-
Notifications
You must be signed in to change notification settings - Fork 114
/
personal_key_controller.rb
91 lines (74 loc) · 2.56 KB
/
personal_key_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
module Idv
class PersonalKeyController < ApplicationController
include IdvSession
include StepIndicatorConcern
include SecureHeadersConcern
include FraudReviewConcern
before_action :apply_secure_headers_override
before_action :confirm_two_factor_authenticated
before_action :confirm_phone_or_address_confirmed
before_action :confirm_profile_has_been_created
def show
analytics.idv_personal_key_visited(
address_verification_method: address_verification_method,
in_person_verification_pending: idv_session.profile&.in_person_verification_pending?,
)
add_proofing_component
finish_idv_session
end
def update
user_session[:need_personal_key_confirmation] = false
analytics.idv_personal_key_submitted(
address_verification_method: address_verification_method,
deactivation_reason: idv_session.profile&.deactivation_reason,
in_person_verification_pending: idv_session.profile&.in_person_verification_pending?,
fraud_review_pending: fraud_review_pending?,
fraud_rejection: fraud_rejection?,
)
redirect_to next_step
end
private
def address_verification_method
user_session.dig('idv', 'address_verification_mechanism')
end
def next_step
if in_person_enrollment?
idv_in_person_ready_to_verify_url
elsif fraud_check_failed?
idv_please_call_url
elsif session[:sp]
sign_up_completed_url
else
after_sign_in_path_for(current_user)
end
end
def confirm_profile_has_been_created
redirect_to account_url if profile.blank?
end
def add_proofing_component
ProofingComponent.find_or_create_by(user: current_user).update(verified_at: Time.zone.now)
end
def finish_idv_session
@code = personal_key
@personal_key_generated_at = current_user.personal_key_generated_at
user_session[:personal_key] = @code
idv_session.personal_key = nil
irs_attempts_api_tracker.idv_personal_key_generated
end
def personal_key
idv_session.personal_key || generate_personal_key
end
def profile
return idv_session.profile if idv_session.profile
current_user.active_or_pending_profile
end
def generate_personal_key
cacher = Pii::Cacher.new(current_user, user_session)
profile.encrypt_recovery_pii(cacher.fetch)
end
def in_person_enrollment?
return false unless IdentityConfig.store.in_person_proofing_enabled
current_user.pending_in_person_enrollment.present?
end
end
end