lib/devise/two_factor_pam_authenticatable.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

# frozen_string_literal: true

require 'devise/strategies/base'

module Devise
  module Strategies
    class TwoFactorPamAuthenticatable < Base
      def valid?
        valid_params? && mapping.to.respond_to?(:authenticate_with_pam)
      end

      def authenticate!
        resource = mapping.to.authenticate_with_pam(params[scope])

        if resource && !resource.otp_required_for_login?
          success!(resource)
        else
          fail(:invalid)
        end
      end

      protected

      def valid_params?
        params[scope] && params[scope][:password].present?
      end
    end
  end
end

Warden::Strategies.add(:two_factor_pam_authenticatable, Devise::Strategies::TwoFactorPamAuthenticatable)