authenticatable.rb

 1# frozen_string_literal: true
 2
 3module Authenticatable
 4  extend ActiveSupport::Concern
 5  included do
 6    before_action :apply_current_request_details
 7    before_action :authenticate!
 8    before_action :authenticate_mfa!
 9    helper_method :current_user, :current_user?, :mfa_completed?
10  end
11
12  def current_user
13    Current.user
14  end
15
16  def current_user?
17    Current.user?
18  end
19
20  def mfa_completed?
21    Current.user.mfa.valid_session?(session[:mfa])
22  end
23
24  private
25
26  def authenticate!
27    redirect_to new_session_path unless current_user?
28  end
29
30  def authenticate_mfa!
31    return unless Current.user?
32
33    redirect_to new_mfa_path unless mfa_completed?
34  end
35
36  def apply_current_request_details
37    Current.access(request, session)
38  end
39end