rails_base 0.75.6 → 0.80.0

metadata

@@ -1,45 +1,45 @@
 --- !ruby/object:Gem::Specification
 name: rails_base
 version: !ruby/object:Gem::Version
-  version: 0.75.6
+  version: 0.80.0
 platform: ruby
 authors:
 - Matt Taylor
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-04-21 00:00:00.000000000 Z
+date: 2024-09-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: allow_numeric
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: zeitwerk
+  name: bootstrap
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.6.5
+        version: 4.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.6.5
+        version: 4.6.0
 - !ruby/object:Gem::Dependency
-  name: mysql2
+  name: browser
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -53,7 +53,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: sass-rails
+  name: coffee-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -67,7 +67,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: uglifier
+  name: devise
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -81,7 +81,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: turbolinks
+  name: dotiw
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -95,7 +95,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: coffee-rails
+  name: interactor
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -129,63 +129,91 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 4.3.3
 - !ruby/object:Gem::Dependency
-  name: rails-ujs
+  name: jquery_mask_rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: bootstrap
+  name: mysql2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6'
+- !ruby/object:Gem::Dependency
+  name: rails-ujs
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.6.0
+        version: 0.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.6.0
+        version: 0.1.0
 - !ruby/object:Gem::Dependency
-  name: devise
+  name: redis
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 4.2.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 4.2.5
 - !ruby/object:Gem::Dependency
-  name: twilio-ruby
+  name: redis-namespace
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.8.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.8.1
 - !ruby/object:Gem::Dependency
-  name: interactor
+  name: rotp
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -199,7 +227,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: allow_numeric
+  name: rqrcode
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -213,7 +241,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: jquery_mask_rails
+  name: sass-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -227,7 +255,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: browser
+  name: switch_user
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -241,7 +269,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: dotiw
+  name: turbolinks
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -255,47 +283,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: redis
+  name: twilio-ruby
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.5
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.5
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: redis-namespace
+  name: uglifier
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.8.1
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.8.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: switch_user
+  name: zeitwerk
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.6.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.6.5
 - !ruby/object:Gem::Dependency
   name: annotate
   requirement: !ruby/object:Gem::Requirement
@@ -311,21 +339,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: spring-watcher-listen
+  name: capybara
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.15'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.15'
 - !ruby/object:Gem::Dependency
-  name: spring
+  name: listen
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -339,7 +367,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: listen
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -353,7 +381,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: web-console
+  name: pry-nav
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -367,7 +395,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: pry-stack_explorer
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -381,7 +409,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry-nav
+  name: spring
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -395,7 +423,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry-stack_explorer
+  name: spring-watcher-listen
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -409,19 +437,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: capybara
+  name: web-console
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2.15'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2.15'
+        version: '0'
 description: Rails Engine that handles authentication, admin, 2fa, audit tracking,
   with insane configuration abilites
 email:
@@ -438,6 +466,7 @@ files:
 - app/assets/javascripts/rails_base/admin.js
 - app/assets/javascripts/rails_base/application.js
 - app/assets/javascripts/rails_base/mfa_auth.coffee
+- app/assets/javascripts/rails_base/rails_base_query_checker.js
 - app/assets/javascripts/rails_base/secondary_authentication.coffee
 - app/assets/javascripts/rails_base/sessions.js
 - app/assets/javascripts/rails_base/user_settings.coffee
@@ -449,7 +478,11 @@ files:
 - app/assets/stylesheets/rails_base/user_settings.scss
 - app/controllers/rails_base/admin_controller.rb
 - app/controllers/rails_base/errors_controller.rb
-- app/controllers/rails_base/mfa_auth_controller.rb
+- app/controllers/rails_base/mfa/evaluation_controller.rb
+- app/controllers/rails_base/mfa/register/sms_controller.rb
+- app/controllers/rails_base/mfa/register/totp_controller.rb
+- app/controllers/rails_base/mfa/validate/sms_controller.rb
+- app/controllers/rails_base/mfa/validate/totp_controller.rb
 - app/controllers/rails_base/secondary_authentication_controller.rb
 - app/controllers/rails_base/switch_user_controller.rb
 - app/controllers/rails_base/user_settings_controller.rb
@@ -470,9 +503,14 @@ files:
 - app/mailers/rails_base/application_mailer.rb
 - app/mailers/rails_base/email_verification_mailer.rb
 - app/mailers/rails_base/event_mailer.rb
+- app/mailers/rails_base/mailer_kwarg_inject.rb
 - app/models/admin_action.rb
 - app/models/rails_base/application_record.rb
 - app/models/rails_base/user_constants.rb
+- app/models/rails_base/user_helper/totp.rb
+- app/models/rails_base/user_helper/totp/backup_method_options.rb
+- app/models/rails_base/user_helper/totp/class_options.rb
+- app/models/rails_base/user_helper/totp/consume_method_options.rb
 - app/models/secret.rb
 - app/models/short_lived_data.rb
 - app/models/user.rb
@@ -482,11 +520,8 @@ files:
 - app/services/rails_base/authentication/constants.rb
 - app/services/rails_base/authentication/decision_twofa_type.rb
 - app/services/rails_base/authentication/destroy_user.rb
-- app/services/rails_base/authentication/mfa_set_encrypt_token.rb
-- app/services/rails_base/authentication/mfa_validator.rb
 - app/services/rails_base/authentication/modify_password.rb
 - app/services/rails_base/authentication/send_forgot_password.rb
-- app/services/rails_base/authentication/send_login_mfa_to_user.rb
 - app/services/rails_base/authentication/send_verification_email.rb
 - app/services/rails_base/authentication/session_token_verifier.rb
 - app/services/rails_base/authentication/single_sign_on_create.rb
@@ -497,6 +532,21 @@ files:
 - app/services/rails_base/authentication/verify_forgot_password.rb
 - app/services/rails_base/email_change.rb
 - app/services/rails_base/encryption.rb
+- app/services/rails_base/mfa.rb
+- app/services/rails_base/mfa/decision.rb
+- app/services/rails_base/mfa/encrypt_token.rb
+- app/services/rails_base/mfa/sms/remove.rb
+- app/services/rails_base/mfa/sms/send.rb
+- app/services/rails_base/mfa/sms/validate.rb
+- app/services/rails_base/mfa/strategy/base.rb
+- app/services/rails_base/mfa/strategy/every_request.rb
+- app/services/rails_base/mfa/strategy/skip_every_request.rb
+- app/services/rails_base/mfa/strategy/time_based.rb
+- app/services/rails_base/mfa/totp/helper.rb
+- app/services/rails_base/mfa/totp/otp_metadata.rb
+- app/services/rails_base/mfa/totp/remove.rb
+- app/services/rails_base/mfa/totp/validate_code.rb
+- app/services/rails_base/mfa/totp/validate_temporary_code.rb
 - app/services/rails_base/name_change.rb
 - app/services/rails_base/service_base.rb
 - app/services/rails_base/service_logging.rb
@@ -528,10 +578,12 @@ files:
 - app/views/rails_base/errors/not_found.html.erb
 - app/views/rails_base/errors/unacceptable.html.erb
 - app/views/rails_base/event_mailer/event.html.erb
-- app/views/rails_base/mfa_auth/mfa_code.html.erb
+- app/views/rails_base/mfa/_switch_mfa_type.html.erb
+- app/views/rails_base/mfa/validate/sms/sms_event_input.html.erb
+- app/views/rails_base/mfa/validate/totp/totp_event_input.html.erb
 - app/views/rails_base/secondary_authentication/after_email_login_session_new.html.erb
-- app/views/rails_base/secondary_authentication/forgot_password.html.erb
 - app/views/rails_base/secondary_authentication/remove_me.html.erb
+- app/views/rails_base/secondary_authentication/reset_password_input.html.erb
 - app/views/rails_base/secondary_authentication/static.html.erb
 - app/views/rails_base/shared/_admin_actions_modal.html.erb
 - app/views/rails_base/shared/_admin_config_class.html.erb
@@ -560,6 +612,14 @@ files:
 - app/views/rails_base/shared/_session_create_form.html.erb
 - app/views/rails_base/shared/_session_timeout_modal.html.erb
 - app/views/rails_base/shared/_standardized_collapse.html.erb
+- app/views/rails_base/shared/mfa/sms/_login_input.html.erb
+- app/views/rails_base/shared/mfa/totp/_login_input.html.erb
+- app/views/rails_base/shared/totp/_add_authenticator.html.erb
+- app/views/rails_base/shared/totp/_add_authenticator_modal.html.erb
+- app/views/rails_base/shared/totp/_confirm_code.html.erb
+- app/views/rails_base/shared/totp/_confirm_code_ajax.html.erb
+- app/views/rails_base/shared/totp/_confirm_code_rest.html.erb
+- app/views/rails_base/shared/totp/_remove_authenticator_modal.html.erb
 - app/views/rails_base/switch_user/_widget.html.erb
 - app/views/rails_base/user_settings/_confirm_destroy_user.html.erb
 - app/views/rails_base/user_settings/_destroy_user.html.erb
@@ -581,6 +641,8 @@ files:
 - db/migrate/20210212190537_create_rails_base_short_lived_data.rb
 - db/migrate/20210212192645_create_rails_base_secrets.rb
 - db/migrate/20210406015744_create_rails_base_admin_actions.rb
+- db/migrate/20240808013706_add_totp_to_users.rb
+- db/migrate/20240825012724_reconfigure_mfa_variable_names.rb
 - db/seeds.rb
 - lib/link_decision_helper.rb
 - lib/rails_base.rb
@@ -620,8 +682,11 @@ files:
 - lib/rails_base/configuration/owner.rb
 - lib/rails_base/configuration/redis.rb
 - lib/rails_base/configuration/templates.rb
+- lib/rails_base/configuration/totp.rb
+- lib/rails_base/configuration/twilio.rb
 - lib/rails_base/configuration/user.rb
 - lib/rails_base/engine.rb
+- lib/rails_base/mfa_event.rb
 - lib/rails_base/switch_user_helper.rb
 - lib/rails_base/version.rb
 - lib/tasks/rails_base_tasks.rake
@@ -637,16 +702,16 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - "~>"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.19
+rubygems_version: 3.5.9
 signing_key: 
 specification_version: 4
 summary: Rails engine that takes care of the stuff you dont want to!

data/app/controllers/rails_base/mfa_auth_controller.rb

@@ -1,50 +0,0 @@
-module RailsBase
-  class MfaAuthController < RailsBaseApplicationController
-    before_action :validate_token, only: [:mfa_code, :mfa_code_verify, :resend_mfa]
-
-    # GET /mfa_verify
-    def mfa_code
-      @masked_phone = User.find(@token_verifier.user_id).masked_phone
-    end
-
-    # POST /mfa_verify
-    def mfa_code_verify
-      mfa_validity = RailsBase::Authentication::MfaValidator.call(params: params, session_mfa_user_id: @token_verifier.user_id)
-      if mfa_validity.failure?
-        redirect_to(mfa_validity.redirect_url, alert: mfa_validity.message)
-        return
-      end
-
-      mfa_validity.user.set_last_mfa_login!
-
-      sign_in(mfa_validity.user)
-      redirect_to RailsBase.url_routes.authenticated_root_path, notice: "Welcome #{mfa_validity.user.full_name}"
-    end
-
-    # POST /mfa_verify
-    def resend_mfa
-      user = User.find(@token_verifier.user_id)
-      mfa_token = RailsBase::Authentication::SendLoginMfaToUser.call(user: user)
-      if mfa_token.failure?
-        flash[:error] = mfa_token.message
-        session[:mfa_randomized_token] = nil
-        redirect_to RailsBase.url_routes.new_user_session_path, email: params.dig(:user,:email), alert: mfa_token.message
-        return
-      end
-      expired_at = Time.zone.parse(@token_verifier.expires_at)
-      session[:mfa_randomized_token] =
-        RailsBase::Authentication::MfaSetEncryptToken.call(user: user, expires_at: expired_at).encrypted_val
-
-      redirect_to RailsBase.url_routes.mfa_code_path, notice: "MFA has been sent via SMS to number on file"
-    end
-
-    def validate_token
-      @token_verifier =
-        RailsBase::Authentication::SessionTokenVerifier.call(mfa_randomized_token: session[:mfa_randomized_token])
-      return if @token_verifier.success?
-
-      redirect_to RailsBase.url_routes.new_user_session_path, alert: @token_verifier.message
-      return false
-    end
-  end
-end

data/app/services/rails_base/authentication/mfa_set_encrypt_token.rb

@@ -1,32 +0,0 @@
-module RailsBase::Authentication
-	class MfaSetEncryptToken < RailsBase::ServiceBase
-		delegate :user, to: :context
-		delegate :expires_at, to: :context
-		delegate :purpose, to: :context
-
-		def call
-			params = {
-				value: value,
-				purpose: purpose || Constants::MSET_PURPOSE,
-				expires_at: expires_at
-			}
-
-			context.encrypted_val = RailsBase::Encryption.encode(**params)
-		end
-
-		def value
-			# user_id with the same expires_at will return the same Encryption token
-			# to overcome this, do 2 things
-			# 1: Rotate the secret on every boot (ensures tplem changes on semi regular basis)
-			# 2: Add rand strings to the hash -- Ensures the token is different every time
-			{ user_id: user.id, rand: rand.to_s, expires_at: expires_at }.to_json
-		end
-
-		def validate!
-			raise "Expected user to be a User. Received #{user.class}" unless user.is_a? User
-
-			time_class = ActiveSupport::TimeWithZone
-			raise "Expected expires_at to be a Received #{time_class}. Received #{expires_at.class}" unless expires_at.is_a? time_class
-		end
-	end
-end

data/app/services/rails_base/authentication/mfa_validator.rb

@@ -1,88 +0,0 @@
-module RailsBase::Authentication
-	class MfaValidator < RailsBase::ServiceBase
-		delegate :params, to: :context
-		delegate :session_mfa_user_id, to: :context
-		delegate :current_user, to: :context
-		delegate :input_reason, to: :context
-
-		def call
-			array = convert_to_array
-			if array.length != Constants::MFA_LENGTH
-				log(level: :warn, msg: "Not enough params for MFA code. Given #{array}. Expected of length #{Constants::MFA_LENGTH}")
-				context.fail!(message: Constants::MV_FISHY, redirect_url: Constants::URL_HELPER.new_user_session_path, level: :alert)
-			end
-
-			mfa_code = array.join
-			log(level: :info, msg: "mfa code received: #{mfa_code}")
-			datum = get_short_lived_datum(mfa_code)
-			log(level: :info, msg: "Datum returned with: #{datum}")
-
-			validate_datum?(datum)
-			validate_user_consistency?(datum)
-			validate_current_user?(datum) if current_user
-
-			context.user = datum[:user]
-		end
-
-		def validate_current_user?(datum)
-			return true if current_user.id == datum[:user].id
-
-			# User MFA for a different user matched the session token
-			# However, those did not match the current user signed in
-			# Something is very 🐟
-			log(level: :error, msg: "Someone is a teapot. Current logged in user does not equal mfa code.")
-			context.fail!(message: 'You are a teapot', redirect_url: Constants::URL_HELPER.signout_path, level: :warn)
-		end
-
-		def validate_datum?(datum)
-			return true if datum[:valid]
-
-			if datum[:found]
-				# MFA is either expired or the incorrect reason. Either way it does not match
-				msg = "Errors with MFA: #{datum[:invalid_reason].join(", ")}. Please login again"
-				log(level: :warn, msg: msg)
-				context.fail!(message: msg, redirect_url: Constants::URL_HELPER.new_user_session_path, level: :warn)
-			end
-
-			# MFA does not exist for any reason type
-			log(level: :warn, msg: "Could not find MFA code. Incorrect MFA code")
-
-			context.fail!(message: "Incorrect MFA code.", redirect_url: Constants::URL_HELPER.mfa_code_path, level: :warn)
-		end
-
-		def validate_user_consistency?(datum)
-			return true if datum[:user].id == session_mfa_user_id.to_i
-			log(level: :warn, msg: "Datum user does not match session user. [#{datum[:user].id}, #{session_mfa_user_id.to_i}]")
-
-			# MFA session token user does not match the datum user
-			# Something is very 🐟
-			context.fail!(message: Constants::MV_FISHY, redirect_url: Constants::URL_HELPER.new_user_session_path, level: :alert)
-		end
-
-		def get_short_lived_datum(mfa_code)
-			log(level: :debug, msg: "Looking for #{mfa_code} with reason #{reason}")
-			ShortLivedData.find_datum(data: mfa_code, reason: reason)
-		end
-
-		def convert_to_array
-			array = []
-			return array unless params.dig(:mfa).respond_to? :keys
-
-			Constants::MFA_LENGTH.times do |index|
-				var_name = "#{Constants::MV_BASE_NAME}#{index}".to_sym
-				array << params[:mfa][var_name]
-			end
-
-			array.compact
-		end
-
-		def reason
-			input_reason || Constants::MFA_REASON
-		end
-
-		def validate!
-			raise 'Expected the params passed' if params.nil?
-			raise 'session_mfa_user_id is not present' if session_mfa_user_id.nil?
-		end
-	end
-end