booth 0.0.1

data/lib/booth/requests/storages/otp.rb

@@ -0,0 +1,54 @@
+module Booth
+  module Requests
+    module Storages
+      class Otp
+        include ::Booth::Logging
+
+        delegate :reset, :timed_out?, :lifespan, :seconds_until_auto_reset, to: :session
+
+        def initialize(session:)
+          @session = session
+        end
+
+        # -------
+        # Getters
+        # -------
+
+        def secret_key
+          session[:secret_key]
+        end
+
+        def secret_key_has_been_seen?
+          !!session[:secret_key_has_been_seen]
+        end
+
+        def secret_key_recently_changed?
+          !!session[:secret_key_recently_changed]
+        end
+
+        # -------
+        # Setters
+        # -------
+
+        def generate_secret_key!
+          debug { 'Generating secret OTP key for registration' }
+          session[:secret_key] = ::Booth::Models::Credential.otp_random_secret
+        end
+
+        def secret_key_has_been_seen!
+          debug { 'Remembering that the secret OTP key has been registered' }
+          session[:secret_key_has_been_seen] = true
+        end
+
+        def secret_key_recently_changed!
+          reset
+          session[:secret_key_recently_changed] = true
+        end
+
+        private
+
+        attr_reader :session
+      end
+    end
+  end
+end

data/lib/booth/requests/storages/password.rb

@@ -0,0 +1,49 @@
+module Booth
+  module Requests
+    module Storages
+      class Password
+        include ::Booth::Logging
+
+        delegate :reset, :timed_out?, :lifespan, :seconds_until_auto_reset, to: :session
+
+        def initialize(session:)
+          @session = session
+        end
+
+        # -------
+        # Getters
+        # -------
+
+        def password_digest
+          session[:password_digest]
+        end
+
+        # To show a reminder for the user to logout other devices after password change.
+        # This value either times out or is deleted at read-confirmation by the user.
+        def password_recently_changed?
+          !!session[:password_recently_changed]
+        end
+
+        # -------
+        # Setters
+        # -------
+
+        def password_digest=(new_password_digest)
+          debug { 'Remembering new password digest' }
+          session[:password_digest] = new_password_digest
+        end
+
+        def password_recently_changed!
+          debug { 'Remembering that the password was recently changed' }
+          session[:password_recently_changed] = true
+        end
+
+        private
+
+        attr_reader :session
+
+        delegate :scope, to: :session, private: true
+      end
+    end
+  end
+end

data/lib/booth/requests/storages/password_reset.rb

@@ -0,0 +1,35 @@
+module Booth
+  module Requests
+    module Storages
+      class PasswordReset
+        include ::Booth::Logging
+
+        delegate :reset, :timed_out?, :lifespan, :seconds_until_auto_reset, to: :session
+
+        def initialize(session:)
+          @session = session
+        end
+
+        # -------
+        # Getters
+        # -------
+
+        def email
+          session[:email]
+        end
+
+        # -------
+        # Setters
+        # -------
+
+        def email=(new_email)
+          session[:email] = new_email
+        end
+
+        private
+
+        attr_reader :session
+      end
+    end
+  end
+end

data/lib/booth/requests/storages/recovery.rb

@@ -0,0 +1,35 @@
+module Booth
+  module Requests
+    module Storages
+      class Recovery
+        include ::Booth::Logging
+
+        delegate :reset, :timed_out?, :lifespan, :seconds_until_auto_reset, to: :session
+
+        def initialize(session:)
+          @session = session
+        end
+
+        # -------
+        # Getters
+        # -------
+
+        def email
+          session[:email]
+        end
+
+        # -------
+        # Setters
+        # -------
+
+        def email=(new_email)
+          session[:email] = new_email
+        end
+
+        private
+
+        attr_reader :session
+      end
+    end
+  end
+end

data/lib/booth/requests/storages/registration.rb

@@ -0,0 +1,27 @@
+module Booth
+  module Requests
+    module Storages
+      class Registration
+        include ::Booth::Logging
+
+        delegate :reset, to: :session
+
+        def initialize(session:)
+          @session = session
+        end
+
+        def username
+          session[:username]
+        end
+
+        def username=(new_username)
+          session[:username] = new_username
+        end
+
+        private
+
+        attr_reader :session
+      end
+    end
+  end
+end

data/lib/booth/requests/storages/webauth.rb

@@ -0,0 +1,38 @@
+module Booth
+  module Requests
+    module Storages
+      class Webauth
+        include ::Booth::Logging
+
+        delegate :reset, :timed_out?, :lifespan, :seconds_until_auto_reset, to: :session
+
+        def initialize(session:)
+          @session = session
+        end
+
+        # -------
+        # Getters
+        # -------
+
+        def authenticator
+          return @authenticator if defined?(@authenticator)
+          return if session[:authenticator_id].blank?
+
+          @authenticator = ::Booth::Models::Authenticator.find_by(id: session[:authenticator_id])
+        end
+
+        # -------
+        # Setters
+        # -------
+
+        def authenticator_id=(new_authenticator_id)
+          session[:authenticator_id] = new_authenticator_id
+        end
+
+        private
+
+        attr_reader :session
+      end
+    end
+  end
+end

data/lib/booth/requests/sudo.rb

@@ -0,0 +1,110 @@
+module Booth
+  module Requests
+    class Sudo
+      include ::Booth::Logging
+
+      def initialize(scope:, request:)
+        @scope = scope
+        @request = request
+      end
+
+      def mode
+        request.authentication.mode.to_sym
+      end
+
+      def lifespan
+        ::Booth.config.interaction_timeout
+      end
+
+      # Guards
+
+      def guard_with_password
+        raise unless block_given?
+        return if password?
+
+        debug { 'You need password sudo' }
+        public_message = I18n.t('booth.password_sudo_timeout', lifespan_minutes: (lifespan / 60))
+        yield Tron.success(:password_sudo_needed, step: :sudo, public_message:)
+      end
+
+      def guard_with_otp
+        raise unless block_given?
+        return if otp?
+
+        debug { 'You need OTP sudo' }
+        public_message = I18n.t('booth.otp_sudo_timeout', lifespan_minutes: (lifespan / 60))
+        yield Tron.success(:otp_sudo_needed, step: :sudo, public_message:)
+      end
+
+      def guard_with_webauth
+        raise unless block_given?
+        return if webauth?
+
+        debug { 'You need Webauth sudo' }
+        public_message = I18n.t('booth.webauth_sudo_timeout', lifespan_minutes: (lifespan / 60))
+        yield Tron.success(:webauth_sudo_needed, step: :sudo, public_message:)
+      end
+
+      # Getters
+
+      def password?
+        return true if session[:password].to_i > lifespan.ago.to_i
+
+        session[:password] = nil
+        false
+      end
+
+      def otp?
+        return true if session[:otp].to_i > lifespan.ago.to_i
+
+        session[:otp] = nil
+        false
+      end
+
+      def webauth?
+        return true if session[:webauth].to_i > lifespan.ago.to_i
+
+        session[:webauth] = nil
+        false
+      end
+
+      def webauthn_challenge
+        session[:webauthn_challenge].presence
+      end
+
+      # Setters
+
+      def password!
+        debug { "Remembering sudo via password has been granted in scope #{scope}" }
+        session[:password] = Time.current.to_i
+      end
+
+      def otp!
+        debug { "Remembering sudo via OTP has been granted in scope #{scope}" }
+        session[:otp] = Time.current.to_i
+      end
+
+      def webauth!
+        debug { "Remembering sudo via WebAuth has been granted in scope #{scope}" }
+        session[:webauth] = Time.current.to_i
+      end
+
+      def webauthn_challenge=(new_challenge)
+        if new_challenge
+          debug { "Persisting webauth challenge #{new_challenge.inspect} in sudo session for scope #{scope.inspect}" }
+        else
+          debug { "Removing webauth challenge from sudo session for scope #{scope.inspect}" }
+        end
+        session[:webauthn_challenge] = new_challenge.presence
+      end
+
+      private
+
+      attr_reader :scope, :request
+
+      def session
+        request.session(namespace: :sudo)
+      end
+    end
+  end
+end

data/lib/booth/routes/userland.rb

@@ -0,0 +1,80 @@
+module Booth
+  module Routes
+    class Userland
+      include ::Booth::MethodObject
+
+      option :response_path, default: -> {}
+      option :self_registration
+      option :self_recovery
+
+      def call
+        result = [mandatory_routes]
+        result.push self_registration_routes if self_registration
+        result.push self_recovery_routes if self_recovery
+        result.join
+      end
+
+      private
+
+      def response_path_with_fallback
+        return ':response' if response_path.blank?
+
+        # Just to avoid potential syntax errors, we sanitize the variable little bit.
+        response_path.to_sym.to_s.inspect
+      end
+
+      # ---------
+      # Templates
+      # ---------
+
+      # There is probably no reason to avoid any of these routes.
+      def mandatory_routes
+        <<-RUBY
+          # Registering credentials for the first time, such as Hardware keys.
+          resources :onboardings, only: %i[show update]
+
+          # Login
+          resource :login, only: %i[new create destroy]
+          resource :response, only: %i[show update], path: #{response_path_with_fallback}
+
+          # Self-service portal
+          resources :sessions, only: %i[index show destroy] do
+            delete :destroy_all_others, on: :collection
+          end
+          resource :password, only: %i[show edit update destroy] do
+            collection do
+              get :remove
+              post :sudo
+            end
+          end
+          resource :otp, only: %i[show edit update destroy] do
+            post :sudo, on: :collection
+          end
+          resources :webauths, only: %i[index new create destroy] do
+            post :sudo, on: :collection
+          end
+        RUBY
+      end
+
+      # If users create their own accounts, you will need these routes.
+      def self_registration_routes
+        <<-RUBY
+          resources :registrations, only: %i[new create]
+        RUBY
+      end
+
+      # If users can recover lost credentials (username/password) via email, you need these routes.
+      def self_recovery_routes
+        <<-RUBY
+          resources :recoveries, only: %i[new create] do
+            get :check_your_mail, on: :collection
+          end
+
+          resources :password_resets, only: %i[new create show update] do
+            get :check_your_mail, on: :collection
+          end
+        RUBY
+      end
+    end
+  end
+end

data/lib/booth/sessions/create_and_login.rb

@@ -0,0 +1,46 @@
+module Booth
+  module Sessions
+    class CreateAndLogin
+      include ::Booth::MethodObject
+      include ::Booth::Logging
+
+      option :credential
+      option :request, ::Booth::Request
+
+      def call
+        if request.scope != credential.scope.to_sym
+          debug { "Request has scope #{request.scope.inspect} but Credential has #{credential.scope.to_sym.inspect}" }
+          raise 'Not performing login because something in your setup is wrong.'
+        end
+
+        request.authentication
+               .login(session: create_session)
+
+        # Consume everything that led up to this authentication to avoid re-authentication.
+        # If we don't reset the cookie here, the "remote login flow" could log you right back in.
+        login_storage.reset
+        registration_storage.reset
+
+        Tron.success :session_created_and_logged_in, return_path: request.return_path
+      end
+
+      private
+
+      def create_session
+        debug { "Creating new Session for credential ID #{credential.id}" }
+
+        ::Booth::Models::Session.create! credential:,
+                                         agent: request.agent,
+                                         most_recent_ip: request.ip
+      end
+
+      def login_storage
+        request.storage.login
+      end
+
+      def registration_storage
+        request.storage.registration
+      end
+    end
+  end
+end

data/lib/booth/sessions/historical_locations.rb

@@ -0,0 +1,18 @@
+module Booth
+  module Sessions
+    class HistoricalLocations
+      include ::Booth::MethodObject
+
+      param :session
+
+      # TODO: Show IPs for cities that are different from the most recent IP.
+      def call
+        return if historical_locations.values.blank?
+
+        historical_locations.values.reject { _1 == location }.uniq.sort.join(', ').presence
+      end
+
+      delegate :location, :historical_locations, to: :session, private: true
+    end
+  end
+end

data/lib/booth/sessions/index.rb

@@ -0,0 +1,59 @@
+module Booth
+  module Sessions
+    class Index
+      include ::Booth::MethodObject
+
+      option :credential_id
+      option :current_session_id
+
+      def call
+        # Booth currently doesn't support pagination.
+        # To avoid an attacking vector that could bring our database down,
+        # we simply pull the handbrake when trying to fetch too many sessions.
+        # Nobody should have that many active concurrent sessions.
+        raise "Too many sessions for Credential ID #{credential_id}" if base_scope.count > max_allowed_sessions
+
+        base_scope.map do |session|
+          ::Booth::ToStruct.call(exposed_attributes(session))
+        end
+      end
+
+      private
+
+      def exposed_attributes(session)
+        result = { is_current: current_session_id == session.id }
+
+        exposed_attribute_names.each do |attribute|
+          result[attribute] = session.public_send(attribute)
+        end
+
+        result
+      end
+
+      def exposed_attribute_names
+        %i[id
+           activity_at
+           created_at
+           agent
+           most_recent_ip
+           historical_ips
+           location
+           historical_location_names
+           browser_name
+           platform_name
+           browser_image_path
+           platform_image_path]
+      end
+
+      def base_scope
+        ::Booth::Models::Session.active_scope
+                                .sorted_scope
+                                .owned_by_scope(credential_id:)
+      end
+
+      def max_allowed_sessions
+        500
+      end
+    end
+  end
+end

data/lib/booth/sessions/revoke.rb

@@ -0,0 +1,51 @@
+module Booth
+  module Sessions
+    class Revoke
+      include ::Booth::MethodObject
+      include ::Booth::Logging
+
+      option :credential_id
+      option :session_id
+
+      def call
+        do_check_id_syntax
+          .on_success { do_revoke_session }
+      end
+
+      private
+
+      def do_check_id_syntax
+        ::Booth::Syntaxes::Uuid.call(credential_id, raise_if_invalid: true)
+        ::Booth::Syntaxes::Uuid.call(session_id, raise_if_invalid: true)
+
+        Tron.success :valid_session_id_syntax
+      end
+
+      def do_revoke_session
+        unless session
+          debug { "Session #{session_id.inspect} not found for credential #{credential_id.inspect}" }
+          return Tron.success :session_not_found
+        end
+
+        if session.revoked_at.present?
+          debug { "Session #{session.id.inspect} is already revoked." }
+          return Tron.success :already_revoked,
+                              public_message: I18n.t('booth.session_revoked', ip: session.most_recent_ip)
+        end
+
+        debug { "Revoking Session #{session.id.inspect}" }
+        session.update! revoked_at: Time.current,
+                        revoke_reason: :manual
+
+        Tron.success :session_revoked, public_message: I18n.t('booth.session_revoked', ip: session.most_recent_ip)
+      end
+
+      def session
+        return @session if defined?(@session)
+
+        @session = ::Booth::Models::Session.where(credential_id:)
+                                           .find_by(id: session_id)
+      end
+    end
+  end
+end

data/lib/booth/sessions/revoke_all_others.rb

@@ -0,0 +1,43 @@
+module Booth
+  module Sessions
+    class RevokeAllOthers
+      include ::Booth::MethodObject
+
+      option :credential_id
+      option :surviving_session_id
+
+      def call
+        do_check_id_syntax
+          .on_success { do_revoke_all_other_session }
+      end
+
+      private
+
+      def do_check_id_syntax
+        ::Booth::Syntaxes::Uuid.call(credential_id, raise_if_invalid: true)
+        ::Booth::Syntaxes::Uuid.call(surviving_session_id, raise_if_invalid: true)
+
+        Tron.success :valid_session_id_syntax
+      end
+
+      def do_revoke_all_other_session
+        if sessions.blank?
+          return Tron.success :nothing_to_revoke, public_message: I18n.t('booth.all_other_sessions_revoked')
+        end
+
+        # Preferring speed. Because if there are many we don't want the page to hang.
+        sessions.update_all revoked_at: Time.current,
+                            revoke_reason: :manual_all_others
+
+        Tron.success :other_sessions_revoked, public_message: I18n.t('booth.all_other_sessions_revoked')
+      end
+
+      def sessions
+        return @sessions if defined?(@sessions)
+
+        @sessions = ::Booth::Models::Session.where(credential_id:)
+                                            .where.not(id: surviving_session_id)
+      end
+    end
+  end
+end

data/lib/booth/sessions/to_passport.rb

@@ -0,0 +1,51 @@
+module Booth
+  module Sessions
+    # A Passport is an immutable representation of your current browser-session.
+    class ToPassport
+      include ::Booth::MethodObject
+      include ::Booth::Logging
+
+      param :session
+
+      def call
+        ::Booth::ToStruct.call(attributes)
+      end
+
+      private
+
+      delegate :credential, to: :session, private: true
+
+      def attributes
+        {
+          id: session.id,
+          username: credential.username,
+          credential_id: credential.id,
+          mode:,
+          incognito_credential_id: session.incognito_credential_id,
+          revoked_at: session.revoked_at,
+          onboarding_secret_key:,
+          is:,
+        }
+      end
+
+      def is
+        ::Booth::Credentials::Mode.new(credential)
+      end
+
+      def mode
+        credential.mode.to_sym
+      end
+
+      def onboarding_secret_key
+        return unless credential.mode_first_time?
+
+        # If a first-time credential is in a logged in state,
+        # that means this credential was just self-registered.
+
+        # In that case, reveal the onboarding secret key,
+        # so that the end-user may choose a login method for the first time.
+        credential.onboarding&.secret_key
+      end
+    end
+  end
+end