two_factor_base.rdoc

doc/two_factor_base.rdoc
Last Update: 2023-10-09 15:48:54 -0700

Documentation for Two Factor Base Feature

The two_factor_base feature implements shared functionality for the other multifactor authentication features.

To handle multiple and potentially different multifactor authentication setups per user, this feature implements disambiguation pages for multifactor authentication and manage. If only a single multifactor authentication is available to setup, the manage page will redirect to the appropriate page. Likewise, if only a single multifactor authentication method is available, the authentication page will redirect to the appropriate page. Otherwise, the authentication and manage pages will show links to the available pages. Additionally, there is a separate page for disabling all multifactor authentication methods and reverting to single factor authentication, so users do not have to disable each multifactor authentication method individually.

Auth Value Methods

two_factor_already_authenticated_error_flash

The flash error to show if going to a multifactor authentication page when already multifactor authenticated.

two_factor_already_authenticated_error_status

The response status to use if going to a multifactor authentication page when already multifactor authenticated, 403 by default.

two_factor_already_authenticated_redirect

Where to redirect if going to a multifactor authentication page when already multifactor authenticated.

two_factor_auth_notice_flash

The flash notice to show after a successful multifactor authentication.

two_factor_auth_page_title

The page title to use on the page linking to other multifactor authentication pages.

two_factor_auth_redirect

Where to redirect after a successful multifactor authentication.

two_factor_auth_redirect_session_key

The key in the session hash storing the location to redirect to after successful multifactor authentication.

two_factor_auth_required_redirect

Where to redirect if going to a page requiring multifactor authentication when not multifactor authenticated (the multifactor auth page by default).

two_factor_auth_return_to_requested_location?

Whether to redirect to the originally requested location after successful multifactor authentication when require_two_factor_authenticated was used, false by default.

two_factor_auth_route

The route to the multifactor authentication page. Defaults to multifactor-auth.

two_factor_disable_additional_form_tags

HTML fragment containing additional form tags when disabling all multifactor authentication.

two_factor_disable_button

Text to use for button on the form to disable all multifactor authentication.

two_factor_disable_error_flash

The flash error to show if unable to disable all multifactor authentication.

two_factor_disable_link_text

The text to use for the link to disable all multifactor authentication from the multifactor manage page.

two_factor_disable_notice_flash

The flash notice to show after a successfully disabling all multifactor authentication.

two_factor_disable_page_title

The page title to use on the page for disabling all multifactor authentication.

two_factor_disable_redirect

Where to redirect after a successfully disabling all multifactor authentication.

two_factor_disable_route

The route to the page to disable all multifactor authentication. Defaults to multifactor-disable.

two_factor_manage_page_title

The page title to use on the page linking to other multifactor setup and remove pages.

two_factor_manage_route

The route to the page to manage multifactor authentication. Defaults to multifactor-manage.

two_factor_modifications_require_password?

Whether modifications to multifactor authentication require the inputing the user’s password.

two_factor_need_authentication_error_flash

The flash error to show if going to a page that requires multifactor authentication when not authenticated.

two_factor_need_authentication_error_status

The response status to use if going to a page that requires multifactor authentication when not authenticated, 401 by default.

two_factor_need_setup_redirect

Where to redirect if going to a multifactor authentication page when multifactor authentication has not been setup (the multifactor manage page by default).

two_factor_not_setup_error_flash

The flash error to show if going to a multifactor authentication page when multifactor authentication has not been setup.

two_factor_not_setup_error_status

The response status to use if going to a multifactor authentication page when multifactor authentication has not been setup, 403 by default.

two_factor_remove_heading

The HTML to use above the remove links on the multifactor manage page.

two_factor_setup_heading

The HTML to use above the setup links on the multifactor manage page.

two_factor_setup_session_key

The session key used for storing whether multifactor authentication has been setup for the current account.

Auth Methods

after_two_factor_authentication

Any actions to take after successful multifactor authentication.

after_two_factor_disable

Any actions to take after successful disabling of all multifactor authentication.

before_two_factor_auth_route

Run arbitrary code before handling the multifactor auth route.

before_two_factor_disable

Any actions to take before disabling of all multifactor authentication.

before_two_factor_disable_route

Run arbitrary code before handling the multifactor disable route.

before_two_factor_manage_route

Run arbitrary code before handling the multifactor manage route.

two_factor_auth_links

An array of entries for links to show on the multifactor auth page. Each entry is an array of three elements, sort order (integer), link href, and link text.

two_factor_auth_response

Return a response after successful multifactor authentication. By default, redirects to two_factor_auth_redirect (or the requested location if two_factor_auth_return_to_requested_location? is true).

two_factor_auth_view

The HTML to use for the page linking to other multifactor authentication pages.

two_factor_authenticated?

Whether the current session has already been multifactor authenticated.

two_factor_disable_response

Return a response after successfully disabling multifactor authentication. By default, redirects to two_factor_disable_redirect.

two_factor_disable_view

The HTML to use for the page for disabling all multifactor authentication.

two_factor_manage_view

The HTML to use for the page linking to other multifactor setup and remove pages.

two_factor_remove

Any action to take to remove multifactor authentication, called when closing accounts.

two_factor_remove_auth_failures

Any action to take to remove multifactor authentication failures, called after a successful multifactor authentication.

two_factor_remove_links

An array of entries for remove links to show on the multifactor manage page. Each entry is an array of three elements, sort order (integer), link href, and link text.

two_factor_remove_session

What actions to take to remove multifactor authentication status from the session, called when disabling multifactor authentication when authenticated using the factor being removed.

two_factor_setup_links

An array of entries for setup links to show on the multifactor manage page. Each entry is an array of three elements, sort order (integer), link href, and link text.

two_factor_update_session(type)

How to update the session to reflect a successful multifactor authentication.