two_factors_controller.rb 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. class User::TwoFactorsController < ApplicationController
  3. prepend_before_action :authenticate_and_authorize!
  4. def two_factor_remove_authentication_method
  5. Service::User::TwoFactor::RemoveMethod
  6. .new(user: params_user, method_name: params[:method])
  7. .execute
  8. render json: {}, status: :ok
  9. end
  10. def two_factor_remove_all_authentication_methods
  11. params_user.two_factor_destroy_all_authentication_methods
  12. render json: {}, status: :ok
  13. end
  14. def two_factor_enabled_authentication_methods
  15. render json: params_user.two_factor_enabled_authentication_methods, status: :ok
  16. end
  17. def two_factor_personal_configuration
  18. result = {
  19. enabled_authentication_methods: current_user.two_factor_enabled_authentication_methods,
  20. recovery_codes_exist: current_user.auth_two_factor.user_recovery_codes_exists?,
  21. }
  22. render json: result, status: :ok
  23. end
  24. def two_factor_verify_configuration
  25. raise Exceptions::UnprocessableEntity, __('The required parameter "method" is missing.') if params[:method].blank?
  26. raise Exceptions::UnprocessableEntity, __('The required parameter "payload" is missing.') if params[:payload].blank?
  27. verify_method_configuration = Service::User::TwoFactor::VerifyMethodConfiguration.new(user: current_user, method_name: params[:method], payload: params[:payload], configuration: params[:configuration].permit!.to_h)
  28. begin
  29. render json: verify_method_configuration.execute.merge({ verified: true }), status: :ok
  30. rescue Service::User::TwoFactor::VerifyMethodConfiguration::Failed
  31. render json: { verified: false }, status: :ok
  32. end
  33. end
  34. def two_factor_authentication_method_initiate_configuration
  35. check_method!
  36. initiate_authentication_method_configuration = Service::User::TwoFactor::InitiateMethodConfiguration.new(user: current_user, method_name: @method_name)
  37. render json: { configuration: initiate_authentication_method_configuration.execute }, status: :ok
  38. end
  39. def two_factor_recovery_codes_generate
  40. codes = Service::User::TwoFactor::GenerateRecoveryCodes
  41. .new(user: current_user, force: true)
  42. .execute
  43. render json: codes, status: :ok
  44. end
  45. def two_factor_default_authentication_method
  46. check_method!
  47. Service::User::TwoFactor::SetDefaultMethod
  48. .new(user: current_user, method_name: @method_name)
  49. .execute
  50. render json: {}, status: :ok
  51. end
  52. def two_factor_authentication_method_configuration
  53. check_method!
  54. configuration = Service::User::TwoFactor::GetMethodConfiguration
  55. .new(user: current_user, method_name: @method_name)
  56. .execute
  57. render json: { configuration: configuration || {} }, status: :ok
  58. end
  59. def two_factor_authentication_remove_credentials
  60. check_method!
  61. Service::User::TwoFactor::RemoveMethodCredentials
  62. .new(user: current_user, method_name: @method_name, credential_id: params[:credential_id])
  63. .execute
  64. render json: {}, status: :ok
  65. end
  66. private
  67. def check_method!
  68. raise Exceptions::UnprocessableEntity, __('The required parameter "method" is missing.') if params[:method].blank?
  69. @method_name ||= params[:method]
  70. true
  71. end
  72. def params_user
  73. User.find(params[:id])
  74. end
  75. end