Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How should I integrate Devise two factor authentication with custom sessions controller? #60

Closed
ashvushinde opened this issue Dec 22, 2015 · 5 comments
Closed

How should I integrate Devise two factor authentication with custom sessions controller? #60

ashvushinde opened this issue Dec 22, 2015 · 5 comments

Comments

@ashvushinde
Copy link

I integrated the Houdini two factor authentication with existing rails application.
First I doesn't have any custom sessions_controller then the two_factor_authentication is working fine.
But whereas I written custom create action in Sessions Controller then it doesn't authenticated by two_factor_authentication.

Here is the custom code for create action of Sessions Controller.

  if status_response.nil?
    render :file => 'public/api_not_found.html', :status => :not_found, :layout => false
  else
    if status_response['code'].to_i == 1
      signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
      flash[:alert] = 'Invalid Email ID or password.'
      yield if block_given?
      respond_to_on_destroy
    else
      self.resource = warden.authenticate!(auth_options)
      set_flash_message(:notice, :signed_in) if is_flashing_format?
      sign_in(resource_name, resource)
      yield resource if block_given?
      respond_with resource, location: after_sign_in_path_for(resource)
    end
  end

Model code of user.rb:

  devise :two_factor_authenticatable, :database_authenticatable, :registerable,
     :recoverable, :rememberable, :trackable, :validatable,
     :confirmable, password_length: 8..30
  has_one_time_password


  def send_two_factor_authentication_code
    puts ">>>>>>>>>>>>>>> otp_secret_key: #{otp_secret_key}, otp_code: #{otp_code}"
  end

I know if we are customizing the create action of Sessions Controller then we should call the two_factor_authentication. I tried to invoke this in controller but it throws an error.

So my question how should i integrate the two_factor_authentication with custom create action of Session Controller?
@ashvushinde
Copy link
Author

Any Update on it?

@Houdini
Copy link
Owner

Houdini commented Jan 1, 2016

Sorry for long response.
Please check how otp is integrated into Devise custom controller:

class Devise::TwoFactorAuthenticationController < DeviseController
  prepend_before_filter :authenticate_scope!
  before_filter :prepare_and_validate, :handle_two_factor_authentication

And all this methods are here:
https://github.com/Houdini/two_factor_authentication/blob/master/app/controllers/devise/two_factor_authentication_controller.rb

Could you please try to integrate them into your controller?

However, I'm looking at your session controller. Why do you really need custom session controller?

@ashvushinde
Copy link
Author

Well, I am using user authentication with Devise and other database operations using RestClient apis.
So while logging in i am taking the token from API and after that this token is used for other database operations.
I will check the answer you suggested in my app.
And let you know.

@Houdini
Copy link
Owner

Houdini commented Jan 4, 2016

Please check this recipe:
http://stackoverflow.com/questions/21268559/ruby-on-rails-devise-code-after-login

Does that helps you?

@Houdini
Copy link
Owner

Houdini commented Jan 11, 2016

I close this issue for now, please reopen it if you have any questions.

@Houdini Houdini closed this as completed Jan 11, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Houdini @ashvushinde