Delegate logic of send_new_otp to user#send_new_otp_after_login?

Instead of keeping this logic nested in the Warden hook, call a method on the user object to determine if a new OTP code should be delivered.
7 years ago · 91e8eb40d7
2 changed files with 5 additions and 1 deletions
--- a/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb
+++ b/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb
@ -7,7 +7,7 @@ Warden::Manager.after_authentication do |user, auth, options|

  if user.respond_to?(:need_two_factor_authentication?) && !bypass_by_cookie
    if auth.session(options[:scope])[TwoFactorAuthentication::NEED_AUTHENTICATION] = user.need_two_factor_authentication?(auth.request)
-      user.send_new_otp unless user.totp_enabled?
+      user.send_new_otp if user.send_new_otp_after_login?
    end
  end
 end
--- a/lib/two_factor_authentication/models/two_factor_authenticatable.rb
+++ b/lib/two_factor_authentication/models/two_factor_authenticatable.rb
@ -62,6 +62,10 @@ module Devise
          send_two_factor_authentication_code(direct_otp)
        end

+        def send_new_otp_after_login?
+          !totp_enabled?
+        end
+
        def send_two_factor_authentication_code(code)
          raise NotImplementedError.new("No default implementation - please define in your class.")
        end