module Rodauth

  1. lib/rodauth.rb
  2. lib/rodauth/features/account_expiration.rb
  3. lib/rodauth/features/base.rb
  4. lib/rodauth/features/change_login.rb
  5. lib/rodauth/features/change_password.rb
  6. lib/rodauth/features/change_password_notify.rb
  7. lib/rodauth/features/close_account.rb
  8. lib/rodauth/features/confirm_password.rb
  9. lib/rodauth/features/create_account.rb
  10. lib/rodauth/features/disallow_common_passwords.rb
  11. lib/rodauth/features/disallow_password_reuse.rb
  12. lib/rodauth/features/email_auth.rb
  13. lib/rodauth/features/email_base.rb
  14. lib/rodauth/features/http_basic_auth.rb
  15. lib/rodauth/features/jwt.rb
  16. lib/rodauth/features/jwt_cors.rb
  17. lib/rodauth/features/jwt_refresh.rb
  18. lib/rodauth/features/lockout.rb
  19. lib/rodauth/features/login.rb
  20. lib/rodauth/features/login_password_requirements_base.rb
  21. lib/rodauth/features/logout.rb
  22. lib/rodauth/features/otp.rb
  23. lib/rodauth/features/password_complexity.rb
  24. lib/rodauth/features/password_expiration.rb
  25. lib/rodauth/features/password_grace_period.rb
  26. lib/rodauth/features/recovery_codes.rb
  27. lib/rodauth/features/remember.rb
  28. lib/rodauth/features/reset_password.rb
  29. lib/rodauth/features/session_expiration.rb
  30. lib/rodauth/features/single_session.rb
  31. lib/rodauth/features/sms_codes.rb
  32. lib/rodauth/features/two_factor_base.rb
  33. lib/rodauth/features/update_password_hash.rb
  34. lib/rodauth/features/verify_account.rb
  35. lib/rodauth/features/verify_account_grace_period.rb
  36. lib/rodauth/features/verify_change_login.rb
  37. lib/rodauth/features/verify_login_change.rb
  38. lib/rodauth/migrations.rb
  39. lib/rodauth/version.rb
  40. show all

Methods

Public Class

  1. configure
  2. create_database_authentication_functions
  3. create_database_previous_password_check_functions
  4. drop_database_authentication_functions
  5. drop_database_previous_password_check_functions
  6. load_dependencies
  7. new
  8. version

Public Instance

  1. _account_from_email_auth_key
  2. _account_from_login
  3. _account_from_reset_password_key
  4. _account_from_session
  5. _account_from_unlock_key
  6. _account_from_verify_account_key
  7. _account_from_verify_login_change_key
  8. _email_auth_request
  9. _field_attributes
  10. _field_error_attributes
  11. _formatted_field_error
  12. _json_response_body
  13. _login
  14. _new_account
  15. _otp
  16. _otp_add_key
  17. _otp_key
  18. _otp_tmp_key
  19. _recovery_codes
  20. _sms
  21. _two_factor_auth_required_redirect
  22. _update_login
  23. _view
  24. _view_opts
  25. account_activity_ds
  26. account_ds
  27. account_expired?
  28. account_expired_at
  29. account_from_email_auth_key
  30. account_from_key
  31. account_from_login
  32. account_from_reset_password_key
  33. account_from_session
  34. account_from_unlock_key
  35. account_from_verify_account_key
  36. account_from_verify_login_change_key
  37. account_id
  38. account_in_unverified_grace_period?
  39. account_initial_status_value
  40. account_lockouts_ds
  41. account_login_failures_ds
  42. account_model
  43. account_password_hash_column
  44. account_session_status_filter
  45. active_remember_key_ds
  46. add_field_error_class
  47. add_previous_password_hash
  48. add_recovery_code
  49. add_recovery_codes
  50. add_remember_key
  51. after_change_login
  52. after_change_password
  53. after_close_account
  54. after_confirm_password
  55. after_create_account
  56. after_login
  57. after_login_entered_during_multi_phase_login
  58. after_login_failure
  59. after_logout
  60. after_reset_password
  61. allow_resending_verify_account_email?
  62. already_logged_in
  63. auth_class_eval
  64. authenticated?
  65. base32_encode
  66. before_change_login_route
  67. before_change_password_route
  68. before_login_attempt
  69. before_logout
  70. before_otp_authentication_route
  71. before_otp_setup_route
  72. before_reset_password
  73. before_reset_password_request
  74. before_rodauth
  75. before_unlock_account
  76. before_unlock_account_request
  77. before_view_recovery_codes
  78. button
  79. button_opts
  80. can_add_recovery_codes?
  81. catch_error
  82. change_login
  83. change_login_notice_flash
  84. change_login_requires_password?
  85. change_password_requires_password?
  86. check_account_expiration
  87. check_already_logged_in
  88. check_password_change_allowed
  89. check_session_expiration
  90. check_single_session
  91. clear_cached_otp
  92. clear_invalid_login_attempts
  93. clear_remembered_session_key
  94. clear_session
  95. close_account
  96. close_account_requires_password?
  97. compute_hmac
  98. compute_raw_hmac
  99. confirm_password
  100. confirm_password_redirect
  101. convert_email_token_key
  102. convert_session_key
  103. convert_timestamp
  104. convert_token_key
  105. create_account_autologin?
  106. create_account_link
  107. create_account_notice_flash
  108. create_account_set_password?
  109. create_email
  110. create_email_auth_email
  111. create_email_auth_key
  112. create_email_to
  113. create_password_changed_email
  114. create_reset_password_email
  115. create_reset_password_key
  116. create_unlock_account_email
  117. create_verify_account_email
  118. create_verify_account_key
  119. create_verify_login_change_email
  120. create_verify_login_change_key
  121. csrf_tag
  122. currently_active_session?
  123. db
  124. default_field_attributes
  125. delete_account
  126. delete_account_on_close?
  127. disable_remember_login
  128. email_auth_ds
  129. email_auth_email_body
  130. email_auth_email_link
  131. email_auth_email_recently_sent?
  132. email_auth_key_insert_hash
  133. email_auth_request_form
  134. email_from
  135. email_to
  136. expire_session
  137. features
  138. field_attributes
  139. field_error
  140. field_error_attributes
  141. flash
  142. force_email_auth?
  143. forget_login
  144. formatted_field_error
  145. function_name
  146. generate_email_auth_key_value
  147. generate_remember_key_value
  148. generate_reset_password_key_value
  149. generate_unlock_account_key
  150. generate_verify_account_key_value
  151. generate_verify_login_change_key_value
  152. get_activity_timestamp
  153. get_email_auth_email_last_sent
  154. get_email_auth_key
  155. get_password_changed_at
  156. get_password_hash
  157. get_password_reset_key
  158. get_remember_key
  159. get_reset_password_email_last_sent
  160. get_unlock_account_email_last_sent
  161. get_unlock_account_key
  162. get_verify_account_email_last_sent
  163. get_verify_account_key
  164. get_verify_login_change_login_and_key
  165. include_success_messages?
  166. input_field_string
  167. invalid_login_attempted
  168. invalid_previous_password_message
  169. json_request?
  170. json_response
  171. jwt_cors_allow?
  172. jwt_payload
  173. jwt_secret
  174. jwt_session_hash
  175. jwt_token
  176. last_account_activity_at
  177. last_account_login_at
  178. load_memory
  179. loaded_templates
  180. locked_out?
  181. logged_in_via_remember_key?
  182. login_confirm_label
  183. login_does_not_meet_requirements_message
  184. login_failed_reset_password_request_form
  185. login_form_footer
  186. login_hidden_field
  187. login_meets_email_requirements?
  188. login_meets_length_requirements?
  189. login_meets_requirements?
  190. login_required
  191. login_too_long_message
  192. login_too_short_message
  193. logout
  194. modifications_require_password?
  195. new_account
  196. new_recovery_code
  197. no_longer_active_session
  198. only_json?
  199. open_account?
  200. otp_add_key
  201. otp_auth_form_footer
  202. otp_exists?
  203. otp_hmac_secret
  204. otp_issuer
  205. otp_key_ds
  206. otp_keys_use_hmac?
  207. otp_locked_out?
  208. otp_lockout_error_flash
  209. otp_lockout_redirect
  210. otp_new_secret
  211. otp_provisioning_name
  212. otp_provisioning_uri
  213. otp_qr_code
  214. otp_record_authentication_failure
  215. otp_remove
  216. otp_remove_auth_failures
  217. otp_tmp_key
  218. otp_update_last_use
  219. otp_user_key
  220. otp_valid_code?
  221. otp_valid_key?
  222. param
  223. param_or_nil
  224. password_changed_email_body
  225. password_confirm_label
  226. password_does_not_contain_null_byte?
  227. password_does_not_meet_requirements_message
  228. password_doesnt_match_previous_password?
  229. password_expiration_ds
  230. password_expired?
  231. password_has_enough_character_groups?
  232. password_has_no_invalid_pattern?
  233. password_hash
  234. password_hash_cost
  235. password_hash_ds
  236. password_match?
  237. password_meets_length_requirements?
  238. password_meets_requirements?
  239. password_not_in_dictionary?
  240. password_not_one_of_the_most_common?
  241. password_not_too_many_repeating_characters?
  242. password_one_of_most_common?
  243. password_recently_entered?
  244. password_reset_ds
  245. password_too_many_repeating_characters_message
  246. password_too_short_message
  247. post_configure
  248. previous_password_ds
  249. raises_uniqueness_violation?
  250. random_key
  251. recovery_code_match?
  252. recovery_codes_ds
  253. recovery_codes_primary?
  254. recovery_codes_remove
  255. redirect
  256. remember_key_ds
  257. remember_login
  258. remove_email_auth_key
  259. remove_lockout_metadata
  260. remove_remember_key
  261. remove_reset_password_key
  262. remove_verify_account_key
  263. remove_verify_login_change_key
  264. render
  265. request
  266. require_account
  267. require_account_session
  268. require_authentication
  269. require_current_password
  270. require_login
  271. require_otp_setup
  272. require_sms_available
  273. require_sms_not_setup
  274. require_sms_setup
  275. require_two_factor_authenticated
  276. require_two_factor_not_authenticated
  277. require_two_factor_setup
  278. reset_password_email_body
  279. reset_password_email_link
  280. reset_password_email_recently_sent?
  281. reset_password_key_insert_hash
  282. reset_password_request_link
  283. reset_single_session_key
  284. response
  285. retry_on_uniqueness_violation
  286. return_json_response
  287. route!
  288. save_account
  289. send_email_auth_email
  290. send_password_changed_email
  291. send_reset_password_email
  292. send_unlock_account_email
  293. send_verify_account_email
  294. send_verify_login_change_email
  295. session
  296. session_expiration_redirect
  297. session_jwt
  298. session_value
  299. set_deadline_value
  300. set_deadline_values?
  301. set_email_auth_email_last_sent
  302. set_error_flash
  303. set_expired
  304. set_field_error
  305. set_http_basic_auth_error_response
  306. set_jwt
  307. set_jwt_token
  308. set_last_password_entry
  309. set_new_account_password
  310. set_notice_flash
  311. set_notice_now_flash
  312. set_password
  313. set_redirect_error_flash
  314. set_redirect_error_status
  315. set_reset_password_email_last_sent
  316. set_response_error_status
  317. set_session_value
  318. set_single_session_key
  319. set_title
  320. set_unlock_account_email_last_sent
  321. set_verify_account_email_last_sent
  322. setup_account_verification
  323. show_lockout_page
  324. single_session_ds
  325. skip_login_field_on_login?
  326. skip_password_field_on_login?
  327. skip_status_checks?
  328. sms_auth_message
  329. sms_available?
  330. sms_code
  331. sms_code_issued_at
  332. sms_code_match?
  333. sms_codes_primary?
  334. sms_confirm
  335. sms_confirm_failure
  336. sms_confirm_message
  337. sms_confirmation_match?
  338. sms_current_auth?
  339. sms_disable
  340. sms_ds
  341. sms_failures
  342. sms_locked_out?
  343. sms_needs_confirmation?
  344. sms_new_auth_code
  345. sms_new_confirm_code
  346. sms_normalize_phone
  347. sms_phone
  348. sms_record_failure
  349. sms_remove_failures
  350. sms_send
  351. sms_send_auth_code
  352. sms_send_confirm_code
  353. sms_set_code
  354. sms_setup
  355. sms_setup?
  356. sms_valid_phone?
  357. split_token
  358. template_path
  359. throw_basic_auth_error
  360. throw_error
  361. throw_error_status
  362. timing_safe_eql?
  363. token_link
  364. transaction
  365. two_factor_auth_fallback_redirect
  366. two_factor_auth_required_redirect
  367. two_factor_authenticate
  368. two_factor_authenticated?
  369. two_factor_authentication_setup?
  370. two_factor_modifications_require_password?
  371. two_factor_need_setup_redirect
  372. two_factor_password_match?
  373. two_factor_remove
  374. two_factor_remove_auth_failures
  375. two_factor_remove_session
  376. two_factor_update_session
  377. unique_constraint_violation_class
  378. unlock_account
  379. unlock_account_email_body
  380. unlock_account_email_link
  381. unlock_account_email_recently_sent?
  382. update_account
  383. update_activity
  384. update_hash_ds
  385. update_last_activity
  386. update_last_login
  387. update_login
  388. update_password_changed_at
  389. update_password_hash?
  390. update_session
  391. update_single_session_key
  392. update_sms
  393. use_database_authentication_functions?
  394. use_date_arithmetic?
  395. use_jwt?
  396. use_multi_phase_login?
  397. use_request_specific_csrf_tokens?
  398. uses_two_factor_authentication?
  399. valid_jwt?
  400. verified_account?
  401. verify_account
  402. verify_account_check_already_logged_in
  403. verify_account_ds
  404. verify_account_email_body
  405. verify_account_email_link
  406. verify_account_email_recently_sent?
  407. verify_account_email_resend
  408. verify_account_key_insert_hash
  409. verify_account_resend_link
  410. verify_login_change
  411. verify_login_change_ds
  412. verify_login_change_email_body
  413. verify_login_change_email_link
  414. verify_login_change_key_insert_hash
  415. verify_login_change_old_login
  416. view

Constants

FEATURES = {}  
JwtRefresh = Feature.define(:jwt_refresh) do depends :jwt after 'refresh_token' before 'refresh_token' auth_value_method :jwt_access_token_key, 'access_token' auth_value_method :jwt_access_token_not_before_period, 5 auth_value_method :jwt_access_token_period, 1800 auth_value_method :jwt_refresh_invalid_token_message, 'invalid JWT refresh token' auth_value_method :jwt_refresh_token_account_id_column, :account_id auth_value_method :jwt_refresh_token_deadline_column, :deadline auth_value_method :jwt_refresh_token_deadline_interval, {:days=>14} auth_value_method :jwt_refresh_token_id_column, :id auth_value_method :jwt_refresh_token_key, 'refresh_token' auth_value_method :jwt_refresh_token_key_column, :key auth_value_method :jwt_refresh_token_key_param, 'refresh_token' auth_value_method :jwt_refresh_token_table, :account_jwt_refresh_keys auth_private_methods( :account_from_refresh_token ) route do |r| r.post do if (refresh_token = param_or_nil(jwt_refresh_token_key_param)) && account_from_refresh_token(refresh_token) formatted_token = nil transaction do before_refresh_token formatted_token = generate_refresh_token remove_jwt_refresh_token_key(refresh_token) after_refresh_token end json_response[jwt_refresh_token_key] = formatted_token json_response[jwt_access_token_key] = session_jwt else json_response[json_response_error_key] = jwt_refresh_invalid_token_message response.status ||= json_response_error_status end response['Content-Type'] ||= json_response_content_type response.write(_json_response_body(json_response)) request.halt end end def update_session super # JWT login puts the access token in the header. # We put the refresh token in the body. # Note, do not put the access_token in the body here, as the access token content is not yet finalised. json_response['refresh_token'] = generate_refresh_token end def set_jwt_token(token) super if json_response[json_response_error_key] json_response.delete(jwt_access_token_key) else json_response[jwt_access_token_key] = token end end def jwt_session_hash h = super t = Time.now.to_i h[:exp] = t + jwt_access_token_period h[:iat] = t h[:nbf] = t - jwt_access_token_not_before_period h end def account_from_refresh_token(token) @account = _account_from_refresh_token(token) end private def _account_from_refresh_token(token) id, token = split_token(token) return unless id && token token_id, key = split_token(token) return unless token_id && key return unless actual = get_active_refresh_token(id, token_id) return unless timing_safe_eql?(key, convert_token_key(actual)) ds = account_ds(id) ds = ds.where(account_status_column=>account_open_status_value) unless skip_status_checks? ds.first end def get_active_refresh_token(account_id, token_id) jwt_refresh_token_account_ds(account_id). where(Sequel::CURRENT_TIMESTAMP > jwt_refresh_token_deadline_column). delete jwt_refresh_token_account_token_ds(account_id, token_id). get(jwt_refresh_token_key_column) end def jwt_refresh_token_account_ds(account_id) jwt_refresh_token_ds.where(jwt_refresh_token_account_id_column => account_id) end def jwt_refresh_token_account_token_ds(account_id, token_id) jwt_refresh_token_account_ds(account_id). where(jwt_refresh_token_id_column=>token_id) end def jwt_refresh_token_ds db[jwt_refresh_token_table] end def remove_jwt_refresh_token_key(token) account_id, token = split_token(token) token_id, _ = split_token(token) jwt_refresh_token_account_token_ds(account_id, token_id).delete end def generate_refresh_token hash = jwt_refresh_token_insert_hash [account_id, jwt_refresh_token_ds.insert(hash), convert_token_key(hash[jwt_refresh_token_key_column])].join(token_separator) end def jwt_refresh_token_insert_hash hash = {jwt_refresh_token_account_id_column => account_id, jwt_refresh_token_key_column => random_key} set_deadline_value(hash, jwt_refresh_token_deadline_column, jwt_refresh_token_deadline_interval) hash end def after_close_account jwt_refresh_token_account_ds(account_id).delete super if defined?(super) end end  
MAJOR = 1  

The major version of Rodauth, updated only for major changes that are likely to require modification to apps using Rodauth.

MINOR = 22  

The minor version of Rodauth, updated for new feature releases of Rodauth.

TINY = 0  

The patch version of Rodauth, updated only for bug fixes from the last feature release.

VERSION = "#{MAJOR}.#{MINOR}.#{TINY}".freeze  

The full version of Rodauth as a string

VERSION_NUMBER = MAJOR*10000 + MINOR*100 + TINY  

The full version of Rodauth as a number (1.17.0 => 11700)

Public Instance Aliases

account_session_value -> account_id
ignore_uniqueness_violation -> raises_uniqueness_violation?

If you just want to ignore uniqueness violations, this alias makes more sense.

logged_in? -> session_value
raised_uniqueness_violation -> raises_uniqueness_violation?

If you would like to operate/reraise the exception, this alias makes more sense.

Public Class methods

configure (app, opts={}, &block)
[show source]
   # File lib/rodauth.rb
33 def self.configure(app, opts={}, &block)
34   app.opts[:rodauth_json] = opts.fetch(:json, app.opts[:rodauth_json])
35   app.opts[:rodauth_csrf] = opts.fetch(:csrf, app.opts[:rodauth_route_csrf])
36   auth_class = (app.opts[:rodauths] ||= {})[opts[:name]] ||= Class.new(Auth)
37   if !auth_class.roda_class
38     auth_class.roda_class = app
39   elsif auth_class.roda_class != app
40     auth_class = app.opts[:rodauths][opts[:name]] = Class.new(auth_class)
41     auth_class.roda_class = app
42   end
43   auth_class.configure(&block)
44 end
create_database_authentication_functions (db, opts={})
[show source]
    # File lib/rodauth/migrations.rb
  4   def self.create_database_authentication_functions(db, opts={})
  5     table_name = opts[:table_name] || :account_password_hashes
  6     get_salt_name = opts[:get_salt_name] || :rodauth_get_salt
  7     valid_hash_name = opts[:valid_hash_name] || :rodauth_valid_password_hash 
  8 
  9     case db.database_type
 10     when :postgres
 11       search_path = opts[:search_path] || 'public, pg_temp'
 12 
 13       db.run <<END
 14 CREATE OR REPLACE FUNCTION #{get_salt_name}(acct_id int8) RETURNS text AS $$
 15 DECLARE salt text;
 16 BEGIN
 17 SELECT substr(password_hash, 0, 30) INTO salt 
 18 FROM #{table_name}
 19 WHERE acct_id = id;
 20 RETURN salt;
 21 END;
 22 $$ LANGUAGE plpgsql
 23 SECURITY DEFINER
 24 SET search_path = #{search_path};
 25 END
 26 
 27       db.run <<END
 28 CREATE OR REPLACE FUNCTION #{valid_hash_name}(acct_id int8, hash text) RETURNS boolean AS $$
 29 DECLARE valid boolean;
 30 BEGIN
 31 SELECT password_hash = hash INTO valid 
 32 FROM #{table_name}
 33 WHERE acct_id = id;
 34 RETURN valid;
 35 END;
 36 $$ LANGUAGE plpgsql
 37 SECURITY DEFINER
 38 SET search_path = #{search_path};
 39 END
 40     when :mysql
 41       db.run <<END
 42 CREATE FUNCTION #{get_salt_name}(acct_id int8) RETURNS varchar(255)
 43 SQL SECURITY DEFINER
 44 READS SQL DATA
 45 BEGIN
 46 RETURN (SELECT substr(password_hash, 1, 30)
 47 FROM #{table_name}
 48 WHERE acct_id = id);
 49 END;
 50 END
 51 
 52       db.run <<END
 53 CREATE FUNCTION #{valid_hash_name}(acct_id int8, hash varchar(255)) RETURNS tinyint(1)
 54 SQL SECURITY DEFINER
 55 READS SQL DATA
 56 BEGIN
 57 DECLARE valid tinyint(1);
 58 DECLARE csr CURSOR FOR 
 59 SELECT password_hash = hash
 60 FROM #{table_name}
 61 WHERE acct_id = id;
 62 OPEN csr;
 63 FETCH csr INTO valid;
 64 CLOSE csr;
 65 RETURN valid;
 66 END;
 67 END
 68     when :mssql
 69       db.run <<END
 70 CREATE FUNCTION #{get_salt_name}(@account_id bigint) RETURNS nvarchar(255)
 71 WITH EXECUTE AS OWNER
 72 AS
 73 BEGIN
 74 DECLARE @salt nvarchar(255);
 75 SELECT @salt = substring(password_hash, 0, 30)
 76 FROM #{table_name}
 77 WHERE id = @account_id;
 78 RETURN @salt;
 79 END;
 80 END
 81 
 82       db.run <<END
 83 CREATE FUNCTION #{valid_hash_name}(@account_id bigint, @hash nvarchar(255)) RETURNS bit
 84 WITH EXECUTE AS OWNER
 85 AS
 86 BEGIN
 87 DECLARE @valid bit;
 88 DECLARE @ph nvarchar(255);
 89 SELECT @ph = password_hash
 90 FROM #{table_name}
 91 WHERE id = @account_id;
 92 IF(@hash = @ph)
 93   SET @valid = 1;
 94 ELSE
 95   SET @valid = 0
 96 RETURN @valid;
 97 END;
 98 END
 99     end
100   end
create_database_previous_password_check_functions (db, opts={})
[show source]
    # File lib/rodauth/migrations.rb
116 def self.create_database_previous_password_check_functions(db, opts={})
117   create_database_authentication_functions(db, {:table_name=>:account_previous_password_hashes, :get_salt_name=>:rodauth_get_previous_salt, :valid_hash_name=>:rodauth_previous_password_hash_match}.merge(opts))
118 end
drop_database_authentication_functions (db, opts={})
[show source]
    # File lib/rodauth/migrations.rb
102 def self.drop_database_authentication_functions(db, opts={})
103   get_salt_name = opts[:get_salt_name] || :rodauth_get_salt
104   valid_hash_name = opts[:valid_hash_name] || :rodauth_valid_password_hash 
105 
106   case db.database_type
107   when :postgres
108     db.run "DROP FUNCTION #{get_salt_name}(int8)"
109     db.run "DROP FUNCTION #{valid_hash_name}(int8, text)"
110   when :mysql, :mssql
111     db.run "DROP FUNCTION #{get_salt_name}"
112     db.run "DROP FUNCTION #{valid_hash_name}"
113   end
114 end
drop_database_previous_password_check_functions (db, opts={})
[show source]
    # File lib/rodauth/migrations.rb
120 def self.drop_database_previous_password_check_functions(db, opts={})
121   drop_database_authentication_functions(db, {:get_salt_name=>:rodauth_get_previous_salt, :valid_hash_name=>:rodauth_previous_password_hash_match}.merge(opts))
122 end
load_dependencies (app, opts={})
[show source]
   # File lib/rodauth.rb
 6 def self.load_dependencies(app, opts={})
 7   json_opt = opts.fetch(:json, app.opts[:rodauth_json])
 8   if json_opt
 9     app.plugin :json
10     app.plugin :json_parser
11   end
12 
13   unless json_opt == :only
14     require 'tilt/string'
15     app.plugin :render
16 
17     case opts.fetch(:csrf, app.opts[:rodauth_route_csrf])
18     when false
19       # nothing
20     when :route_csrf
21       app.plugin :route_csrf
22     else
23       # :nocov:
24       app.plugin :csrf
25       # :nocov:
26     end
27 
28     app.plugin :flash unless opts[:flash] == false
29     app.plugin :h
30   end
31 end
new (scope)
[show source]
    # File lib/rodauth/features/base.rb
117 def initialize(scope)
118   @scope = scope
119 end
version ()
[show source]
   # File lib/rodauth/version.rb
21 def self.version
22   VERSION
23 end

Public Instance methods

_account_from_email_auth_key (token)
[show source]
    # File lib/rodauth/features/email_auth.rb
251 def _account_from_email_auth_key(token)
252   account_from_key(token, account_open_status_value){|id| get_email_auth_key(id)}
253 end
_account_from_login (login)
[show source]
    # File lib/rodauth/features/base.rb
498 def _account_from_login(login)
499   ds = db[accounts_table].where(login_column=>login)
500   ds = ds.select(*account_select) if account_select
501   ds = ds.where(account_status_column=>[account_unverified_status_value, account_open_status_value]) unless skip_status_checks?
502   ds.first
503 end
_account_from_reset_password_key (token)
[show source]
    # File lib/rodauth/features/reset_password.rb
265 def _account_from_reset_password_key(token)
266   account_from_key(token, account_open_status_value){|id| get_password_reset_key(id)}
267 end
_account_from_session ()
[show source]
    # File lib/rodauth/features/base.rb
505 def _account_from_session
506   ds = account_ds(session_value)
507   ds = ds.where(account_session_status_filter) unless skip_status_checks?
508   ds.first
509 end
_account_from_unlock_key (token)
[show source]
    # File lib/rodauth/features/lockout.rb
306 def _account_from_unlock_key(token)
307   account_from_key(token){|id| account_lockouts_ds(id).get(account_lockouts_key_column)}
308 end
_account_from_verify_account_key (token)
[show source]
    # File lib/rodauth/features/verify_account.rb
314 def _account_from_verify_account_key(token)
315   account_from_key(token, account_unverified_status_value){|id| get_verify_account_key(id)}
316 end
_account_from_verify_login_change_key (token)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
206 def _account_from_verify_login_change_key(token)
207   account_from_key(token) do |id|
208     @verify_login_change_new_login, key = get_verify_login_change_login_and_key(id)
209     key
210   end
211 end
_email_auth_request ()
[show source]
    # File lib/rodauth/features/email_auth.rb
189 def _email_auth_request
190   if email_auth_email_recently_sent?
191     set_redirect_error_flash email_auth_email_recently_sent_error_flash
192     redirect email_auth_email_recently_sent_redirect
193   end
194 
195   generate_email_auth_key_value
196   transaction do
197     before_email_auth_request
198     create_email_auth_key
199     send_email_auth_email
200     after_email_auth_request
201   end
202 
203   set_notice_flash email_auth_email_sent_notice_flash
204 end
_field_attributes (field)
[show source]
    # File lib/rodauth/features/base.rb
515 def _field_attributes(field)
516   nil
517 end
_field_error_attributes (field)
[show source]
    # File lib/rodauth/features/base.rb
519 def _field_error_attributes(field)
520   " aria-invalid=\"true\" aria-describedby=\"#{field}_error_message\" "
521 end
_formatted_field_error (field, error)
[show source]
    # File lib/rodauth/features/base.rb
523 def _formatted_field_error(field, error)
524   "<span class=\"#{input_field_error_message_class}\" id=\"#{field}_error_message\">#{error}</span>"
525 end
_json_response_body (hash)
[show source]
    # File lib/rodauth/features/jwt.rb
217 def _json_response_body(hash)
218   request.send(:convert_to_json, hash)
219 end
_login ()
[show source]
   # File lib/rodauth/features/login.rb
86 def _login
87   transaction do
88     before_login
89     update_session
90     after_login
91   end
92   set_notice_flash login_notice_flash
93   redirect login_redirect
94 end
_new_account (login)
[show source]
    # File lib/rodauth/features/create_account.rb
124 def _new_account(login)
125   acc = {login_column=>login}
126   unless skip_status_checks?
127     acc[account_status_column] = account_initial_status_value
128   end
129   acc
130 end
_otp ()
[show source]
    # File lib/rodauth/features/otp.rb
406 def _otp
407   otp_class.new(otp_user_key, :issuer=>otp_issuer, :digits=>otp_digits, :interval=>otp_interval)
408 end
_otp_add_key (secret)
[show source]
    # File lib/rodauth/features/otp.rb
395 def _otp_add_key(secret)
396   # Uniqueness errors can't be handled here, as we can't be sure the secret provided
397   # is the same as the current secret.
398   otp_key_ds.insert(otp_keys_id_column=>session_value, otp_keys_column=>secret)
399 end
_otp_key ()
[show source]
    # File lib/rodauth/features/otp.rb
401 def _otp_key
402   @otp_user_key = nil
403   otp_key_ds.get(otp_keys_column)
404 end
_otp_tmp_key (secret)
[show source]
    # File lib/rodauth/features/otp.rb
390 def _otp_tmp_key(secret)
391   @otp_user_key = nil
392   @otp_key = secret
393 end
_recovery_codes ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
234 def _recovery_codes
235   recovery_codes_ds.select_map(recovery_codes_column)
236 end
_sms ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
497 def _sms
498   sms_ds.first
499 end
_two_factor_auth_required_redirect ()
[show source]
    # File lib/rodauth/features/two_factor_base.rb
145 def _two_factor_auth_required_redirect
146   two_factor_auth_required_redirect || two_factor_auth_fallback_redirect || default_redirect
147 end
_update_login (login)
[show source]
   # File lib/rodauth/features/change_login.rb
80 def _update_login(login)
81   updated = nil
82   raised = raises_uniqueness_violation?{updated = update_account({login_column=>login}, account_ds.exclude(login_column=>login)) == 1}
83   if raised
84     @login_requirement_message = already_an_account_with_this_login_message
85   end
86   updated && !raised
87 end
_view (meth, page)
[show source]
    # File lib/rodauth/features/base.rb
639 def _view(meth, page)
640   scope.send(meth, _view_opts(page))
641 end
_view_opts (page)
[show source]
    # File lib/rodauth/features/base.rb
624 def _view_opts(page)
625   opts = template_opts.dup
626   opts[:locals] = opts[:locals] ? opts[:locals].dup : {}
627   opts[:locals][:rodauth] = self
628   opts[:cache] = cache_templates
629   opts[:cache_key] = :"rodauth_#{page}"
630 
631   opts = scope.send(:find_template, scope.send(:parse_template_opts, page, opts))
632   unless File.file?(scope.send(:template_path, opts))
633     opts[:path] = template_path(page)
634   end
635 
636   opts
637 end
account_activity_ds (account_id)
[show source]
    # File lib/rodauth/features/account_expiration.rb
104 def account_activity_ds(account_id)
105   db[account_activity_table].
106     where(account_activity_id_column=>account_id)
107 end
account_ds (id=account_id)
[show source]
    # File lib/rodauth/features/base.rb
535 def account_ds(id=account_id)
536   raise ArgumentError, "invalid account id passed to account_ds" unless id
537   ds = db[accounts_table].where(account_id_column=>id)
538   ds = ds.select(*account_select) if account_select
539   ds
540 end
account_expired? ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
54 def account_expired?
55   columns = [account_activity_last_activity_column, account_activity_last_login_column, account_activity_expired_column]
56   last_activity, last_login, expired = account_activity_ds(account_id).get(columns)
57   return true if expired
58   timestamp = convert_timestamp(expire_account_on_last_activity? ? last_activity : last_login)
59   return false unless timestamp
60   timestamp < Time.now - expire_account_after
61 end
account_expired_at ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
35 def account_expired_at
36   get_activity_timestamp(account_id, account_activity_expired_column)
37 end
account_from_email_auth_key (key)
[show source]
    # File lib/rodauth/features/email_auth.rb
133 def account_from_email_auth_key(key)
134   @account = _account_from_email_auth_key(key)
135 end
account_from_key (token, status_id=nil)
[show source]
   # File lib/rodauth/features/email_base.rb
56 def account_from_key(token, status_id=nil)
57   id, key = split_token(token)
58   return unless id && key
59 
60   return unless actual = yield(id)
61 
62   unless timing_safe_eql?(key, convert_email_token_key(actual))
63     if hmac_secret && allow_raw_email_token?
64       return unless timing_safe_eql?(key, actual)
65     else
66       return
67     end
68   end
69 
70   ds = account_ds(id)
71   ds = ds.where(account_status_column=>status_id) if status_id && !skip_status_checks?
72   ds.first
73 end
account_from_login (login)
[show source]
    # File lib/rodauth/features/base.rb
213 def account_from_login(login)
214   @account = _account_from_login(login)
215 end
account_from_reset_password_key (key)
[show source]
   # File lib/rodauth/features/password_expiration.rb
45 def account_from_reset_password_key(key)
46   if a = super
47     check_password_change_allowed
48   end
49   a
50 end
account_from_session ()
[show source]
    # File lib/rodauth/features/base.rb
292 def account_from_session
293   @account = _account_from_session
294 end
account_from_unlock_key (key)
[show source]
    # File lib/rodauth/features/lockout.rb
215 def account_from_unlock_key(key)
216   @account = _account_from_unlock_key(key)
217 end
account_from_verify_account_key (key)
[show source]
    # File lib/rodauth/features/verify_account.rb
195 def account_from_verify_account_key(key)
196   @account = _account_from_verify_account_key(key)
197 end
account_from_verify_login_change_key (key)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
116 def account_from_verify_login_change_key(key)
117   @account = _account_from_verify_login_change_key(key)
118 end
account_id ()
[show source]
    # File lib/rodauth/features/base.rb
203 def account_id
204   account[account_id_column]
205 end
account_in_unverified_grace_period? ()
[show source]
   # File lib/rodauth/features/verify_account_grace_period.rb
66 def account_in_unverified_grace_period?
67   account[account_status_column] == account_unverified_status_value &&
68     verify_account_grace_period &&
69     !verify_account_ds.where(Sequel.date_add(verification_requested_at_column, :seconds=>verify_account_grace_period) > Sequel::CURRENT_TIMESTAMP).empty?
70 end
account_initial_status_value ()
[show source]
    # File lib/rodauth/features/base.rb
288 def account_initial_status_value
289   account_open_status_value
290 end
account_lockouts_ds (id=account_id)
[show source]
    # File lib/rodauth/features/lockout.rb
302 def account_lockouts_ds(id=account_id)
303   db[account_lockouts_table].where(account_lockouts_id_column=>id)
304 end
account_login_failures_ds ()
[show source]
    # File lib/rodauth/features/lockout.rb
298 def account_login_failures_ds
299   db[account_login_failures_table].where(account_login_failures_id_column=>account_id)
300 end
account_model (model)
[show source]
    # File lib/rodauth/features/base.rb
106 def account_model(model)
107   warn "account_model is deprecated, use db and accounts_table settings"
108   db model.db
109   accounts_table model.table_name
110   account_select model.dataset.opts[:select]
111 end
account_password_hash_column ()

If the account_password_hash_column is set, the password hash is verified in ruby, it will not use a database function to do so, it will check the password hash using bcrypt.

[show source]
    # File lib/rodauth/features/base.rb
228 def account_password_hash_column
229   nil
230 end
account_session_status_filter ()
[show source]
    # File lib/rodauth/features/base.rb
527 def account_session_status_filter
528   {account_status_column=>account_open_status_value}
529 end
active_remember_key_ds (id=account_id)
[show source]
    # File lib/rodauth/features/remember.rb
216 def active_remember_key_ds(id=account_id)
217   remember_key_ds(id).where(Sequel.expr(remember_deadline_column) > Sequel::CURRENT_TIMESTAMP)
218 end
add_field_error_class (field)
[show source]
    # File lib/rodauth/features/base.rb
158 def add_field_error_class(field)
159   if field_error(field)
160     " #{input_field_error_class}"
161   end
162 end
add_previous_password_hash (hash)
[show source]
   # File lib/rodauth/features/disallow_password_reuse.rb
25 def add_previous_password_hash(hash) 
26   ds = previous_password_ds
27   keep_before = ds.reverse(previous_password_id_column).
28     limit(nil, previous_passwords_to_check).
29     get(previous_password_id_column)
30 
31   if keep_before
32     ds.where(Sequel.expr(previous_password_id_column) <= keep_before).
33       delete
34   end
35 
36   # This should never raise uniqueness violations, as it uses a serial primary key
37   ds.insert(previous_password_account_id_column=>account_id, previous_password_hash_column=>hash)
38 end
add_recovery_code ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
215 def add_recovery_code
216   # This should never raise uniqueness violations unless the recovery code is the same, and the odds of that
217   # are 1/256**32 assuming a good random number generator.  Still, attempt to handle that case by retrying
218   # on such a uniqueness violation.
219   retry_on_uniqueness_violation do
220     recovery_codes_ds.insert(recovery_codes_id_column=>session_value, recovery_codes_column=>new_recovery_code)
221   end
222 end
add_recovery_codes (number)
[show source]
    # File lib/rodauth/features/recovery_codes.rb
205 def add_recovery_codes(number)
206   return if number <= 0
207   transaction do
208     number.times do
209       add_recovery_code
210     end
211   end
212   remove_instance_variable(:@recovery_codes)
213 end
add_remember_key ()
[show source]
    # File lib/rodauth/features/remember.rb
162 def add_remember_key
163   hash = {remember_id_column=>account_id, remember_key_column=>remember_key_value}
164   set_deadline_value(hash, remember_deadline_column, remember_deadline_interval)
165 
166   if e = raised_uniqueness_violation{remember_key_ds.insert(hash)}
167     # If inserting into the remember key table causes a violation, we can pull the
168     # existing row from the table.  If there is no invalid row, we can then reraise.
169     raise e unless @remember_key_value = active_remember_key_ds.get(remember_key_column)
170   end
171 end
after_change_login ()
[show source]
   # File lib/rodauth/features/verify_change_login.rb
13 def after_change_login
14   super
15   update_account(account_status_column=>account_unverified_status_value)
16   setup_account_verification
17   session[unverified_account_session_key] = true
18 end
after_change_password ()
[show source]
   # File lib/rodauth/features/change_password_notify.rb
31 def after_change_password
32   super
33   send_password_changed_email
34 end
after_close_account ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
94 def after_close_account
95   super if defined?(super)
96   account_activity_ds(account_id).delete
97 end
after_confirm_password ()
[show source]
    # File lib/rodauth/features/remember.rb
197 def after_confirm_password
198   super
199   clear_remembered_session_key
200 end
after_create_account ()
[show source]
   # File lib/rodauth/features/disallow_password_reuse.rb
72 def after_create_account
73   if account_password_hash_column && !(respond_to?(:verify_account_set_password?) && verify_account_set_password?)
74     add_previous_password_hash(password_hash(param(password_param)))
75   end
76   super if defined?(super)
77 end
after_login ()
[show source]
    # File lib/rodauth/features/email_auth.rb
208 def after_login
209   # Remove the email auth key after any login, even if
210   # it is a password login.  This is done to invalidate
211   # the email login when a user has a password and requests
212   # email authentication, but then remembers their password
213   # and doesn't need the link.  At that point, the link
214   # that allows login access to the account becomes a
215   # security liability, and it is best to remove it.
216   remove_email_auth_key
217   super if defined?(super)
218 end
after_login_entered_during_multi_phase_login ()
[show source]
    # File lib/rodauth/features/email_auth.rb
161 def after_login_entered_during_multi_phase_login
162   if force_email_auth?
163     # If the account does not have a password hash, just send the
164     # email link.
165     _email_auth_request
166     redirect email_auth_email_sent_redirect
167   else
168     # If the account has a password hash, allow password login, but
169     # show form below to also login via email link.
170     super
171     @email_auth_request_form = email_auth_request_form
172   end
173 end
after_login_failure ()
[show source]
    # File lib/rodauth/features/lockout.rb
256 def after_login_failure
257   invalid_login_attempted
258   super
259 end
after_logout ()
[show source]
    # File lib/rodauth/features/remember.rb
187 def after_logout
188   forget_login
189   super if defined?(super)
190 end
after_reset_password ()
[show source]
   # File lib/rodauth/features/password_grace_period.rb
27 def after_reset_password
28   super if defined?(super)
29   @last_password_entry = Time.now.to_i
30 end
allow_resending_verify_account_email? ()
[show source]
    # File lib/rodauth/features/verify_account.rb
161 def allow_resending_verify_account_email?
162   account[account_status_column] == account_unverified_status_value
163 end
already_logged_in ()
[show source]
    # File lib/rodauth/features/base.rb
236 def already_logged_in
237   nil
238 end
auth_class_eval (&block)
[show source]
    # File lib/rodauth/features/base.rb
102 def auth_class_eval(&block)
103   auth.class_eval(&block)
104 end
authenticated? ()
[show source]
    # File lib/rodauth/features/base.rb
280 def authenticated?
281   logged_in?
282 end
base32_encode (data, length)

:nocov:

[show source]
    # File lib/rodauth/features/otp.rb
378 def base32_encode(data, length)
379   chars = 'abcdefghijklmnopqrstuvwxyz234567'
380   length.times.map{|i|chars[data[i] % 32].chr}.join
381 end
before_change_login_route ()
[show source]
   # File lib/rodauth/features/verify_account_grace_period.rb
36 def before_change_login_route
37   unless verified_account?
38     set_redirect_error_flash unverified_change_login_error_flash
39     redirect unverified_change_login_redirect
40   end
41   super if defined?(super)
42 end
before_change_password_route ()
[show source]
   # File lib/rodauth/features/password_expiration.rb
90 def before_change_password_route
91   check_password_change_allowed
92   super
93 end
before_login_attempt ()
[show source]
    # File lib/rodauth/features/lockout.rb
244 def before_login_attempt
245   if locked_out?
246     show_lockout_page
247   end
248   super
249 end
before_logout ()
[show source]
   # File lib/rodauth/features/single_session.rb
80 def before_logout
81   reset_single_session_key if request.post?
82   super if defined?(super)
83 end
before_otp_authentication_route (&block)
[show source]
   # File lib/rodauth/features/otp.rb
23 def before_otp_authentication_route(&block)
24   warn "before_otp_authentication_route is deprecated, switch to before_otp_auth_route"
25   before_otp_auth_route(&block)
26 end
before_otp_setup_route ()
[show source]
    # File lib/rodauth/features/jwt.rb
176 def before_otp_setup_route
177   super if defined?(super)
178   if use_jwt? && otp_keys_use_hmac? && !param_or_nil(otp_setup_raw_param)
179     _otp_tmp_key(otp_new_secret)
180     json_response[otp_setup_param] = otp_user_key
181     json_response[otp_setup_raw_param] = otp_key
182   end
183 end
before_reset_password ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
74 def before_reset_password
75   check_account_expiration
76   super if defined?(super)
77 end
before_reset_password_request ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
79 def before_reset_password_request
80   check_account_expiration
81   super if defined?(super)
82 end
before_rodauth ()
[show source]
    # File lib/rodauth/features/jwt.rb
143 def before_rodauth
144   if json_request?
145     if jwt_check_accept? && (accept = request.env['HTTP_ACCEPT']) && accept !~ json_accept_regexp
146       response.status = 406
147       json_response[json_response_error_key] = json_not_accepted_error_message
148       response['Content-Type'] ||= json_response_content_type
149       response.write(request.send(:convert_to_json, json_response))
150       request.halt
151     end
152 
153     unless request.post?
154       response.status = 405
155       response.headers['Allow'] = 'POST'
156       json_response[json_response_error_key] = json_non_post_error_message
157       return_json_response
158     end
159   elsif only_json?
160     response.status = json_response_error_status
161     response.write non_json_request_error_message
162     request.halt
163   end
164 
165   super
166 end
before_unlock_account ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
84 def before_unlock_account
85   check_account_expiration
86   super if defined?(super)
87 end
before_unlock_account_request ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
89 def before_unlock_account_request
90   check_account_expiration
91   super if defined?(super)
92 end
before_view_recovery_codes ()
[show source]
    # File lib/rodauth/features/jwt.rb
168 def before_view_recovery_codes
169   super if defined?(super)
170   if use_jwt?
171     json_response[:codes] = recovery_codes
172     json_response[json_response_success_key] ||= "" if include_success_messages?
173   end
174 end
button (value, opts={})
[show source]
    # File lib/rodauth/features/base.rb
317 def button(value, opts={})
318   scope.render(button_opts(value, opts))
319 end
button_opts (value, opts)
[show source]
    # File lib/rodauth/features/base.rb
308 def button_opts(value, opts)
309   opts = Hash[template_opts].merge!(opts)
310   opts[:locals] = {:value=>value, :opts=>opts}
311   opts[:path] = template_path('button')
312   opts[:cache] = cache_templates
313   opts[:cache_key] = :rodauth_button
314   opts
315 end
can_add_recovery_codes? ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
201 def can_add_recovery_codes?
202   recovery_codes.length < recovery_codes_limit
203 end
catch_error (&block)
[show source]
    # File lib/rodauth/features/base.rb
429 def catch_error(&block)
430   catch(:rodauth_error, &block)
431 end
change_login (login)
[show source]
   # File lib/rodauth/features/change_login.rb
65 def change_login(login)
66   if account_ds.get(login_column).downcase == login.downcase
67     @login_requirement_message = 'same as current login'
68     return false
69   end
70 
71   update_login(login)
72 end
change_login_notice_flash ()
[show source]
  # File lib/rodauth/features/verify_change_login.rb
7 def change_login_notice_flash
8   "#{super}. #{verify_account_email_sent_notice_flash}"
9 end
change_login_requires_password? ()
[show source]
   # File lib/rodauth/features/change_login.rb
61 def change_login_requires_password?
62   modifications_require_password?
63 end
change_password_requires_password? ()
[show source]
   # File lib/rodauth/features/change_password.rb
66 def change_password_requires_password?
67   modifications_require_password?
68 end
check_account_expiration ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
63 def check_account_expiration
64   if account_expired?
65     set_expired unless account_expired_at
66     set_redirect_error_flash account_expiration_error_flash
67     redirect account_expiration_redirect
68   end
69   update_last_login
70 end
check_already_logged_in ()
[show source]
    # File lib/rodauth/features/base.rb
232 def check_already_logged_in
233   already_logged_in if logged_in?
234 end
check_password_change_allowed ()
[show source]
   # File lib/rodauth/features/password_expiration.rb
30 def check_password_change_allowed
31   if password_changed_at = get_password_changed_at
32     if password_changed_at > Time.now - allow_password_change_after
33       set_redirect_error_flash password_not_changeable_yet_error_flash
34       redirect password_not_changeable_yet_redirect
35     end
36   end
37 end
check_session_expiration ()
[show source]
   # File lib/rodauth/features/session_expiration.rb
15 def check_session_expiration
16   return unless logged_in?
17 
18   unless session.has_key?(session_last_activity_session_key) && session.has_key?(session_created_session_key)
19     if session_expiration_default
20       expire_session
21     end
22 
23     return
24   end
25 
26   time = Time.now.to_i
27 
28   if session[session_last_activity_session_key] + session_inactivity_timeout < time
29     expire_session
30   end
31   set_session_value(session_last_activity_session_key, time)
32 
33   if session[session_created_session_key] + max_session_lifetime < time
34     expire_session
35   end
36 end
check_single_session ()
[show source]
   # File lib/rodauth/features/single_session.rb
50 def check_single_session
51   if logged_in? && !currently_active_session?
52     no_longer_active_session
53   end
54 end
clear_cached_otp ()
[show source]
    # File lib/rodauth/features/otp.rb
342 def clear_cached_otp
343   remove_instance_variable(:@otp) if defined?(@otp)
344 end
clear_invalid_login_attempts ()
[show source]
    # File lib/rodauth/features/lockout.rb
165 def clear_invalid_login_attempts
166   unlock_account
167 end
clear_remembered_session_key ()
[show source]
    # File lib/rodauth/features/remember.rb
177 def clear_remembered_session_key
178   session.delete(remembered_session_key)
179 end
clear_session ()
[show source]
    # File lib/rodauth/features/base.rb
240 def clear_session
241   if scope.respond_to?(:clear_session)
242     scope.clear_session
243   else
244     session.clear
245   end
246 end
close_account ()
[show source]
   # File lib/rodauth/features/close_account.rb
62 def close_account
63   unless skip_status_checks?
64     update_account(account_status_column=>account_closed_status_value)
65   end
66 
67   unless account_password_hash_column
68     password_hash_ds.delete
69   end
70 end
close_account_requires_password? ()
[show source]
   # File lib/rodauth/features/close_account.rb
58 def close_account_requires_password?
59   modifications_require_password?
60 end
compute_hmac (data)

Return urlsafe base64 HMAC for data, assumes hmac_secret is set.

[show source]
    # File lib/rodauth/features/base.rb
197 def compute_hmac(data)
198   s = [compute_raw_hmac(data)].pack('m').chomp!("=\n")
199   s.tr!('+/', '-_')
200   s
201 end
compute_raw_hmac (data)
[show source]
    # File lib/rodauth/features/base.rb
511 def compute_raw_hmac(data)
512   OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, hmac_secret, data)
513 end
confirm_password ()
[show source]
   # File lib/rodauth/features/confirm_password.rb
45 def confirm_password
46   nil
47 end
confirm_password_redirect ()
[show source]
   # File lib/rodauth/features/confirm_password.rb
49 def confirm_password_redirect
50   session.delete(confirm_password_redirect_session_key) || default_redirect
51 end
convert_email_token_key (key)
[show source]
   # File lib/rodauth/features/email_base.rb
52 def convert_email_token_key(key)
53   convert_token_key(key)
54 end
convert_session_key (key)
[show source]
    # File lib/rodauth/features/base.rb
408 def convert_session_key(key)
409   scope.opts[:sessions_convert_symbols] ? key.to_s : key
410 end
convert_timestamp (timestamp)

This is needed for jdbc/sqlite, which returns timestamp columns as strings

[show source]
    # File lib/rodauth/features/base.rb
547 def convert_timestamp(timestamp)
548   timestamp = db.to_application_timestamp(timestamp) if timestamp.is_a?(String)
549   timestamp
550 end
convert_token_key (key)
[show source]
    # File lib/rodauth/features/base.rb
374 def convert_token_key(key)
375   if key && hmac_secret
376     compute_hmac(key)
377   else
378     key
379   end
380 end
create_account_autologin? ()
[show source]
    # File lib/rodauth/features/verify_account.rb
219 def create_account_autologin?
220   false
221 end
create_account_notice_flash ()
[show source]
    # File lib/rodauth/features/verify_account.rb
181 def create_account_notice_flash
182   verify_account_email_sent_notice_flash
183 end
create_account_set_password? ()
[show source]
    # File lib/rodauth/features/verify_account.rb
231 def create_account_set_password?
232   return false if verify_account_set_password?
233   super
234 end
create_email (subject, body)
[show source]
   # File lib/rodauth/features/email_base.rb
27 def create_email(subject, body)
28   create_email_to(email_to, subject, body)
29 end
create_email_auth_email ()
[show source]
    # File lib/rodauth/features/email_auth.rb
229 def create_email_auth_email
230   create_email(email_auth_email_subject, email_auth_email_body)
231 end
create_email_auth_key ()
[show source]
    # File lib/rodauth/features/email_auth.rb
104 def create_email_auth_key
105   transaction do
106     if email_auth_key_value = get_email_auth_key(account_id)
107       set_email_auth_email_last_sent
108       @email_auth_key_value = email_auth_key_value
109     elsif e = raised_uniqueness_violation{email_auth_ds.insert(email_auth_key_insert_hash)}
110       # If inserting into the email auth table causes a violation, we can pull the
111       # existing email auth key from the table, or reraise.
112       raise e unless @email_auth_key_value = get_email_auth_key(account_id)
113     end
114   end
115 end
create_email_to (to, subject, body)
[show source]
   # File lib/rodauth/features/email_base.rb
31 def create_email_to(to, subject, body)
32   m = Mail.new
33   m.from = email_from
34   m.to = to
35   m.subject = "#{email_subject_prefix}#{subject}"
36   m.body = body
37   m
38 end
create_password_changed_email ()
[show source]
   # File lib/rodauth/features/change_password_notify.rb
23 def create_password_changed_email
24   create_email(password_changed_email_subject, password_changed_email_body)
25 end
create_reset_password_email ()
[show source]
    # File lib/rodauth/features/reset_password.rb
239 def create_reset_password_email
240   create_email(reset_password_email_subject, reset_password_email_body)
241 end
create_reset_password_key ()
[show source]
    # File lib/rodauth/features/reset_password.rb
160 def create_reset_password_key
161   transaction do
162     if reset_password_key_value = get_password_reset_key(account_id)
163       set_reset_password_email_last_sent
164       @reset_password_key_value = reset_password_key_value
165     elsif e = raised_uniqueness_violation{password_reset_ds.insert(reset_password_key_insert_hash)}
166       # If inserting into the reset password table causes a violation, we can pull the
167       # existing reset password key from the table, or reraise.
168       raise e unless @reset_password_key_value = get_password_reset_key(account_id)
169     end
170   end
171 end
create_unlock_account_email ()
[show source]
    # File lib/rodauth/features/lockout.rb
282 def create_unlock_account_email
283   create_email(unlock_account_email_subject, unlock_account_email_body)
284 end
create_verify_account_email ()
[show source]
    # File lib/rodauth/features/verify_account.rb
302 def create_verify_account_email
303   create_email(verify_account_email_subject, verify_account_email_body)
304 end
create_verify_account_key ()
[show source]
    # File lib/rodauth/features/verify_account.rb
285 def create_verify_account_key
286   ds = verify_account_ds
287   transaction do
288     if ds.empty?
289       if e = raised_uniqueness_violation{ds.insert(verify_account_key_insert_hash)}
290         # If inserting into the verify account table causes a violation, we can pull the
291         # key from the verify account table, or reraise.
292         raise e unless @verify_account_key_value = get_verify_account_key(account_id)
293       end
294     end
295   end
296 end
create_verify_login_change_email (login)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
194 def create_verify_login_change_email(login)
195   create_email_to(login, verify_login_change_email_subject, verify_login_change_email_body)
196 end
create_verify_login_change_key (login)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
172 def create_verify_login_change_key(login)
173   ds = verify_login_change_ds
174   transaction do
175     ds.where((Sequel::CURRENT_TIMESTAMP > verify_login_change_deadline_column) | ~Sequel.expr(verify_login_change_login_column=>login)).delete
176     if e = raised_uniqueness_violation{ds.insert(verify_login_change_key_insert_hash(login))}
177       old_login, key = get_verify_login_change_login_and_key(account_id)
178       # If inserting into the verify login change table causes a violation, we can pull the
179       # key from the verify login change table if the logins match, or reraise.
180       @verify_login_change_key_value = if old_login.downcase == login.downcase
181         key
182       end
183       raise e unless @verify_login_change_key_value
184     end
185   end
186 end
csrf_tag (path=request.path)
[show source]
    # File lib/rodauth/features/base.rb
296 def csrf_tag(path=request.path)
297   return unless scope.respond_to?(:csrf_tag)
298 
299   if use_request_specific_csrf_tokens?
300     scope.csrf_tag(path)
301   else
302     # :nocov:
303     scope.csrf_tag
304     # :nocov:
305   end
306 end
currently_active_session? ()
[show source]
   # File lib/rodauth/features/single_session.rb
27 def currently_active_session?
28   single_session_key = session[single_session_session_key]
29   current_key = single_session_ds.get(single_session_key_column)
30   if single_session_key.nil?
31     unless current_key
32       # No row exists for this user, indicating the feature has never
33       # been used, so it is OK to treat the current session as a new
34       # session.
35       update_single_session_key
36     end
37     true
38   elsif current_key
39     if hmac_secret
40       valid = timing_safe_eql?(single_session_key, compute_hmac(current_key))
41       if !valid && !allow_raw_single_session_key?
42         return false
43       end
44     end
45 
46     valid || timing_safe_eql?(single_session_key, current_key)
47   end
48 end
db ()
[show source]
    # File lib/rodauth/features/base.rb
221 def db
222   Sequel::DATABASES.first
223 end
default_field_attributes ()
[show source]
    # File lib/rodauth/features/base.rb
174 def default_field_attributes
175   if mark_input_fields_as_required?
176     "required=\"required\""
177   end
178 end
delete_account ()
[show source]
   # File lib/rodauth/features/close_account.rb
72 def delete_account
73   account_ds.delete
74 end
delete_account_on_close? ()
[show source]
   # File lib/rodauth/features/close_account.rb
76 def delete_account_on_close?
77   skip_status_checks?
78 end
disable_remember_login ()
[show source]
    # File lib/rodauth/features/remember.rb
158 def disable_remember_login
159   remove_remember_key
160 end
email_auth_ds (id=account_id)
[show source]
    # File lib/rodauth/features/email_auth.rb
247 def email_auth_ds(id=account_id)
248   db[email_auth_table].where(email_auth_id_column=>id)
249 end
email_auth_email_body ()
[show source]
    # File lib/rodauth/features/email_auth.rb
233 def email_auth_email_body
234   render('email-auth-email')
235 end
email_auth_email_recently_sent? ()
[show source]
    # File lib/rodauth/features/email_auth.rb
185 def email_auth_email_recently_sent?
186   (email_last_sent = get_email_auth_email_last_sent) && (Time.now - email_last_sent < email_auth_skip_resend_email_within)
187 end
email_auth_key_insert_hash ()
[show source]
    # File lib/rodauth/features/email_auth.rb
241 def email_auth_key_insert_hash
242   hash = {email_auth_id_column=>account_id, email_auth_key_column=>email_auth_key_value}
243   set_deadline_value(hash, email_auth_deadline_column, email_auth_deadline_interval)
244   hash
245 end
email_auth_request_form ()
[show source]
    # File lib/rodauth/features/email_auth.rb
157 def email_auth_request_form
158   render('email-auth-request-form')
159 end
email_from ()
[show source]
   # File lib/rodauth/features/email_base.rb
40 def email_from
41   "webmaster@#{request.host}"
42 end
email_to ()
[show source]
   # File lib/rodauth/features/email_base.rb
44 def email_to
45   account[login_column]
46 end
expire_session ()
[show source]
   # File lib/rodauth/features/session_expiration.rb
38 def expire_session
39   clear_session
40   set_redirect_error_flash session_expiration_error_flash
41   redirect session_expiration_redirect
42 end
features ()
[show source]
    # File lib/rodauth/features/base.rb
121 def features
122   self.class.features
123 end
field_attributes (field)
[show source]
    # File lib/rodauth/features/base.rb
180 def field_attributes(field)
181   _field_attributes(field) || default_field_attributes
182 end
field_error (field)
[show source]
    # File lib/rodauth/features/base.rb
153 def field_error(field)
154   return nil unless @field_errors
155   @field_errors[field]
156 end
field_error_attributes (field)
[show source]
    # File lib/rodauth/features/base.rb
184 def field_error_attributes(field)
185   if field_error(field)
186     _field_error_attributes(field)
187   end
188 end
flash ()
[show source]
    # File lib/rodauth/features/base.rb
137 def flash
138   scope.flash
139 end
force_email_auth? ()
[show source]
    # File lib/rodauth/features/email_auth.rb
179 def force_email_auth?
180   get_password_hash.nil?
181 end
forget_login ()
[show source]
    # File lib/rodauth/features/remember.rb
143 def forget_login
144   ::Rack::Utils.delete_cookie_header!(response.headers, remember_cookie_key, remember_cookie_options)
145 end
formatted_field_error (field)
[show source]
    # File lib/rodauth/features/base.rb
190 def formatted_field_error(field)
191   if error = field_error(field)
192     _formatted_field_error(field, error)
193   end
194 end
function_name (name)
[show source]
    # File lib/rodauth/features/base.rb
474 def function_name(name)
475   if db.database_type == :mssql
476     # :nocov:
477     "dbo.#{name}"
478     # :nocov:
479   else
480     name
481   end
482 end
generate_email_auth_key_value ()
[show source]
    # File lib/rodauth/features/email_auth.rb
225 def generate_email_auth_key_value
226   @email_auth_key_value = random_key
227 end
generate_remember_key_value ()
[show source]
    # File lib/rodauth/features/remember.rb
204 def generate_remember_key_value
205   @remember_key_value = random_key
206 end
generate_reset_password_key_value ()
[show source]
    # File lib/rodauth/features/reset_password.rb
235 def generate_reset_password_key_value
236   @reset_password_key_value = random_key
237 end
generate_unlock_account_key ()
[show source]
    # File lib/rodauth/features/lockout.rb
266 def generate_unlock_account_key
267   random_key
268 end
generate_verify_account_key_value ()
[show source]
    # File lib/rodauth/features/verify_account.rb
281 def generate_verify_account_key_value
282   @verify_account_key_value = random_key
283 end
generate_verify_login_change_key_value ()
[show source]
    # File lib/rodauth/features/verify_login_change.rb
168 def generate_verify_login_change_key_value
169   @verify_login_change_key_value = random_key
170 end
get_activity_timestamp (account_id, column)
[show source]
    # File lib/rodauth/features/account_expiration.rb
109 def get_activity_timestamp(account_id, column)
110   convert_timestamp(account_activity_ds(account_id).get(column))
111 end
get_email_auth_email_last_sent ()
[show source]
    # File lib/rodauth/features/email_auth.rb
121 def get_email_auth_email_last_sent
122   if column = email_auth_email_last_sent_column
123     if ts = email_auth_ds.get(column)
124       convert_timestamp(ts)
125     end
126   end
127 end
get_email_auth_key (id)
[show source]
    # File lib/rodauth/features/email_auth.rb
145 def get_email_auth_key(id)
146   ds = email_auth_ds(id)
147   ds.where(Sequel::CURRENT_TIMESTAMP > email_auth_deadline_column).delete
148   ds.get(email_auth_key_column)
149 end
get_password_changed_at ()
[show source]
   # File lib/rodauth/features/password_expiration.rb
26 def get_password_changed_at
27   convert_timestamp(password_expiration_ds.get(password_expiration_changed_at_column))
28 end
get_password_hash ()

Get the password hash for the user. When using database authentication functions, note that only the salt is returned.

[show source]
    # File lib/rodauth/features/base.rb
486 def get_password_hash
487   if account_password_hash_column
488     account[account_password_hash_column]
489   elsif use_database_authentication_functions?
490     db.get(Sequel.function(function_name(:rodauth_get_salt), account_id))
491   else
492     # :nocov:
493     password_hash_ds.get(password_hash_column)
494     # :nocov:
495   end
496 end
get_password_reset_key (id)
[show source]
    # File lib/rodauth/features/reset_password.rb
189 def get_password_reset_key(id)
190   ds = password_reset_ds(id)
191   ds.where(Sequel::CURRENT_TIMESTAMP > reset_password_deadline_column).delete
192   ds.get(reset_password_key_column)
193 end
get_remember_key ()
[show source]
    # File lib/rodauth/features/remember.rb
147 def get_remember_key
148   unless @remember_key_value = active_remember_key_ds.get(remember_key_column)
149    generate_remember_key_value
150    transaction do
151      remove_remember_key
152      add_remember_key
153    end
154   end
155   nil
156 end
get_reset_password_email_last_sent ()
[show source]
    # File lib/rodauth/features/reset_password.rb
207 def get_reset_password_email_last_sent
208   if column = reset_password_email_last_sent_column
209     if ts = password_reset_ds.get(column)
210       convert_timestamp(ts)
211     end
212   end
213 end
get_unlock_account_email_last_sent ()
[show source]
    # File lib/rodauth/features/lockout.rb
228 def get_unlock_account_email_last_sent
229   if column = account_lockouts_email_last_sent_column
230     if ts = account_lockouts_ds.get(column)
231       convert_timestamp(ts)
232     end
233   end
234 end
get_unlock_account_key ()
[show source]
    # File lib/rodauth/features/lockout.rb
211 def get_unlock_account_key
212   account_lockouts_ds.get(account_lockouts_key_column)
213 end
get_verify_account_email_last_sent ()
[show source]
    # File lib/rodauth/features/verify_account.rb
240 def get_verify_account_email_last_sent
241   if column = verify_account_email_last_sent_column
242     if ts = verify_account_ds.get(column)
243       convert_timestamp(ts)
244     end
245   end
246 end
get_verify_account_key (id)
[show source]
    # File lib/rodauth/features/verify_account.rb
211 def get_verify_account_key(id)
212   verify_account_ds(id).get(verify_account_key_column)
213 end
get_verify_login_change_login_and_key (id)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
128 def get_verify_login_change_login_and_key(id)
129   verify_login_change_ds(id).get([verify_login_change_login_column, verify_login_change_key_column])
130 end
include_success_messages? ()
[show source]
    # File lib/rodauth/features/jwt.rb
197 def include_success_messages?
198   !json_response_success_key.nil?
199 end
input_field_string (param, id, opts={})
[show source]
    # File lib/rodauth/features/base.rb
164 def input_field_string(param, id, opts={})
165   type = opts.fetch(:type, "text")
166 
167   unless type == "password"
168     value = opts.fetch(:value){scope.h param(param)}
169   end
170 
171   "<input #{opts[:attr]} #{field_attributes(param)} #{field_error_attributes(param)} type=\"#{type}\" class=\"form-control#{add_field_error_class(param)}\" name=\"#{param}\" id=\"#{id}\" value=\"#{value}\"/> #{formatted_field_error(param)}"
172 end
invalid_login_attempted ()
[show source]
    # File lib/rodauth/features/lockout.rb
169 def invalid_login_attempted
170   ds = account_login_failures_ds.
171       where(account_login_failures_id_column=>account_id)
172 
173   number = if db.database_type == :postgres
174     ds.returning(account_login_failures_number_column).
175       with_sql(:update_sql, account_login_failures_number_column=>Sequel.expr(account_login_failures_number_column)+1).
176       single_value
177   else
178     # :nocov:
179     if ds.update(account_login_failures_number_column=>Sequel.expr(account_login_failures_number_column)+1) > 0
180       ds.get(account_login_failures_number_column)
181     end
182     # :nocov:
183   end
184 
185   unless number
186     # Ignoring the violation is safe here.  It may allow slightly more than max_invalid_logins invalid logins before
187     # lockout, but allowing a few extra is OK if the race is lost.
188     ignore_uniqueness_violation{account_login_failures_ds.insert(account_login_failures_id_column=>account_id)}
189     number = 1
190   end
191 
192   if number >= max_invalid_logins
193     @unlock_account_key_value = generate_unlock_account_key
194     hash = {account_lockouts_id_column=>account_id, account_lockouts_key_column=>unlock_account_key_value}
195     set_deadline_value(hash, account_lockouts_deadline_column, account_lockouts_deadline_interval)
196 
197     if e = raised_uniqueness_violation{account_lockouts_ds.insert(hash)}
198       # If inserting into the lockout table raises a violation, we should just be able to pull the already inserted
199       # key out of it.  If that doesn't return a valid key, we should reraise the error.
200       raise e unless @unlock_account_key_value = account_lockouts_ds.get(account_lockouts_key_column)
201 
202       after_account_lockout
203       show_lockout_page
204     else
205       after_account_lockout
206       e
207     end
208   end
209 end
invalid_previous_password_message ()
[show source]
   # File lib/rodauth/features/change_password.rb
70 def invalid_previous_password_message
71   invalid_password_message
72 end
json_request? ()
[show source]
    # File lib/rodauth/features/jwt.rb
104 def json_request?
105   return @json_request if defined?(@json_request)
106   @json_request = request.content_type =~ json_request_content_type_regexp
107 end
json_response ()
[show source]
    # File lib/rodauth/features/jwt.rb
207 def json_response
208   @json_response ||= {}
209 end
jwt_cors_allow? ()
[show source]
   # File lib/rodauth/features/jwt_cors.rb
15 def jwt_cors_allow?
16   if origin = request.env['HTTP_ORIGIN']
17     case allowed = jwt_cors_allow_origin
18     when String
19       timing_safe_eql?(origin, allowed)
20     when Array
21       allowed.any?{|s| timing_safe_eql?(origin, s)}
22     when Regexp
23       allowed =~ origin
24     when true
25       true
26     else
27       false
28     end
29   end
30 end
jwt_payload ()
[show source]
    # File lib/rodauth/features/jwt.rb
185 def jwt_payload
186   return @jwt_payload if defined?(@jwt_payload)
187   @jwt_payload = JWT.decode(jwt_token, jwt_secret, true, jwt_decode_opts.merge(:algorithm=>jwt_algorithm))[0]
188 rescue JWT::DecodeError
189   @jwt_payload = false
190 end
jwt_secret ()
[show source]
    # File lib/rodauth/features/jwt.rb
109 def jwt_secret
110   raise ArgumentError, "jwt_secret not set"
111 end
jwt_session_hash ()
[show source]
    # File lib/rodauth/features/jwt.rb
113 def jwt_session_hash
114   jwt_session_key ? {jwt_session_key=>session} : session
115 end
jwt_token ()
[show source]
    # File lib/rodauth/features/jwt.rb
121 def jwt_token
122   return @jwt_token if defined?(@jwt_token)
123 
124   if (v = request.env['HTTP_AUTHORIZATION']) && v !~ jwt_authorization_ignore
125     @jwt_token = v.sub(jwt_authorization_remove, '')
126   end
127 end
last_account_activity_at ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
27 def last_account_activity_at
28   get_activity_timestamp(session_value, account_activity_last_activity_column)
29 end
last_account_login_at ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
31 def last_account_login_at
32   get_activity_timestamp(session_value, account_activity_last_login_column)
33 end
load_memory ()
[show source]
    # File lib/rodauth/features/remember.rb
 86 def load_memory
 87   return if session[session_key]
 88   return unless cookie = request.cookies[remember_cookie_key]
 89   id, key = cookie.split('_', 2)
 90   return unless id && key
 91 
 92   actual, deadline = active_remember_key_ds(id).get([remember_key_column, remember_deadline_column])
 93   unless actual
 94     forget_login
 95     return
 96   end
 97 
 98   if hmac_secret
 99     unless valid = timing_safe_eql?(key, compute_hmac(actual))
100       unless raw_remember_token_deadline && raw_remember_token_deadline > convert_timestamp(deadline)
101         forget_login
102         return
103       end
104     end
105   end
106 
107   unless valid || timing_safe_eql?(key, actual)
108     forget_login
109     return
110   end
111 
112   session[session_key] = id
113   account = account_from_session
114   session.delete(session_key)
115 
116   unless account
117     remove_remember_key(id)
118     forget_login
119     return 
120   end
121 
122   before_load_memory
123   update_session
124 
125   set_session_value(remembered_session_key, true)
126   if extend_remember_deadline?
127     active_remember_key_ds(id).update(remember_deadline_column=>Sequel.date_add(Sequel::CURRENT_TIMESTAMP, remember_period))
128     remember_login
129   end
130   after_load_memory
131 end
loaded_templates ()
[show source]
    # File lib/rodauth/features/base.rb
552 def loaded_templates
553   []
554 end
locked_out? ()
[show source]
    # File lib/rodauth/features/lockout.rb
146 def locked_out?
147   if t = convert_timestamp(account_lockouts_ds.get(account_lockouts_deadline_column))
148     if Time.now < t
149       true
150     else
151       unlock_account
152       false
153     end
154   else
155     false
156   end
157 end
logged_in_via_remember_key? ()
[show source]
    # File lib/rodauth/features/remember.rb
181 def logged_in_via_remember_key?
182   !!session[remembered_session_key]
183 end
login_confirm_label ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
36 def login_confirm_label
37   "Confirm #{login_label}"
38 end
login_does_not_meet_requirements_message ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
81 def login_does_not_meet_requirements_message
82   "invalid login#{", #{login_requirement_message}" if login_requirement_message}"
83 end
login_failed_reset_password_request_form ()
[show source]
    # File lib/rodauth/features/reset_password.rb
243 def login_failed_reset_password_request_form
244   render("reset-password-request")
245 end
login_hidden_field ()
[show source]
   # File lib/rodauth/features/login.rb
80 def login_hidden_field
81   "<input type='hidden' name=\"#{login_param}\" value=\"#{scope.h param(login_param)}\" />"
82 end
login_meets_email_requirements? (login)
[show source]
    # File lib/rodauth/features/login_password_requirements_base.rb
105 def login_meets_email_requirements?(login)
106   return true unless require_email_address_logins?
107   if login =~ /\A[^,;@ \r\n]+@[^,@; \r\n]+\.[^,@; \r\n]+\z/
108     return true
109   end
110   @login_requirement_message = 'not a valid email address'
111   return false
112 end
login_meets_length_requirements? (login)
[show source]
    # File lib/rodauth/features/login_password_requirements_base.rb
 93 def login_meets_length_requirements?(login)
 94   if login_minimum_length > login.length
 95     @login_requirement_message = login_too_short_message
 96     false
 97   elsif login_maximum_length < login.length
 98     @login_requirement_message = login_too_long_message
 99     false
100   else
101     true
102   end
103 end
login_meets_requirements? (login)
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
44 def login_meets_requirements?(login)
45   login_meets_length_requirements?(login) && \
46     login_meets_email_requirements?(login)
47 end
login_required ()
[show source]
    # File lib/rodauth/features/base.rb
248 def login_required
249   set_redirect_error_status(login_required_error_status)
250   set_redirect_error_flash require_login_error_flash
251   redirect require_login_redirect
252 end
login_too_long_message ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
85 def login_too_long_message
86   "maximum #{login_maximum_length} characters"
87 end
login_too_short_message ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
89 def login_too_short_message
90   "minimum #{login_minimum_length} characters"
91 end
logout ()
[show source]
   # File lib/rodauth/features/logout.rb
34 def logout
35   clear_session
36 end
modifications_require_password? ()
[show source]
   # File lib/rodauth/features/password_grace_period.rb
 8 def modifications_require_password?
 9   return false unless super
10   !password_recently_entered?
11 end
new_account (login)
[show source]
    # File lib/rodauth/features/create_account.rb
103 def new_account(login)
104   @account = _new_account(login)
105 end
new_recovery_code ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
226 def new_recovery_code
227   random_key
228 end
no_longer_active_session ()
[show source]
   # File lib/rodauth/features/single_session.rb
56 def no_longer_active_session
57   clear_session
58   set_redirect_error_flash single_session_error_flash
59   redirect single_session_redirect
60 end
only_json? ()
[show source]
    # File lib/rodauth/features/base.rb
330 def only_json?
331   scope.class.opts[:rodauth_json] == :only
332 end
open_account? ()
[show source]
    # File lib/rodauth/features/base.rb
217 def open_account?
218   skip_status_checks? || account[account_status_column] == account_open_status_value 
219 end
otp_add_key ()
[show source]
    # File lib/rodauth/features/otp.rb
289 def otp_add_key
290   _otp_add_key(otp_key)
291   super if defined?(super)
292 end
otp_exists? ()
[show source]
    # File lib/rodauth/features/otp.rb
264 def otp_exists?
265   !otp_key.nil?
266 end
otp_hmac_secret (key)
[show source]
    # File lib/rodauth/features/otp.rb
351 def otp_hmac_secret(key)
352   base32_encode(compute_raw_hmac(ROTP::Base32.decode(key)), key.bytesize)
353 end
otp_issuer ()
[show source]
    # File lib/rodauth/features/otp.rb
316 def otp_issuer
317   request.host
318 end
otp_key_ds ()
[show source]
    # File lib/rodauth/features/otp.rb
410 def otp_key_ds
411   db[otp_keys_table].where(otp_keys_id_column=>session_value)
412 end
otp_keys_use_hmac? ()
[show source]
    # File lib/rodauth/features/otp.rb
336 def otp_keys_use_hmac?
337   !!hmac_secret
338 end
otp_locked_out? ()
[show source]
    # File lib/rodauth/features/otp.rb
308 def otp_locked_out?
309   otp_key_ds.get(otp_keys_failures_column) >= otp_auth_failures_limit
310 end
otp_lockout_error_flash ()
[show source]
    # File lib/rodauth/features/otp.rb
252 def otp_lockout_error_flash
253   "Authentication code use locked out due to numerous failures.#{super if defined?(super)}"
254 end
otp_lockout_redirect ()
[show source]
    # File lib/rodauth/features/otp.rb
247 def otp_lockout_redirect
248   return super if defined?(super)
249   nil
250 end
otp_new_secret ()

:nocov:

[show source]
    # File lib/rodauth/features/otp.rb
366 def otp_new_secret
367   ROTP::Base32.random_base32.downcase
368 end
otp_provisioning_name ()
[show source]
    # File lib/rodauth/features/otp.rb
320 def otp_provisioning_name
321   account[login_column]
322 end
otp_provisioning_uri ()
[show source]
    # File lib/rodauth/features/otp.rb
312 def otp_provisioning_uri
313   otp.provisioning_uri(otp_provisioning_name)
314 end
otp_qr_code ()
[show source]
    # File lib/rodauth/features/otp.rb
324 def otp_qr_code
325   RQRCode::QRCode.new(otp_provisioning_uri).as_svg(:module_size=>8)
326 end
otp_record_authentication_failure ()
[show source]
    # File lib/rodauth/features/otp.rb
300 def otp_record_authentication_failure
301   otp_key_ds.update(otp_keys_failures_column=>Sequel.identifier(otp_keys_failures_column) + 1)
302 end
otp_remove ()
[show source]
    # File lib/rodauth/features/otp.rb
284 def otp_remove
285   otp_key_ds.delete
286   super if defined?(super)
287 end
otp_remove_auth_failures ()
[show source]
    # File lib/rodauth/features/otp.rb
304 def otp_remove_auth_failures
305   otp_key_ds.update(otp_keys_failures_column=>0)
306 end
otp_tmp_key (secret)
[show source]
    # File lib/rodauth/features/otp.rb
346 def otp_tmp_key(secret)
347   _otp_tmp_key(secret)
348   clear_cached_otp
349 end
otp_update_last_use ()
[show source]
    # File lib/rodauth/features/otp.rb
294 def otp_update_last_use
295   otp_key_ds.
296     where(Sequel.date_add(otp_keys_last_use_column, :seconds=>(otp_interval||30)) < Sequel::CURRENT_TIMESTAMP).
297     update(otp_keys_last_use_column=>Sequel::CURRENT_TIMESTAMP) == 1
298 end
otp_user_key ()
[show source]
    # File lib/rodauth/features/otp.rb
328 def otp_user_key
329   @otp_user_key ||= if otp_keys_use_hmac?
330     otp_hmac_secret(otp_key)
331   else
332     otp_key
333   end
334 end
otp_valid_code? (ot_pass)
[show source]
    # File lib/rodauth/features/otp.rb
268 def otp_valid_code?(ot_pass)
269   return false unless otp_exists?
270   ot_pass = ot_pass.gsub(/\s+/, '')
271   if drift = otp_drift
272     if otp.respond_to?(:verify_with_drift)
273       otp.verify_with_drift(ot_pass, drift)
274     else
275       # :nocov:
276       otp.verify(ot_pass, :drift_behind=>drift, :drift_ahead=>drift)
277       # :nocov:
278     end
279   else
280     otp.verify(ot_pass)
281   end
282 end
otp_valid_key? (secret)
[show source]
    # File lib/rodauth/features/otp.rb
355 def otp_valid_key?(secret)
356   return false unless secret =~ /\A([a-z2-7]{16}|[a-z2-7]{32})\z/
357   if otp_keys_use_hmac?
358     timing_safe_eql?(otp_hmac_secret(param(otp_setup_raw_param)), secret)
359   else
360     true
361   end
362 end
param (key)

Return a string for the parameter name. This will be an empty string if the parameter doesn't exist.

[show source]
    # File lib/rodauth/features/base.rb
361 def param(key)
362   param_or_nil(key).to_s
363 end
param_or_nil (key)

Return a string for the parameter name, or nil if there is no parameter with that name.

[show source]
    # File lib/rodauth/features/base.rb
367 def param_or_nil(key)
368   value = request.params[key]
369   value.to_s unless value.nil?
370 end
password_changed_email_body ()
[show source]
   # File lib/rodauth/features/change_password_notify.rb
27 def password_changed_email_body
28   render('password-changed-email')
29 end
password_confirm_label ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
40 def password_confirm_label
41   "Confirm #{password_label}"
42 end
password_does_not_contain_null_byte? (password)
[show source]
    # File lib/rodauth/features/login_password_requirements_base.rb
120 def password_does_not_contain_null_byte?(password)
121   return true unless password.include?("\0")
122   @password_requirement_message = 'contains null byte'
123   false
124 end
password_does_not_meet_requirements_message ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
73 def password_does_not_meet_requirements_message
74   "invalid password, does not meet requirements#{" (#{password_requirement_message})" if password_requirement_message}"
75 end
password_doesnt_match_previous_password? (password)
[show source]
   # File lib/rodauth/features/disallow_password_reuse.rb
47 def password_doesnt_match_previous_password?(password)
48   match = if use_database_authentication_functions?
49     salts = previous_password_ds.
50       select_map([previous_password_id_column, Sequel.function(function_name(:rodauth_get_previous_salt), previous_password_id_column).as(:salt)])
51     return true if salts.empty?
52 
53     salts.any? do |hash_id, salt|
54       db.get(Sequel.function(function_name(:rodauth_previous_password_hash_match), hash_id, BCrypt::Engine.hash_secret(password, salt)))
55     end
56   else
57     # :nocov:
58     previous_password_ds.select_map(previous_password_hash_column).any?{|hash| BCrypt::Password.new(hash) == password}
59     # :nocov:
60   end
61 
62   return true unless match
63   @password_requirement_message = password_same_as_previous_password_message
64   false
65 end
password_expiration_ds ()
[show source]
    # File lib/rodauth/features/password_expiration.rb
107 def password_expiration_ds
108   db[password_expiration_table].where(password_expiration_id_column=>account_id)
109 end
password_expired? ()
[show source]
   # File lib/rodauth/features/password_expiration.rb
68 def password_expired?
69   if password_changed_at = session[password_changed_at_session_key]
70     return password_changed_at + require_password_change_after < Time.now.to_i
71   end
72 
73   account_from_session
74   if password_changed_at = get_password_changed_at
75     set_session_value(password_changed_at_session_key, password_changed_at.to_i)
76     password_changed_at + require_password_change_after < Time.now
77   else
78     set_session_value(password_changed_at_session_key, password_expiration_default ? 0 : 2147483647)
79     password_expiration_default
80   end
81 end
password_has_enough_character_groups? (password)
[show source]
   # File lib/rodauth/features/password_complexity.rb
55 def password_has_enough_character_groups?(password)
56   return true if password.length > password_max_length_for_groups_check
57   return true if password_character_groups.select{|re| password =~ re}.length >= password_min_groups
58   @password_requirement_message = password_not_enough_character_groups_message
59   false
60 end
password_has_no_invalid_pattern? (password)
[show source]
   # File lib/rodauth/features/password_complexity.rb
62 def password_has_no_invalid_pattern?(password)
63   return true unless password_invalid_pattern
64   return true if password !~ password_invalid_pattern
65   @password_requirement_message = password_invalid_pattern_message
66   false
67 end
password_hash (password)
[show source]
    # File lib/rodauth/features/login_password_requirements_base.rb
138 def password_hash(password)
139   BCrypt::Password.create(password, :cost=>password_hash_cost)
140 end
password_hash_cost ()
[show source]
    # File lib/rodauth/features/login_password_requirements_base.rb
127 def password_hash_cost
128   BCrypt::Engine::MIN_COST
129 end
password_hash_ds ()
[show source]
    # File lib/rodauth/features/base.rb
542 def password_hash_ds
543   db[password_hash_table].where(password_hash_id_column=>account_id)
544 end
password_match? (password)
[show source]
    # File lib/rodauth/features/base.rb
344 def password_match?(password)
345   if hash = get_password_hash
346     if account_password_hash_column || !use_database_authentication_functions?
347       BCrypt::Password.new(hash) == password
348     else
349       db.get(Sequel.function(function_name(:rodauth_valid_password_hash), account_id, BCrypt::Engine.hash_secret(password, hash)))
350     end 
351   end
352 end
password_meets_length_requirements? (password)
[show source]
    # File lib/rodauth/features/login_password_requirements_base.rb
114 def password_meets_length_requirements?(password)
115   return true if password_minimum_length <= password.length
116   @password_requirement_message = password_too_short_message
117   false
118 end
password_meets_requirements? (password)
[show source]
   # File lib/rodauth/features/disallow_common_passwords.rb
13 def password_meets_requirements?(password)
14   super && password_not_one_of_the_most_common?(password)
15 end
password_not_in_dictionary? (password)
[show source]
   # File lib/rodauth/features/password_complexity.rb
80 def password_not_in_dictionary?(password)
81   return true unless dict = password_dictionary
82   return true unless password =~ /\A(?:\d*)([A-Za-z!@$+|][A-Za-z!@$+|0134578]+[A-Za-z!@$+|])(?:\d*)\z/
83   word = $1.downcase.tr('!@$+|0134578', 'iastloleastb')
84   return true if !dict.include?(word)
85   @password_requirement_message = password_in_dictionary_message
86   false
87 end
password_not_one_of_the_most_common? (password)
[show source]
   # File lib/rodauth/features/disallow_common_passwords.rb
33 def password_not_one_of_the_most_common?(password)
34   return true unless password_one_of_most_common?(password)
35   @password_requirement_message = password_is_one_of_the_most_common_message
36   false
37 end
password_not_too_many_repeating_characters? (password)
[show source]
   # File lib/rodauth/features/password_complexity.rb
69 def password_not_too_many_repeating_characters?(password)
70   return true if password_max_repeating_characters < 2
71   return true if password !~ /(.)(\1){#{password_max_repeating_characters-1}}/ 
72   @password_requirement_message = password_too_many_repeating_characters_message
73   false
74 end
password_one_of_most_common? (password)
[show source]
   # File lib/rodauth/features/disallow_common_passwords.rb
27 def password_one_of_most_common?(password)
28   most_common_passwords.include?(password)
29 end
password_recently_entered? ()
[show source]
   # File lib/rodauth/features/password_grace_period.rb
37 def password_recently_entered?
38   return false unless last_password_entry = session[last_password_entry_session_key]
39   last_password_entry + password_grace_period > Time.now.to_i
40 end
password_reset_ds (id=account_id)
[show source]
    # File lib/rodauth/features/reset_password.rb
261 def password_reset_ds(id=account_id)
262   db[reset_password_table].where(reset_password_id_column=>id)
263 end
password_too_many_repeating_characters_message ()
[show source]
   # File lib/rodauth/features/password_complexity.rb
76 def password_too_many_repeating_characters_message
77   "contains #{password_max_repeating_characters} or more of the same character in a row"
78 end
password_too_short_message ()
[show source]
   # File lib/rodauth/features/login_password_requirements_base.rb
77 def password_too_short_message
78   "minimum #{password_minimum_length} characters"
79 end
post_configure ()
[show source]
    # File lib/rodauth/features/base.rb
334 def post_configure
335   require 'bcrypt' if require_bcrypt?
336   db.extension :date_arithmetic if use_date_arithmetic?
337   route_hash= {}
338   self.class.routes.each do |meth|
339     route_hash["/#{send("#{meth.to_s.sub(/\Ahandle_/, '')}_route")}"] = meth
340   end
341   self.class.route_hash = route_hash.freeze
342 end
previous_password_ds ()
[show source]
   # File lib/rodauth/features/disallow_password_reuse.rb
79 def previous_password_ds
80   db[previous_password_hash_table].where(previous_password_account_id_column=>account_id)
81 end
raises_uniqueness_violation? (&block)

In cases where retrying on uniqueness violations cannot work, this will detect whether a uniqueness violation is raised by the block and return the exception if so. This method should be used if you don't care about the exception itself.

[show source]
    # File lib/rodauth/features/base.rb
571 def raises_uniqueness_violation?(&block)
572   transaction(:savepoint=>:only, &block)
573   false
574 rescue unique_constraint_violation_class => e
575   e
576 end
random_key ()
[show source]
    # File lib/rodauth/features/base.rb
395 def random_key
396   SecureRandom.urlsafe_base64(32)
397 end
recovery_code_match? (code)
[show source]
    # File lib/rodauth/features/recovery_codes.rb
188 def recovery_code_match?(code)
189   recovery_codes.each do |s|
190     if timing_safe_eql?(code, s)
191       recovery_codes_ds.where(recovery_codes_column=>code).delete
192       if recovery_codes_primary?
193         add_recovery_code
194       end
195       return true
196     end
197   end
198   false
199 end
recovery_codes_ds ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
238 def recovery_codes_ds
239   db[recovery_codes_table].where(recovery_codes_id_column=>session_value)
240 end
recovery_codes_primary? ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
230 def recovery_codes_primary?
231   (features & [:otp, :sms_codes]).empty?
232 end
recovery_codes_remove ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
184 def recovery_codes_remove
185   recovery_codes_ds.delete
186 end
redirect (path)
[show source]
    # File lib/rodauth/features/base.rb
386 def redirect(path)
387   request.redirect(path)
388 end
remember_key_ds (id=account_id)
[show source]
    # File lib/rodauth/features/remember.rb
212 def remember_key_ds(id=account_id)
213   db[remember_table].where(remember_id_column=>id)
214 end
remember_login ()
[show source]
    # File lib/rodauth/features/remember.rb
133 def remember_login
134   get_remember_key
135   opts = Hash[remember_cookie_options]
136   key = remember_key_value
137   key = compute_hmac(key) if hmac_secret
138   opts[:value] = "#{account_id}_#{key}"
139   opts[:expires] = convert_timestamp(active_remember_key_ds.get(remember_deadline_column))
140   ::Rack::Utils.set_cookie_header!(response.headers, remember_cookie_key, opts)
141 end
remove_email_auth_key ()
[show source]
    # File lib/rodauth/features/email_auth.rb
129 def remove_email_auth_key
130   email_auth_ds.delete
131 end
remove_lockout_metadata ()
[show source]
    # File lib/rodauth/features/lockout.rb
270 def remove_lockout_metadata
271   account_login_failures_ds.delete
272   account_lockouts_ds.delete
273 end
remove_remember_key (id=account_id)
[show source]
    # File lib/rodauth/features/remember.rb
173 def remove_remember_key(id=account_id)
174   remember_key_ds(id).delete
175 end
remove_reset_password_key ()
[show source]
    # File lib/rodauth/features/reset_password.rb
173 def remove_reset_password_key
174   password_reset_ds.delete
175 end
remove_verify_account_key ()
[show source]
    # File lib/rodauth/features/verify_account.rb
165 def remove_verify_account_key
166   verify_account_ds.delete
167 end
remove_verify_login_change_key ()
[show source]
    # File lib/rodauth/features/verify_login_change.rb
104 def remove_verify_login_change_key
105   verify_login_change_ds.delete
106 end
render (page)
[show source]
    # File lib/rodauth/features/base.rb
326 def render(page)
327   _view(:render, page)
328 end
request ()
[show source]
    # File lib/rodauth/features/base.rb
125 def request
126   scope.request
127 end
require_account ()
[show source]
    # File lib/rodauth/features/base.rb
417 def require_account
418   require_authentication
419   require_account_session
420 end
require_account_session ()
[show source]
    # File lib/rodauth/features/base.rb
422 def require_account_session
423   unless account_from_session
424     clear_session
425     login_required
426   end
427 end
require_authentication ()
[show source]
    # File lib/rodauth/features/base.rb
284 def require_authentication
285   require_login
286 end
require_current_password ()
[show source]
   # File lib/rodauth/features/password_expiration.rb
61 def require_current_password
62   if authenticated? && password_expired? && password_change_needed_redirect != request.path_info
63     set_redirect_error_flash password_expiration_error_flash
64     redirect password_change_needed_redirect
65   end
66 end
require_login ()
[show source]
    # File lib/rodauth/features/base.rb
276 def require_login
277   login_required unless logged_in?
278 end
require_otp_setup ()
[show source]
    # File lib/rodauth/features/otp.rb
256 def require_otp_setup
257   unless otp_exists?
258     set_redirect_error_status(two_factor_not_setup_error_status)
259     set_redirect_error_flash two_factor_not_setup_error_flash
260     redirect two_factor_need_setup_redirect
261   end
262 end
require_sms_available ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
356 def require_sms_available
357   require_sms_setup
358 
359   if sms_locked_out?
360     set_redirect_error_status(lockout_error_status)
361     set_redirect_error_flash sms_lockout_error_flash
362     redirect sms_lockout_redirect
363   end
364 end
require_sms_not_setup ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
348 def require_sms_not_setup
349   if sms_setup?
350     set_redirect_error_status(sms_already_setup_error_status)
351     set_redirect_error_flash sms_already_setup_error_flash
352     redirect sms_already_setup_redirect
353   end
354 end
require_sms_setup ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
340 def require_sms_setup
341   unless sms_setup?
342     set_redirect_error_status(two_factor_not_setup_error_status)
343     set_redirect_error_flash sms_not_setup_error_flash
344     redirect sms_needs_setup_redirect
345   end
346 end
require_two_factor_authenticated ()
[show source]
   # File lib/rodauth/features/two_factor_base.rb
78 def require_two_factor_authenticated
79   unless two_factor_authenticated?
80     set_redirect_error_status(two_factor_need_authentication_error_status)
81     set_redirect_error_flash two_factor_need_authentication_error_flash
82     redirect _two_factor_auth_required_redirect
83   end
84 end
require_two_factor_not_authenticated ()
[show source]
   # File lib/rodauth/features/two_factor_base.rb
70 def require_two_factor_not_authenticated
71   if two_factor_authenticated?
72     set_redirect_error_status(two_factor_already_authenticated_error_status)
73     set_redirect_error_flash two_factor_already_authenticated_error_flash
74     redirect two_factor_already_authenticated_redirect
75   end
76 end
require_two_factor_setup ()
[show source]
   # File lib/rodauth/features/two_factor_base.rb
59 def require_two_factor_setup
60   # Avoid database query if already authenticated via 2nd factor
61   return if two_factor_authenticated?
62 
63   return if uses_two_factor_authentication?
64 
65   set_redirect_error_status(two_factor_not_setup_error_status)
66   set_redirect_error_flash two_factor_not_setup_error_flash
67   redirect two_factor_need_setup_redirect
68 end
reset_password_email_body ()
[show source]
    # File lib/rodauth/features/reset_password.rb
247 def reset_password_email_body
248   render('reset-password-email')
249 end
reset_password_email_recently_sent? ()
[show source]
    # File lib/rodauth/features/reset_password.rb
217 def reset_password_email_recently_sent?
218   (email_last_sent = get_reset_password_email_last_sent) && (Time.now - email_last_sent < reset_password_skip_resend_email_within)
219 end
reset_password_key_insert_hash ()
[show source]
    # File lib/rodauth/features/reset_password.rb
255 def reset_password_key_insert_hash
256   hash = {reset_password_id_column=>account_id, reset_password_key_column=>reset_password_key_value}
257   set_deadline_value(hash, reset_password_deadline_column, reset_password_deadline_interval)
258   hash
259 end
reset_single_session_key ()
[show source]
   # File lib/rodauth/features/single_session.rb
21 def reset_single_session_key
22   if logged_in?
23     single_session_ds.update(single_session_key_column=>random_key)
24   end
25 end
response ()
[show source]
    # File lib/rodauth/features/base.rb
129 def response
130   scope.response
131 end
retry_on_uniqueness_violation (&block)

This is used to avoid race conditions when using the pattern of inserting when an update affects no rows. In such cases, if a row is inserted between the update and the insert, the insert will fail with a uniqueness error, but retrying will work. It is possible for it to fail again, but only if the row is deleted before the update and readded before the insert, which is very unlikely to happen. In such cases, raising an exception is acceptable.

[show source]
    # File lib/rodauth/features/base.rb
562 def retry_on_uniqueness_violation(&block)
563   if raises_uniqueness_violation?(&block)
564     yield
565   end
566 end
return_json_response ()
[show source]
    # File lib/rodauth/features/jwt.rb
221 def return_json_response
222   response.status ||= json_response_error_status if json_response[json_response_error_key]
223   set_jwt
224   response['Content-Type'] ||= json_response_content_type
225   response.write(_json_response_body(json_response))
226   request.halt
227 end
route! ()
[show source]
    # File lib/rodauth/features/base.rb
141 def route!
142   if meth = self.class.route_hash[request.remaining_path]
143     send(meth)
144   end
145 
146   nil
147 end
save_account ()
[show source]
    # File lib/rodauth/features/create_account.rb
107 def save_account
108   id = nil
109   raised = raises_uniqueness_violation?{id = db[accounts_table].insert(account)}
110 
111   if raised
112     @login_requirement_message = already_an_account_with_this_login_message
113   end
114 
115   if id
116     account[account_id_column] = id
117   end
118 
119   id && !raised
120 end
send_email_auth_email ()
[show source]
    # File lib/rodauth/features/email_auth.rb
137 def send_email_auth_email
138   create_email_auth_email.deliver!
139 end
send_password_changed_email ()
[show source]
   # File lib/rodauth/features/change_password_notify.rb
19 def send_password_changed_email
20   create_password_changed_email.deliver!
21 end
send_reset_password_email ()
[show source]
    # File lib/rodauth/features/reset_password.rb
181 def send_reset_password_email
182   create_reset_password_email.deliver!
183 end
send_unlock_account_email ()
[show source]
    # File lib/rodauth/features/lockout.rb
219 def send_unlock_account_email
220   @unlock_account_key_value = get_unlock_account_key
221   create_unlock_account_email.deliver!
222 end
send_verify_account_email ()
[show source]
    # File lib/rodauth/features/verify_account.rb
203 def send_verify_account_email
204   create_verify_account_email.deliver!
205 end
send_verify_login_change_email (login)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
120 def send_verify_login_change_email(login)
121   create_verify_login_change_email(login).deliver!
122 end
session ()
[show source]
    # File lib/rodauth/features/base.rb
133 def session
134   scope.session
135 end
session_expiration_redirect ()
[show source]
   # File lib/rodauth/features/session_expiration.rb
44 def session_expiration_redirect
45   require_login_redirect
46 end
session_jwt ()
[show source]
    # File lib/rodauth/features/jwt.rb
117 def session_jwt
118   JWT.encode(jwt_session_hash, jwt_secret, jwt_algorithm)
119 end
session_value ()
[show source]
    # File lib/rodauth/features/base.rb
208 def session_value
209   session[session_key]
210 end
set_deadline_value (hash, column, interval)

This is needed on MySQL, which doesn't support non constant defaults other than CURRENT_TIMESTAMP.

[show source]
    # File lib/rodauth/features/base.rb
598 def set_deadline_value(hash, column, interval)
599   if set_deadline_values?
600     # :nocov:
601     hash[column] = Sequel.date_add(Sequel::CURRENT_TIMESTAMP, interval)
602     # :nocov:
603   end
604 end
set_deadline_values? ()
[show source]
    # File lib/rodauth/features/base.rb
455 def set_deadline_values?
456   db.database_type == :mysql
457 end
set_email_auth_email_last_sent ()
[show source]
    # File lib/rodauth/features/email_auth.rb
117 def set_email_auth_email_last_sent
118    email_auth_ds.update(email_auth_email_last_sent_column=>Sequel::CURRENT_TIMESTAMP) if email_auth_email_last_sent_column
119 end
set_error_flash (message)
[show source]
    # File lib/rodauth/features/base.rb
260 def set_error_flash(message)
261   flash.now[flash_error_key] = message
262 end
set_expired ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
49 def set_expired
50   update_activity(account_id, account_activity_expired_column)
51   after_account_expiration
52 end
set_field_error (field, error)
[show source]
    # File lib/rodauth/features/base.rb
149 def set_field_error(field, error)
150   (@field_errors ||= {})[field] = error
151 end
set_http_basic_auth_error_response ()
[show source]
   # File lib/rodauth/features/http_basic_auth.rb
54 def set_http_basic_auth_error_response
55   response.status = 401
56   response.headers["WWW-Authenticate"] = "Basic realm=\"#{http_basic_auth_realm}\""
57 end
set_jwt ()
[show source]
    # File lib/rodauth/features/jwt.rb
229 def set_jwt
230   set_jwt_token(session_jwt)
231 end
set_jwt_token (token)
[show source]
    # File lib/rodauth/features/jwt.rb
129 def set_jwt_token(token)
130   response.headers['Authorization'] = token
131 end
set_last_password_entry ()
[show source]
   # File lib/rodauth/features/password_grace_period.rb
42 def set_last_password_entry
43   session[last_password_entry_session_key] = Time.now.to_i
44 end
set_new_account_password (password)
[show source]
    # File lib/rodauth/features/create_account.rb
 99 def set_new_account_password(password)
100   account[account_password_hash_column] = password_hash(password)
101 end
set_notice_flash (message)
[show source]
    # File lib/rodauth/features/base.rb
268 def set_notice_flash(message)
269   flash[flash_notice_key] = message
270 end
set_notice_now_flash (message)
[show source]
    # File lib/rodauth/features/base.rb
272 def set_notice_now_flash(message)
273   flash.now[flash_notice_key] = message
274 end
set_password (password)
[show source]
   # File lib/rodauth/features/disallow_password_reuse.rb
19 def set_password(password)
20   hash = super
21   add_previous_password_hash(hash)
22   hash
23 end
set_redirect_error_flash (message)
[show source]
    # File lib/rodauth/features/base.rb
264 def set_redirect_error_flash(message)
265   flash[flash_error_key] = message
266 end
set_redirect_error_status (status)

Don't set an error status when redirecting in an error case, as a redirect status is needed.

[show source]
    # File lib/rodauth/features/base.rb
434 def set_redirect_error_status(status)
435 end
set_reset_password_email_last_sent ()
[show source]
    # File lib/rodauth/features/reset_password.rb
203 def set_reset_password_email_last_sent
204    password_reset_ds.update(reset_password_email_last_sent_column=>Sequel::CURRENT_TIMESTAMP) if reset_password_email_last_sent_column
205 end
set_response_error_status (status)
[show source]
    # File lib/rodauth/features/base.rb
437 def set_response_error_status(status)
438   response.status = status
439 end
set_session_value (key, value)
[show source]
    # File lib/rodauth/features/base.rb
606 def set_session_value(key, value)
607   session[key] = value
608 end
set_single_session_key (data)
[show source]
   # File lib/rodauth/features/single_session.rb
85 def set_single_session_key(data)
86   data = compute_hmac(data) if hmac_secret
87   set_session_value(single_session_session_key, data)
88 end
set_title (title)
[show source]
    # File lib/rodauth/features/base.rb
254 def set_title(title)
255   if title_instance_variable
256     scope.instance_variable_set(title_instance_variable, title)
257   end
258 end
set_unlock_account_email_last_sent ()
[show source]
    # File lib/rodauth/features/lockout.rb
236 def set_unlock_account_email_last_sent
237   account_lockouts_ds.update(account_lockouts_email_last_sent_column=>Sequel::CURRENT_TIMESTAMP) if account_lockouts_email_last_sent_column
238 end
set_verify_account_email_last_sent ()
[show source]
    # File lib/rodauth/features/verify_account.rb
236 def set_verify_account_email_last_sent
237    verify_account_ds.update(verify_account_email_last_sent_column=>Sequel::CURRENT_TIMESTAMP) if verify_account_email_last_sent_column
238 end
setup_account_verification ()
[show source]
    # File lib/rodauth/features/verify_account.rb
271 def setup_account_verification
272   generate_verify_account_key_value
273   create_verify_account_key
274   send_verify_account_email
275 end
show_lockout_page ()
[show source]
    # File lib/rodauth/features/lockout.rb
275 def show_lockout_page
276   set_response_error_status lockout_error_status
277   set_error_flash login_lockout_error_flash
278   response.write unlock_account_request_view
279   request.halt
280 end
single_session_ds ()
[show source]
   # File lib/rodauth/features/single_session.rb
95 def single_session_ds
96   db[single_session_table].
97     where(single_session_id_column=>session_value)
98 end
skip_login_field_on_login? ()
[show source]
   # File lib/rodauth/features/login.rb
70 def skip_login_field_on_login?
71   return false unless use_multi_phase_login?
72   @valid_login_entered
73 end
skip_password_field_on_login? ()
[show source]
   # File lib/rodauth/features/login.rb
75 def skip_password_field_on_login?
76   return false unless use_multi_phase_login?
77   @valid_login_entered != true
78 end
skip_status_checks? ()
[show source]
   # File lib/rodauth/features/close_account.rb
80 def skip_status_checks?
81   false
82 end
sms_auth_message (code)
[show source]
    # File lib/rodauth/features/sms_codes.rb
417 def sms_auth_message(code)
418   "SMS authentication code for #{request.host} is #{code}"
419 end
sms_available? ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
459 def sms_available?
460   sms && !sms_needs_confirmation? && !sms_locked_out?
461 end
sms_code ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
438 def sms_code
439   sms[sms_code_column]
440 end
sms_code_issued_at ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
442 def sms_code_issued_at
443   convert_timestamp(sms[sms_issued_at_column])
444 end
sms_code_match? (code)
[show source]
    # File lib/rodauth/features/sms_codes.rb
366 def sms_code_match?(code)
367   return false unless sms_current_auth?
368   timing_safe_eql?(code, sms_code)
369 end
sms_codes_primary? ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
473 def sms_codes_primary?
474   !features.include?(:otp)
475 end
sms_confirm ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
165 def sms_confirm
166   super if defined?(super)
167   add_recovery_codes(recovery_codes_limit - recovery_codes.length)
168 end
sms_confirm_failure ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
381 def sms_confirm_failure
382   sms_ds.delete
383 end
sms_confirm_message (code)
[show source]
    # File lib/rodauth/features/sms_codes.rb
421 def sms_confirm_message(code)
422   "SMS confirmation code for #{request.host} is #{code}"
423 end
sms_confirmation_match? (code)
[show source]
    # File lib/rodauth/features/sms_codes.rb
371 def sms_confirmation_match?(code)
372   sms_needs_confirmation? && sms_code_match?(code)
373 end
sms_current_auth? ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
467 def sms_current_auth?
468   sms_code && sms_code_issued_at + sms_code_allowed_seconds > Time.now
469 end
sms_disable ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
177 def sms_disable
178   super if defined?(super)
179   unless recovery_codes_primary?
180     recovery_codes_remove
181   end
182 end
sms_ds ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
501 def sms_ds
502   db[sms_codes_table].where(sms_id_column=>session_value)
503 end
sms_failures ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
446 def sms_failures
447   sms[sms_failures_column]
448 end
sms_locked_out? ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
463 def sms_locked_out?
464   sms_failures >= sms_failure_limit
465 end
sms_needs_confirmation? ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
455 def sms_needs_confirmation?
456   sms && sms_failures.nil?
457 end
sms_new_auth_code ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
481 def sms_new_auth_code
482   SecureRandom.random_number(10**sms_auth_code_length).to_s.rjust(sms_auth_code_length, "0")
483 end
sms_new_confirm_code ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
485 def sms_new_confirm_code
486   SecureRandom.random_number(10**sms_confirm_code_length).to_s.rjust(sms_confirm_code_length, "0")
487 end
sms_normalize_phone (phone)
[show source]
    # File lib/rodauth/features/sms_codes.rb
477 def sms_normalize_phone(phone)
478   phone.to_s.gsub(/\D+/, '')
479 end
sms_phone ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
434 def sms_phone
435   sms[sms_phone_column]
436 end
sms_record_failure ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
429 def sms_record_failure
430   update_sms(sms_failures_column=>Sequel.expr(sms_failures_column)+1)
431   sms[sms_failures_column] = sms_ds.get(sms_failures_column)
432 end
sms_remove_failures ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
392 def sms_remove_failures
393   update_sms(sms_failures_column => 0, sms_code_column => nil)
394 end
sms_send (phone, message)
[show source]
    # File lib/rodauth/features/sms_codes.rb
489 def sms_send(phone, message)
490   raise NotImplementedError, "sms_send needs to be defined in the Rodauth configuration for SMS sending to work"
491 end
sms_send_auth_code ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
401 def sms_send_auth_code
402   code = sms_new_auth_code
403   sms_set_code(code)
404   sms_send(sms_phone, sms_auth_message(code))
405 end
sms_send_confirm_code ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
407 def sms_send_confirm_code
408   code = sms_new_confirm_code
409   sms_set_code(code)
410   sms_send(sms_phone, sms_confirm_message(code))
411 end
sms_set_code (code)
[show source]
    # File lib/rodauth/features/sms_codes.rb
425 def sms_set_code(code)
426  update_sms(sms_code_column=>code, sms_issued_at_column=>Sequel::CURRENT_TIMESTAMP)
427 end
sms_setup (phone_number)
[show source]
    # File lib/rodauth/features/sms_codes.rb
385 def sms_setup(phone_number)
386   # Cannot handle uniqueness violation here, as the phone number given may not match the
387   # one in the table.
388   sms_ds.insert(sms_id_column=>session_value, sms_phone_column=>phone_number)
389   remove_instance_variable(:@sms) if instance_variable_defined?(:@sms)
390 end
sms_setup? ()
[show source]
    # File lib/rodauth/features/sms_codes.rb
450 def sms_setup?
451   return false unless sms
452   !sms_needs_confirmation?
453 end
sms_valid_phone? (phone)
[show source]
    # File lib/rodauth/features/sms_codes.rb
413 def sms_valid_phone?(phone)
414   phone.length >= sms_phone_min_length
415 end
split_token (token)
[show source]
    # File lib/rodauth/features/base.rb
382 def split_token(token)
383   token.split(token_separator, 2)
384 end
template_path (page)
[show source]
    # File lib/rodauth/features/base.rb
531 def template_path(page)
532   File.join(File.dirname(__FILE__), '../../../templates', "#{page}.str")
533 end
throw_basic_auth_error (*args)
[show source]
   # File lib/rodauth/features/http_basic_auth.rb
59 def throw_basic_auth_error(*args)
60   set_http_basic_auth_error_response
61   throw_error(*args) 
62 end
throw_error (field, error)
[show source]
    # File lib/rodauth/features/base.rb
441 def throw_error(field, error)
442   set_field_error(field, error)
443   throw :rodauth_error
444 end
throw_error_status (status, field, error)
[show source]
    # File lib/rodauth/features/base.rb
446 def throw_error_status(status, field, error)
447   set_response_error_status(status)
448   throw_error(field, error)
449 end
timing_safe_eql? (provided, actual)
[show source]
    # File lib/rodauth/features/base.rb
412 def timing_safe_eql?(provided, actual)
413   provided = provided.to_s
414   Rack::Utils.secure_compare(provided.ljust(actual.length), actual) && provided.length == actual.length
415 end
transaction (opts={}, &block)
[show source]
    # File lib/rodauth/features/base.rb
390 def transaction(opts={}, &block)
391   db.transaction(opts, &block)
392 end
two_factor_auth_fallback_redirect ()
[show source]
    # File lib/rodauth/features/recovery_codes.rb
135 def two_factor_auth_fallback_redirect
136   recovery_auth_redirect
137 end
two_factor_auth_required_redirect ()
[show source]
    # File lib/rodauth/features/otp.rb
229 def two_factor_auth_required_redirect
230   "#{prefix}/#{otp_auth_route}"
231 end
two_factor_authenticate (type)
[show source]
    # File lib/rodauth/features/two_factor_base.rb
127 def two_factor_authenticate(type)
128   two_factor_update_session(type)
129   two_factor_remove_auth_failures
130   after_two_factor_authentication
131   set_notice_flash two_factor_auth_notice_flash
132   redirect two_factor_auth_redirect
133 end
two_factor_authenticated? ()
[show source]
    # File lib/rodauth/features/two_factor_base.rb
102 def two_factor_authenticated?
103   !!session[two_factor_session_key]
104 end
two_factor_authentication_setup? ()
[show source]
    # File lib/rodauth/features/otp.rb
221 def two_factor_authentication_setup?
222   super || otp_exists?
223 end
two_factor_modifications_require_password? ()
[show source]
   # File lib/rodauth/features/two_factor_base.rb
35 def two_factor_modifications_require_password?
36   modifications_require_password?
37 end
two_factor_need_setup_redirect ()
[show source]
    # File lib/rodauth/features/otp.rb
225 def two_factor_need_setup_redirect
226   "#{prefix}/#{otp_setup_route}"
227 end
two_factor_password_match? (password)
[show source]
    # File lib/rodauth/features/two_factor_base.rb
 94 def two_factor_password_match?(password)
 95   if two_factor_modifications_require_password?
 96     password_match?(password)
 97   else
 98     true
 99   end
100 end
two_factor_remove ()
[show source]
    # File lib/rodauth/features/otp.rb
233 def two_factor_remove
234   super
235   otp_remove
236 end
two_factor_remove_auth_failures ()
[show source]
    # File lib/rodauth/features/otp.rb
238 def two_factor_remove_auth_failures
239   super
240   otp_remove_auth_failures
241 end
two_factor_remove_session ()
[show source]
    # File lib/rodauth/features/two_factor_base.rb
135 def two_factor_remove_session
136   session.delete(two_factor_session_key)
137   session[two_factor_setup_session_key] = false
138 end
two_factor_update_session (type)
[show source]
    # File lib/rodauth/features/two_factor_base.rb
140 def two_factor_update_session(type)
141   session[two_factor_session_key] = type
142   session[two_factor_setup_session_key] = true
143 end
unique_constraint_violation_class ()

Work around jdbc/sqlite issue where it only raises ConstraintViolation and not UniqueConstraintViolation.

[show source]
    # File lib/rodauth/features/base.rb
580 def unique_constraint_violation_class
581   if db.adapter_scheme == :jdbc && db.database_type == :sqlite
582     # :nocov:
583     Sequel::ConstraintViolation
584     # :nocov:
585   else
586     Sequel::UniqueConstraintViolation
587   end
588 end
unlock_account ()
[show source]
    # File lib/rodauth/features/lockout.rb
159 def unlock_account
160   transaction do
161     remove_lockout_metadata
162   end
163 end
unlock_account_email_body ()
[show source]
    # File lib/rodauth/features/lockout.rb
286 def unlock_account_email_body
287   render('unlock-account-email')
288 end
unlock_account_email_recently_sent? ()
[show source]
    # File lib/rodauth/features/lockout.rb
290 def unlock_account_email_recently_sent?
291   (email_last_sent = get_unlock_account_email_last_sent) && (Time.now - email_last_sent < unlock_account_skip_resend_email_within)
292 end
update_account (values, ds=account_ds)
[show source]
    # File lib/rodauth/features/base.rb
620 def update_account(values, ds=account_ds)
621   update_hash_ds(account, ds, values)
622 end
update_activity (account_id, *columns)
[show source]
    # File lib/rodauth/features/account_expiration.rb
113 def update_activity(account_id, *columns)
114   ds = account_activity_ds(account_id)
115   hash = {}
116   columns.each do |c|
117     hash[c] = Sequel::CURRENT_TIMESTAMP
118   end
119   if ds.update(hash) == 0
120     hash[account_activity_id_column] = account_id
121     hash[account_activity_last_activity_column] ||= Sequel::CURRENT_TIMESTAMP
122     hash[account_activity_last_login_column] ||= Sequel::CURRENT_TIMESTAMP
123     # It is safe to ignore uniqueness violations here, as a concurrent insert would also use current timestamps.
124     ignore_uniqueness_violation{ds.insert(hash)}
125   end
126 end
update_hash_ds (hash, ds, values)
[show source]
    # File lib/rodauth/features/base.rb
610 def update_hash_ds(hash, ds, values)
611   num = ds.update(values)
612   if num == 1
613     values.each do |k, v|
614       account[k] = v == Sequel::CURRENT_TIMESTAMP ? Time.now : v
615     end
616   end
617   num
618 end
update_last_activity ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
43 def update_last_activity
44   if session_value
45     update_activity(session_value, account_activity_last_activity_column)
46   end
47 end
update_last_login ()
[show source]
   # File lib/rodauth/features/account_expiration.rb
39 def update_last_login
40   update_activity(account_id, account_activity_last_login_column, account_activity_last_activity_column)
41 end
update_login (login)
[show source]
   # File lib/rodauth/features/change_login.rb
76 def update_login(login)
77   _update_login(login)
78 end
update_password_changed_at ()
[show source]
   # File lib/rodauth/features/password_expiration.rb
52 def update_password_changed_at
53   ds = password_expiration_ds
54   if ds.update(password_expiration_changed_at_column=>Sequel::CURRENT_TIMESTAMP) == 0
55     # Ignoring the violation is safe here, since a concurrent insert would also set it to the
56     # current timestamp.
57     ignore_uniqueness_violation{ds.insert(password_expiration_id_column=>account_id)}
58   end
59 end
update_password_hash? ()
[show source]
   # File lib/rodauth/features/update_password_hash.rb
17 def update_password_hash?
18   password_hash_cost != @current_password_hash_cost
19 end
update_session ()
[show source]
    # File lib/rodauth/features/account_expiration.rb
 99 def update_session
100   check_account_expiration
101   super
102 end
update_single_session_key ()
[show source]
   # File lib/rodauth/features/single_session.rb
62 def update_single_session_key
63   key = random_key
64   set_single_session_key(key)
65   if single_session_ds.update(single_session_key_column=>key) == 0
66     # Don't handle uniqueness violations here.  While we could get the stored key from the
67     # database, it could lead to two sessions sharing the same key, which this feature is
68     # designed to prevent.
69     single_session_ds.insert(single_session_id_column=>session_value, single_session_key_column=>key)
70   end
71 end
update_sms (values)
[show source]
    # File lib/rodauth/features/sms_codes.rb
493 def update_sms(values)
494   update_hash_ds(sms, sms_ds, values)
495 end
use_database_authentication_functions? ()
[show source]
    # File lib/rodauth/features/base.rb
459 def use_database_authentication_functions?
460   case db.database_type
461   when :postgres, :mysql, :mssql
462     true
463   else
464     # :nocov:
465     false
466     # :nocov:
467   end
468 end
use_date_arithmetic? ()
[show source]
    # File lib/rodauth/features/base.rb
451 def use_date_arithmetic?
452   set_deadline_values?
453 end
use_jwt? ()
[show source]
    # File lib/rodauth/features/jwt.rb
133 def use_jwt?
134   jwt_token || only_json? || json_request?
135 end
use_multi_phase_login? ()
[show source]
    # File lib/rodauth/features/email_auth.rb
175 def use_multi_phase_login?
176   true
177 end
use_request_specific_csrf_tokens? ()
[show source]
    # File lib/rodauth/features/base.rb
470 def use_request_specific_csrf_tokens?
471   scope.opts[:rodauth_csrf] == :route_csrf && scope.use_request_specific_csrf_tokens?
472 end
uses_two_factor_authentication? ()
[show source]
    # File lib/rodauth/features/two_factor_base.rb
110 def uses_two_factor_authentication?
111   return false unless logged_in?
112   session[two_factor_setup_session_key] = two_factor_authentication_setup? unless session.has_key?(two_factor_setup_session_key)
113   session[two_factor_setup_session_key]
114 end
valid_jwt? ()
[show source]
    # File lib/rodauth/features/jwt.rb
137 def valid_jwt?
138   !!(jwt_token && jwt_payload)
139 end
verified_account? ()
[show source]
   # File lib/rodauth/features/verify_account_grace_period.rb
17 def verified_account?
18   logged_in? && !session[unverified_account_session_key]
19 end
verify_account ()
[show source]
    # File lib/rodauth/features/verify_account.rb
169 def verify_account
170   update_account(account_status_column=>account_open_status_value) == 1
171 end
verify_account_check_already_logged_in ()
[show source]
    # File lib/rodauth/features/verify_account.rb
277 def verify_account_check_already_logged_in
278   check_already_logged_in
279 end
verify_account_ds (id=account_id)
[show source]
    # File lib/rodauth/features/verify_account.rb
310 def verify_account_ds(id=account_id)
311   db[verify_account_table].where(verify_account_id_column=>id)
312 end
verify_account_email_body ()
[show source]
    # File lib/rodauth/features/verify_account.rb
306 def verify_account_email_body
307   render('verify-account-email')
308 end
verify_account_email_recently_sent? ()
[show source]
    # File lib/rodauth/features/verify_account.rb
250 def verify_account_email_recently_sent?
251   (email_last_sent = get_verify_account_email_last_sent) && (Time.now - email_last_sent < verify_account_skip_resend_email_within)
252 end
verify_account_email_resend ()
[show source]
    # File lib/rodauth/features/verify_account.rb
173 def verify_account_email_resend
174   if @verify_account_key_value = get_verify_account_key(account_id)
175     set_verify_account_email_last_sent
176     send_verify_account_email
177     true
178   end
179 end
verify_account_key_insert_hash ()
[show source]
    # File lib/rodauth/features/verify_account.rb
298 def verify_account_key_insert_hash
299   {verify_account_id_column=>account_id, verify_account_key_column=>verify_account_key_value}
300 end
verify_login_change ()
[show source]
    # File lib/rodauth/features/verify_login_change.rb
108 def verify_login_change
109   unless res = _update_login(verify_login_change_new_login)
110     remove_verify_login_change_key
111   end
112 
113   res
114 end
verify_login_change_ds (id=account_id)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
202 def verify_login_change_ds(id=account_id)
203   db[verify_login_change_table].where(verify_login_change_id_column=>id)
204 end
verify_login_change_email_body ()
[show source]
    # File lib/rodauth/features/verify_login_change.rb
198 def verify_login_change_email_body
199   render('verify-login-change-email')
200 end
verify_login_change_key_insert_hash (login)
[show source]
    # File lib/rodauth/features/verify_login_change.rb
188 def verify_login_change_key_insert_hash(login)
189   hash = {verify_login_change_id_column=>account_id, verify_login_change_key_column=>verify_login_change_key_value, verify_login_change_login_column=>login}
190   set_deadline_value(hash, verify_login_change_deadline_column, verify_login_change_deadline_interval)
191   hash
192 end
verify_login_change_old_login ()
[show source]
    # File lib/rodauth/features/verify_login_change.rb
136 def verify_login_change_old_login
137   account_ds.get(login_column)
138 end
view (page, title)
[show source]
    # File lib/rodauth/features/base.rb
321 def view(page, title)
322   set_title(title)
323   _view(:view, page)
324 end