diff options
Diffstat (limited to 'app/controllers/concerns/two_factor_authentication_concern.rb')
| -rw-r--r-- | app/controllers/concerns/two_factor_authentication_concern.rb | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/app/controllers/concerns/two_factor_authentication_concern.rb b/app/controllers/concerns/two_factor_authentication_concern.rb index 4800db348..d3f00a4b4 100644 --- a/app/controllers/concerns/two_factor_authentication_concern.rb +++ b/app/controllers/concerns/two_factor_authentication_concern.rb @@ -52,21 +52,19 @@ module TwoFactorAuthenticationConcern webauthn_credential = WebAuthn::Credential.from_get(user_params[:credential]) if valid_webauthn_credential?(user, webauthn_credential) - clear_attempt_from_session - remember_me(user) - sign_in(user) + on_authentication_success(user, :webauthn) render json: { redirect_path: root_path }, status: :ok else + on_authentication_failure(user, :webauthn, :invalid_credential) render json: { error: t('webauthn_credentials.invalid_credential') }, status: :unprocessable_entity end end def authenticate_with_two_factor_via_otp(user) if valid_otp_attempt?(user) - clear_attempt_from_session - remember_me(user) - sign_in(user) + on_authentication_success(user, :otp) else + on_authentication_failure(user, :otp, :invalid_otp_token) flash.now[:alert] = I18n.t('users.invalid_otp_token') prompt_for_two_factor(user) end |