app/controllers/admin/otp_secrets_controller.rb
# frozen_string_literal: true
module Admin
class OtpSecretsController < Admin::AdminController
before_action :require_otp_disabled, only: %i[new create]
before_action :find_otp_secret
def new
@otp_secret.generate
end
def create
if @otp_secret.verify(otp_secret_params)
@recovery_codes = @otp_secret.generate_recovery_codes
@otp_secret.enable!(@recovery_codes)
else
flash[:error] = t("pages_core.otp.invalid_code")
redirect_to new_admin_otp_secret_path
end
end
def destroy
@otp_secret.disable!
flash[:notice] = t("pages_core.otp.disabled")
redirect_to edit_admin_user_path(current_user)
end
private
def find_otp_secret
@otp_secret = OtpSecret.new(current_user)
end
def otp_secret_params
params.permit(:signed_message, :otp)
end
def require_otp_disabled
return unless current_user.otp_enabled?
flash[:notice] = t("pages_core.otp.already_enabled")
redirect_to edit_admin_user_path(current_user)
end
end
end