovery, and resource variables to filters for easier reference; unnest "challenge" and "recovery" fields in form params for consistency between show and update actions;
@strouptl
update otp_credentials_controller to redirect to new_session_path for…
4c982d3 
… blank challenges (resolves "undefined method root_url" error);
@strouptl
Merge branch 'blank_challenge_redirect' into native_warden_approach
18efd20
@strouptl
- Update needs_credentials_refresh? method to reference current_sign_…
2b40223 
…in_at when present;

- Break apart needs_credential_refresh? method, and set return URL within otp_tokens controller for simplicity;
- Remove 'refresh_otp_credentials_for(resource)' from create_otp_session method (no longer needed);
@strouptl
update CHANGELOG for change to needs_credentials_refresh? methods;
f8e3d6b
@strouptl
Merge branch 'simplify_refresh_methods' into native_warden_approach
f09bcc9
@strouptl
Copy link
Collaborator Author

NOTE: This PR also assumes the previous two PR's (#75 and #76), so if you can merge those first that will isolate the remaining diff.

@strouptl
Copy link
Collaborator Author

strouptl commented May 22, 2024
edited
Loading

@strzibny, what would you think about adding a dedicated require_mandatory_otp! helper, similar to the "authenticate_{scope}!" helpers, for forcing redirection to the edit_otp_token path for mandatory otp? This approach would necessitate you adding that helper to your application controller (or whichever you use as the base for that portion of your app), alongside of authenticate_user!

before_action :authenticate_user!
before_action :require_mandatory_otp!

We would just need to note in the README that you need to add this to whatever scope you want to require mandatory_otp for.

@strouptl strouptl mentioned this pull request May 23, 2024
Closed
@strouptl
Copy link
Collaborator Author

Closing PR. Will open a new PR with a simpler solution.

@strouptl strouptl closed this May 24, 2024
@strouptl strouptl deleted the native_warden_approach branch June 4, 2024 12:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@strouptl