cpaas-sdk 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +8 -5
- data/cpaas-sdk.gemspec +1 -1
- data/developer-notes.md +9 -0
- data/docs/Cpaas.html +68 -21
- data/docs/Cpaas/Conversation.html +43 -25
- data/docs/Cpaas/Notification.html +4 -4
- data/docs/Cpaas/Twofactor.html +50 -18
- data/docs/_index.html +1 -1
- data/docs/_index.md +13 -2
- data/docs/file._index.html +18 -3
- data/docs/index.html +18 -3
- data/docs/top-level-namespace.html +50 -46
- data/examples/2fa/.env.example +7 -6
- data/examples/2fa/.gitignore +159 -159
- data/examples/2fa/.ruby-gemset +1 -1
- data/examples/2fa/.ruby-version +1 -1
- data/examples/2fa/Gemfile +8 -8
- data/examples/2fa/README.md +36 -34
- data/examples/2fa/app.rb +145 -134
- data/examples/2fa/config.ru +10 -10
- data/examples/2fa/helper.rb +37 -37
- data/examples/2fa/public/stylesheets/forms.css +6 -0
- data/examples/2fa/views/alert.erb +4 -4
- data/examples/2fa/views/dashboard.erb +4 -4
- data/examples/2fa/views/index.erb +16 -16
- data/examples/2fa/views/login.erb +13 -13
- data/examples/2fa/views/verify.erb +18 -8
- data/lib/cpaas-sdk.rb +19 -6
- data/lib/cpaas-sdk/api.rb +21 -9
- data/lib/cpaas-sdk/config.rb +10 -0
- data/lib/cpaas-sdk/resources/conversation.rb +12 -11
- data/lib/cpaas-sdk/resources/notification.rb +1 -1
- data/lib/cpaas-sdk/resources/twofactor.rb +0 -1
- data/lib/cpaas-sdk/util.rb +9 -9
- data/lib/cpaas-sdk/version.rb +1 -1
- data/tutorials/2FA.md +6 -3
- data/tutorials/GetStarted.md +18 -3
- data/tutorials/SMSMessaging.md +16 -8
- metadata +7 -6
data/examples/2fa/.env.example
CHANGED
@@ -1,6 +1,7 @@
|
|
1
|
-
EMAIL=user@test.com
|
2
|
-
PASSWORD=123456
|
3
|
-
CLIENT_ID=
|
4
|
-
CLIENT_SECRET=
|
5
|
-
BASE_URL=
|
6
|
-
PHONE_NUMBER=
|
1
|
+
EMAIL=user@test.com
|
2
|
+
PASSWORD=123456
|
3
|
+
CLIENT_ID=
|
4
|
+
CLIENT_SECRET=
|
5
|
+
BASE_URL=
|
6
|
+
PHONE_NUMBER=
|
7
|
+
DESTINATION_EMAIL=
|
data/examples/2fa/.gitignore
CHANGED
@@ -1,159 +1,159 @@
|
|
1
|
-
# Ignore the default SQLite database.
|
2
|
-
/db/*.sqlite3
|
3
|
-
/db/*.sqlite3-journal
|
4
|
-
|
5
|
-
# Ignore all logfiles and tempfiles.
|
6
|
-
/log/*
|
7
|
-
/tmp/*
|
8
|
-
!/log/.keep
|
9
|
-
!/tmp/.keep
|
10
|
-
|
11
|
-
# Ignore uploaded files in development
|
12
|
-
/storage/*
|
13
|
-
!/storage/.keep
|
14
|
-
|
15
|
-
.byebug_history
|
16
|
-
|
17
|
-
# Ignore master key for decrypting credentials and more.
|
18
|
-
/config/master.key
|
19
|
-
|
20
|
-
## App-Specific
|
21
|
-
|
22
|
-
# Ignore the generated sample apps folder.
|
23
|
-
/public/sample_apps
|
24
|
-
|
25
|
-
*.pdf
|
26
|
-
|
27
|
-
# Ignore the generated csv folder
|
28
|
-
/public/csv
|
29
|
-
|
30
|
-
## Capistrano
|
31
|
-
|
32
|
-
.env.staging
|
33
|
-
.env.production
|
34
|
-
.env.china
|
35
|
-
.env.developer
|
36
|
-
|
37
|
-
## Rails
|
38
|
-
|
39
|
-
*.rbc
|
40
|
-
*.sassc
|
41
|
-
.sass-cache
|
42
|
-
capybara-*.html
|
43
|
-
.rspec
|
44
|
-
/log
|
45
|
-
/tmp
|
46
|
-
/db/*.sqlite3
|
47
|
-
/db/*.sqlite3-journal
|
48
|
-
/public/system
|
49
|
-
/public/assets
|
50
|
-
/public/uploads
|
51
|
-
/public/docs
|
52
|
-
/coverage/
|
53
|
-
/spec/tmp
|
54
|
-
rerun.txt
|
55
|
-
pickle-email-*.html
|
56
|
-
dump.rdb
|
57
|
-
|
58
|
-
## Environment normalisation:
|
59
|
-
/.bundle
|
60
|
-
/vendor/bundle
|
61
|
-
|
62
|
-
# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
|
63
|
-
.rvmrc
|
64
|
-
|
65
|
-
# if using bower-rails ignore default bower_components path bower.json files
|
66
|
-
/vendor/assets/bower_components
|
67
|
-
*.bowerrc
|
68
|
-
bower.json
|
69
|
-
|
70
|
-
# Ignore pow environment settings
|
71
|
-
.powenv
|
72
|
-
|
73
|
-
## Documentation cache and generated files:
|
74
|
-
/.yardoc/
|
75
|
-
/_yardoc/
|
76
|
-
/doc/
|
77
|
-
/rdoc/
|
78
|
-
|
79
|
-
# Developer-specific files - These have a corresponding *.example file as a template to quickly copy over
|
80
|
-
config/database.yml
|
81
|
-
.env
|
82
|
-
|
83
|
-
## General
|
84
|
-
|
85
|
-
# Git
|
86
|
-
**.orig
|
87
|
-
|
88
|
-
# OS X
|
89
|
-
.DS_Store
|
90
|
-
.DS_Store?
|
91
|
-
.AppleDouble
|
92
|
-
.LSOverride
|
93
|
-
|
94
|
-
# Icon must end with two \r
|
95
|
-
Icon
|
96
|
-
|
97
|
-
|
98
|
-
# Thumbnails
|
99
|
-
._*
|
100
|
-
|
101
|
-
# Files that might appear on external disk
|
102
|
-
.Spotlight-V100
|
103
|
-
.Trashes
|
104
|
-
|
105
|
-
# Directories potentially created on remote AFP share
|
106
|
-
.AppleDB
|
107
|
-
.AppleDesktop
|
108
|
-
Network Trash Folder
|
109
|
-
Temporary Items
|
110
|
-
.apdisk
|
111
|
-
|
112
|
-
# Windows image file caches
|
113
|
-
Thumbs.db
|
114
|
-
ehthumbs.db
|
115
|
-
|
116
|
-
# Folder config file
|
117
|
-
Desktop.ini
|
118
|
-
|
119
|
-
# Recycle Bin used on file shares
|
120
|
-
$RECYCLE.BIN/
|
121
|
-
|
122
|
-
# Windows Installer files
|
123
|
-
*.cab
|
124
|
-
*.msi
|
125
|
-
*.msm
|
126
|
-
*.msp
|
127
|
-
|
128
|
-
# Windows shortcuts
|
129
|
-
*.lnk
|
130
|
-
|
131
|
-
# Compiled source
|
132
|
-
*.com
|
133
|
-
*.class
|
134
|
-
*.dll
|
135
|
-
*.exe
|
136
|
-
*.o
|
137
|
-
*.so
|
138
|
-
|
139
|
-
# Packages
|
140
|
-
# it's better to unpack these files and commit the raw source
|
141
|
-
# git has its own built in compression methods
|
142
|
-
*.7z
|
143
|
-
*.dmg
|
144
|
-
*.gz
|
145
|
-
*.iso
|
146
|
-
*.jar
|
147
|
-
*.rar
|
148
|
-
*.tar
|
149
|
-
*.zip
|
150
|
-
|
151
|
-
# Logs and databases
|
152
|
-
*.log
|
153
|
-
*.sql
|
154
|
-
*.sql-e
|
155
|
-
*.sqlite
|
156
|
-
|
157
|
-
# Files generated by atom
|
158
|
-
*.tags
|
159
|
-
*.tags_swap
|
1
|
+
# Ignore the default SQLite database.
|
2
|
+
/db/*.sqlite3
|
3
|
+
/db/*.sqlite3-journal
|
4
|
+
|
5
|
+
# Ignore all logfiles and tempfiles.
|
6
|
+
/log/*
|
7
|
+
/tmp/*
|
8
|
+
!/log/.keep
|
9
|
+
!/tmp/.keep
|
10
|
+
|
11
|
+
# Ignore uploaded files in development
|
12
|
+
/storage/*
|
13
|
+
!/storage/.keep
|
14
|
+
|
15
|
+
.byebug_history
|
16
|
+
|
17
|
+
# Ignore master key for decrypting credentials and more.
|
18
|
+
/config/master.key
|
19
|
+
|
20
|
+
## App-Specific
|
21
|
+
|
22
|
+
# Ignore the generated sample apps folder.
|
23
|
+
/public/sample_apps
|
24
|
+
|
25
|
+
*.pdf
|
26
|
+
|
27
|
+
# Ignore the generated csv folder
|
28
|
+
/public/csv
|
29
|
+
|
30
|
+
## Capistrano
|
31
|
+
|
32
|
+
.env.staging
|
33
|
+
.env.production
|
34
|
+
.env.china
|
35
|
+
.env.developer
|
36
|
+
|
37
|
+
## Rails
|
38
|
+
|
39
|
+
*.rbc
|
40
|
+
*.sassc
|
41
|
+
.sass-cache
|
42
|
+
capybara-*.html
|
43
|
+
.rspec
|
44
|
+
/log
|
45
|
+
/tmp
|
46
|
+
/db/*.sqlite3
|
47
|
+
/db/*.sqlite3-journal
|
48
|
+
/public/system
|
49
|
+
/public/assets
|
50
|
+
/public/uploads
|
51
|
+
/public/docs
|
52
|
+
/coverage/
|
53
|
+
/spec/tmp
|
54
|
+
rerun.txt
|
55
|
+
pickle-email-*.html
|
56
|
+
dump.rdb
|
57
|
+
|
58
|
+
## Environment normalisation:
|
59
|
+
/.bundle
|
60
|
+
/vendor/bundle
|
61
|
+
|
62
|
+
# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
|
63
|
+
.rvmrc
|
64
|
+
|
65
|
+
# if using bower-rails ignore default bower_components path bower.json files
|
66
|
+
/vendor/assets/bower_components
|
67
|
+
*.bowerrc
|
68
|
+
bower.json
|
69
|
+
|
70
|
+
# Ignore pow environment settings
|
71
|
+
.powenv
|
72
|
+
|
73
|
+
## Documentation cache and generated files:
|
74
|
+
/.yardoc/
|
75
|
+
/_yardoc/
|
76
|
+
/doc/
|
77
|
+
/rdoc/
|
78
|
+
|
79
|
+
# Developer-specific files - These have a corresponding *.example file as a template to quickly copy over
|
80
|
+
config/database.yml
|
81
|
+
.env
|
82
|
+
|
83
|
+
## General
|
84
|
+
|
85
|
+
# Git
|
86
|
+
**.orig
|
87
|
+
|
88
|
+
# OS X
|
89
|
+
.DS_Store
|
90
|
+
.DS_Store?
|
91
|
+
.AppleDouble
|
92
|
+
.LSOverride
|
93
|
+
|
94
|
+
# Icon must end with two \r
|
95
|
+
Icon
|
96
|
+
|
97
|
+
|
98
|
+
# Thumbnails
|
99
|
+
._*
|
100
|
+
|
101
|
+
# Files that might appear on external disk
|
102
|
+
.Spotlight-V100
|
103
|
+
.Trashes
|
104
|
+
|
105
|
+
# Directories potentially created on remote AFP share
|
106
|
+
.AppleDB
|
107
|
+
.AppleDesktop
|
108
|
+
Network Trash Folder
|
109
|
+
Temporary Items
|
110
|
+
.apdisk
|
111
|
+
|
112
|
+
# Windows image file caches
|
113
|
+
Thumbs.db
|
114
|
+
ehthumbs.db
|
115
|
+
|
116
|
+
# Folder config file
|
117
|
+
Desktop.ini
|
118
|
+
|
119
|
+
# Recycle Bin used on file shares
|
120
|
+
$RECYCLE.BIN/
|
121
|
+
|
122
|
+
# Windows Installer files
|
123
|
+
*.cab
|
124
|
+
*.msi
|
125
|
+
*.msm
|
126
|
+
*.msp
|
127
|
+
|
128
|
+
# Windows shortcuts
|
129
|
+
*.lnk
|
130
|
+
|
131
|
+
# Compiled source
|
132
|
+
*.com
|
133
|
+
*.class
|
134
|
+
*.dll
|
135
|
+
*.exe
|
136
|
+
*.o
|
137
|
+
*.so
|
138
|
+
|
139
|
+
# Packages
|
140
|
+
# it's better to unpack these files and commit the raw source
|
141
|
+
# git has its own built in compression methods
|
142
|
+
*.7z
|
143
|
+
*.dmg
|
144
|
+
*.gz
|
145
|
+
*.iso
|
146
|
+
*.jar
|
147
|
+
*.rar
|
148
|
+
*.tar
|
149
|
+
*.zip
|
150
|
+
|
151
|
+
# Logs and databases
|
152
|
+
*.log
|
153
|
+
*.sql
|
154
|
+
*.sql-e
|
155
|
+
*.sqlite
|
156
|
+
|
157
|
+
# Files generated by atom
|
158
|
+
*.tags
|
159
|
+
*.tags_swap
|
data/examples/2fa/.ruby-gemset
CHANGED
@@ -1 +1 @@
|
|
1
|
-
kandy-sdk-example-2fa
|
1
|
+
kandy-sdk-example-2fa
|
data/examples/2fa/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
ruby-2.5.0
|
1
|
+
ruby-2.5.0
|
data/examples/2fa/Gemfile
CHANGED
@@ -1,8 +1,8 @@
|
|
1
|
-
source 'https://rubygems.org'
|
2
|
-
|
3
|
-
gem 'sinatra'
|
4
|
-
gem 'httparty'
|
5
|
-
gem 'dotenv'
|
6
|
-
gem 'rerun'
|
7
|
-
gem 'pry'
|
8
|
-
gem 'cpaas-sdk', '~> 1.0'
|
1
|
+
source 'https://rubygems.org'
|
2
|
+
|
3
|
+
gem 'sinatra'
|
4
|
+
gem 'httparty'
|
5
|
+
gem 'dotenv'
|
6
|
+
gem 'rerun'
|
7
|
+
gem 'pry'
|
8
|
+
gem 'cpaas-sdk', '~> 1.1.0'
|
data/examples/2fa/README.md
CHANGED
@@ -1,34 +1,36 @@
|
|
1
|
-
# Two Factor Authentication Starter App
|
2
|
-
|
3
|
-
This is an elementary login authentication use case of two-factor authentication via SMS. The main focus of this application is to understand and implement the 2FA flow, so least amount of stress is given to the authentication/login mechanism.
|
4
|
-
|
5
|
-
## Installation
|
6
|
-
1. Copy `.env.example` and rename to `.env` and add the appropriate values. Check `Configuration` section for more details.
|
7
|
-
2. To install dependencies, run:
|
8
|
-
```bash
|
9
|
-
bundle install
|
10
|
-
```
|
11
|
-
3. To start the server, run:
|
12
|
-
```bash
|
13
|
-
bundle exec rackup -p 6000
|
14
|
-
```
|
15
|
-
|
16
|
-
## Configuration
|
17
|
-
There are a few environment variables (check `.env` file) to make the application simpler and help us focus on the key aspects a two-factor authentication system via SMS. Some of the variables are pre-filled and some are left blank which are left on the user to place appropriate values. All the variables are mandatory.
|
18
|
-
|
19
|
-
ENV KEY
|
20
|
-
|
21
|
-
CLIENT_ID
|
22
|
-
CLIENT_SECRET
|
23
|
-
BASE_URL
|
24
|
-
PHONE_NUMBER
|
25
|
-
EMAIL
|
26
|
-
PASSWORD
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
> + The user
|
33
|
-
> +
|
34
|
-
> +
|
1
|
+
# Two Factor Authentication Starter App
|
2
|
+
|
3
|
+
This is an elementary login authentication use case of two-factor authentication via SMS. The main focus of this application is to understand and implement the 2FA flow, so least amount of stress is given to the authentication/login mechanism.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
1. Copy `.env.example` and rename to `.env` and add the appropriate values. Check `Configuration` section for more details.
|
7
|
+
2. To install dependencies, run:
|
8
|
+
```bash
|
9
|
+
bundle install
|
10
|
+
```
|
11
|
+
3. To start the server, run:
|
12
|
+
```bash
|
13
|
+
bundle exec rackup -p 6000
|
14
|
+
```
|
15
|
+
|
16
|
+
## Configuration
|
17
|
+
There are a few environment variables (check `.env` file) to make the application simpler and help us focus on the key aspects a two-factor authentication system via SMS. Some of the variables are pre-filled and some are left blank which are left on the user to place appropriate values. All the variables are mandatory.
|
18
|
+
|
19
|
+
ENV KEY | Description
|
20
|
+
----------------- | -------------
|
21
|
+
CLIENT_ID | Private project key
|
22
|
+
CLIENT_SECRET | Private project secret
|
23
|
+
BASE_URL | URL of the CPaaS server to use
|
24
|
+
PHONE_NUMBER | Phone number that would receive the verification code
|
25
|
+
EMAIL | Email used in the login screen of the application
|
26
|
+
PASSWORD | Password to be entered against the EMAIL provided
|
27
|
+
DESTINATION_EMAIL | Email that would receive the verification code
|
28
|
+
|
29
|
+
|
30
|
+
## Usage
|
31
|
+
The application comprises of three simple pages, login, code verification, dashboard/portal
|
32
|
+
> + On opening the application in the browser, the login screen is presented. The user needs to enter the `Email` / `Password` that are specified in the `.env` file and click on the `Login` button.
|
33
|
+
> + Once the credentials are verified, the verification page is presented to user. Here the user has 2 options, either receive 2FA via SMS or via EMAIL. This phone number/email corresponds to the one entered in the .env file as PHONE_NUMBER/DESTINATION_EMAIL.
|
34
|
+
> + The user now needs to enter the verification code received in the mentioned phone number and click `Verify` button.
|
35
|
+
> + The application verifies the entered code. If the code validates, the user is redirected to the dashboard section; else the user will be promoted with an error alert `Code invalid or expired` and is required to re-enter the verification code.
|
36
|
+
> + As the user is authenticated, the dashboard opens up. The user can logout from the dashboard and login screen would be presented.
|
data/examples/2fa/app.rb
CHANGED
@@ -1,134 +1,145 @@
|
|
1
|
-
require 'sinatra'
|
2
|
-
require 'json'
|
3
|
-
require 'pry'
|
4
|
-
require 'cpaas-sdk'
|
5
|
-
|
6
|
-
require './helper'
|
7
|
-
|
8
|
-
|
9
|
-
class App < Sinatra::Application
|
10
|
-
enable :sessions
|
11
|
-
|
12
|
-
def initialize
|
13
|
-
super
|
14
|
-
|
15
|
-
# Initialize
|
16
|
-
Cpaas.configure do |config|
|
17
|
-
config.client_id = ENV['CLIENT_ID']
|
18
|
-
config.client_secret = ENV['CLIENT_SECRET']
|
19
|
-
config.base_url = ENV['BASE_URL']
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
get '/' do
|
24
|
-
redirect '/login'
|
25
|
-
end
|
26
|
-
|
27
|
-
get '/login' do
|
28
|
-
# If user is logged in and trying to access login page, redirect to dashboard.
|
29
|
-
return redirect '/dashboard' if is_logged_in? session
|
30
|
-
|
31
|
-
set_default_state(session)
|
32
|
-
|
33
|
-
erb :login, layout: :index
|
34
|
-
end
|
35
|
-
|
36
|
-
post '/login' do
|
37
|
-
if valid_credentials? params
|
38
|
-
# If login credentials are valid, send_code method is used to request 2FA code
|
39
|
-
# to the phone number as destination_address.
|
40
|
-
#
|
41
|
-
# If a valid response is received, the code_id present in the response is set in the session.
|
42
|
-
# This code_id is eventually used when the 2FA code (received in the phone number) needs to be verified.
|
43
|
-
# Once the code_id is set, the user is redirected to the code verification page
|
44
|
-
# where the user is prompted to enter the code received in the phone number.
|
45
|
-
#
|
46
|
-
# If an error is raised by send_code, it is caught in the catch block and the user is
|
47
|
-
# redirected to the login page with the received error message as an alert.
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
#
|
93
|
-
#
|
94
|
-
#
|
95
|
-
#
|
96
|
-
#
|
97
|
-
#
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
1
|
+
require 'sinatra'
|
2
|
+
require 'json'
|
3
|
+
require 'pry'
|
4
|
+
require 'cpaas-sdk'
|
5
|
+
|
6
|
+
require './helper'
|
7
|
+
|
8
|
+
|
9
|
+
class App < Sinatra::Application
|
10
|
+
enable :sessions
|
11
|
+
|
12
|
+
def initialize
|
13
|
+
super
|
14
|
+
|
15
|
+
# Initialize
|
16
|
+
Cpaas.configure do |config|
|
17
|
+
config.client_id = ENV['CLIENT_ID']
|
18
|
+
config.client_secret = ENV['CLIENT_SECRET']
|
19
|
+
config.base_url = ENV['BASE_URL']
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
get '/' do
|
24
|
+
redirect '/login'
|
25
|
+
end
|
26
|
+
|
27
|
+
get '/login' do
|
28
|
+
# If user is logged in and trying to access login page, redirect to dashboard.
|
29
|
+
return redirect '/dashboard' if is_logged_in? session
|
30
|
+
|
31
|
+
set_default_state(session)
|
32
|
+
|
33
|
+
erb :login, layout: :index
|
34
|
+
end
|
35
|
+
|
36
|
+
post '/login' do
|
37
|
+
if valid_credentials? params
|
38
|
+
# If login credentials are valid, send_code method is used to request 2FA code
|
39
|
+
# to the phone number as destination_address.
|
40
|
+
#
|
41
|
+
# If a valid response is received, the code_id present in the response is set in the session.
|
42
|
+
# This code_id is eventually used when the 2FA code (received in the phone number) needs to be verified.
|
43
|
+
# Once the code_id is set, the user is redirected to the code verification page
|
44
|
+
# where the user is prompted to enter the code received in the phone number.
|
45
|
+
#
|
46
|
+
# If an error is raised by send_code, it is caught in the catch block and the user is
|
47
|
+
# redirected to the login page with the received error message as an alert.
|
48
|
+
set_credentials_verified(session)
|
49
|
+
redirect '/verify'
|
50
|
+
else
|
51
|
+
# If login credentials do not match with credentials present in .env, login page is re-rendered with error alert
|
52
|
+
erb :login, layout: :index, locals: { alert: { message: 'Invalid username or password', type: 'error' } }
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
post '/sendtwofactor' do
|
57
|
+
method = params['otp']
|
58
|
+
if method == 'sms'
|
59
|
+
response = Cpaas::Twofactor.send_code({
|
60
|
+
destination_address: ENV['PHONE_NUMBER'],
|
61
|
+
message: 'Your verification code: {code}',
|
62
|
+
method: 'sms'
|
63
|
+
})
|
64
|
+
elsif method == 'email'
|
65
|
+
response = Cpaas::Twofactor.send_code({
|
66
|
+
destination_address: ENV['DESTINATION_EMAIL'],
|
67
|
+
message: 'Your verification code: {code}',
|
68
|
+
method: 'email',
|
69
|
+
subject: 'Twofactor verification'
|
70
|
+
})
|
71
|
+
end
|
72
|
+
if response[:exception_id]
|
73
|
+
# Here something went wrong either with the server or proper parameters were not passed.
|
74
|
+
# Received error message is echoed back to the UI as error alert.
|
75
|
+
return erb :verify, layout: :index, locals: { alert: { message: error_message(response), type: 'error' } }
|
76
|
+
end
|
77
|
+
session[:code_id] = response[:code_id]
|
78
|
+
erb :verify, layout: :index, locals: { alert: { message: 'Twofactor verification code sent successfully', type: 'success' } }
|
79
|
+
end
|
80
|
+
|
81
|
+
get '/verify' do
|
82
|
+
# If logged in and trying to access login page, redirect to dashboard.
|
83
|
+
return redirect '/dashboard' if is_logged_in? session
|
84
|
+
# If login credentials are not verified but tries to access the code verification page, user is redirected.
|
85
|
+
return redirect '/logout' if !is_credentials_verified? session
|
86
|
+
|
87
|
+
# If the login credentials are verified, user is shown code verification page.
|
88
|
+
erb :verify, layout: :index
|
89
|
+
end
|
90
|
+
|
91
|
+
post '/verify' do
|
92
|
+
# The 2FA code entered in the UI is passed to the verify_code along with codeId,
|
93
|
+
# which was saved from the response of send_code method.
|
94
|
+
#
|
95
|
+
# There are two valid response for verify_code method.
|
96
|
+
#
|
97
|
+
# Type 1 - The 2FA code is successfully verified.
|
98
|
+
# {
|
99
|
+
# verified: true,
|
100
|
+
# message: 'Verified'
|
101
|
+
# }
|
102
|
+
#
|
103
|
+
# Type 2 - The 2FA code pass is either incorrect or the code has expired
|
104
|
+
# (The expiry of the code can be changed by passing expiry param in the send_code. Ref - Documentation)
|
105
|
+
# {
|
106
|
+
# verified: false,
|
107
|
+
# message: 'Code expired or invalid'
|
108
|
+
# }
|
109
|
+
|
110
|
+
response = Cpaas::Twofactor.verify_code({
|
111
|
+
code_id: session[:code_id],
|
112
|
+
verification_code: params['code']
|
113
|
+
})
|
114
|
+
|
115
|
+
if response[:exception_id]
|
116
|
+
# Here something went wrong either with the server or proper parameters were not passed.
|
117
|
+
# Received error message is echoed back to the UI as error alert.
|
118
|
+
return erb :verify, layout: :index, locals: { alert: { message: error_message(response), type: 'error' } }
|
119
|
+
end
|
120
|
+
|
121
|
+
if response[:verified]
|
122
|
+
login session
|
123
|
+
# The code is verified and redirected to dashboard/portal/protected area of app.
|
124
|
+
return redirect '/dashboard'
|
125
|
+
else
|
126
|
+
# The code is invalid and error message received from server is shown as error alert.
|
127
|
+
return erb :verify, layout: :index, locals: { alert: { message: response[:message], type: 'error' } }
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
get '/dashboard' do
|
132
|
+
# If not logged in, redirected to logout.
|
133
|
+
return redirect '/logout' if !is_logged_in? session
|
134
|
+
|
135
|
+
# Login criteria is fulfilled, renders dashboard/portal/protected area of app
|
136
|
+
erb :dashboard, layout: :index
|
137
|
+
end
|
138
|
+
|
139
|
+
get '/logout' do
|
140
|
+
# Logged in session is cleared
|
141
|
+
logout session
|
142
|
+
|
143
|
+
redirect '/login'
|
144
|
+
end
|
145
|
+
end
|