in app/controllers/Emergency.scala [82:127]
def issueNewCookie(userToken: String): Action[AnyContent] = EmergencySwitchIsOnAction {
def issueNewCookie(newCookieIssue: NewCookieIssue): Result = {
deps.tokenDBService.expireCookieIssue(newCookieIssue)
val expires = (DateTime.now() + cookieLifetime).getMillis
val names = newCookieIssue.email.split("\\.")
val firstName = names(0).capitalize
val lastName = names(1).split("@")(0).capitalize
val user = User(firstName, lastName, newCookieIssue.email, None)
val newAuthUser = AuthenticatedUser(user, config.appName, Set(config.appName), expires, multiFactor = true)
val authCookie = generateCookie(newAuthUser)
Ok(views.html.emergency.reissueSuccess()).withCookies(authCookie)
}
val issueNewCookieTopic = "New cookie has not been created"
val tenMinutesInMilliSeconds = 600000
val tokenOpt = deps.tokenDBService.getCookieIssueForUserToken(userToken)
tokenOpt.map {
case Left(error) => {
log.warn(s"Error when reading entry with $userToken from dynamo. A new cookie will not be issued: $error")
unauthorised("Checking your access token failed. You will not be issued with a new ", issueNewCookieTopic)
}
case Right(tokenEntry: NewCookieIssue) => {
if (!tokenEntry.used) {
val tokenAgeInMilliseconds = DateTime.now().getMillis - tokenEntry.requested
if (tokenAgeInMilliseconds > tenMinutesInMilliSeconds) {
log.warn(s"Attempted to use expired token: ${tokenEntry.id}")
Unauthorized(views.html.emergency.newCookieFailure("Your link has expired. Could not create a new cookie"))
}
else {
issueNewCookie(tokenEntry)
}
} else {
log.warn(s"Attempted to use a used token: ${tokenEntry.id}")
Unauthorized(views.html.emergency.newCookieFailure("Your link has already been been used"))
}
}
}.getOrElse(Unauthorized("Token not found"))
}