Shared admin step-up workflow for destructive LiveView actions.
The service keeps a per-LiveView grace window in assigns, delegates the
actual challenge/verification work to Accrue.Auth, and records
admin.step_up.* audit rows through the core event ledger.
Escape and explicit cancel dismissals (dismiss_challenge/1) clear a pending
challenge without running the deferred continuation and without emitting
new Events.record/1 rows — only successful or denied verification outcomes
are audited.
Summary
Functions
Clears a pending step-up without invoking the stored continuation and without writing audit events. Used for operator cancel / Escape flows.
Types
@type continuation() :: (Phoenix.LiveView.Socket.t() -> Phoenix.LiveView.Socket.t())
Functions
@spec dismiss_challenge(Phoenix.LiveView.Socket.t()) :: Phoenix.LiveView.Socket.t()
Clears a pending step-up without invoking the stored continuation and without writing audit events. Used for operator cancel / Escape flows.
@spec fresh?( Phoenix.LiveView.Socket.t(), keyword() ) :: boolean()
@spec require_fresh(Phoenix.LiveView.Socket.t(), map(), continuation(), keyword()) :: {:ok, Phoenix.LiveView.Socket.t()} | {:challenge, Phoenix.LiveView.Socket.t()} | {:error, term(), Phoenix.LiveView.Socket.t()}
@spec verify(Phoenix.LiveView.Socket.t(), map(), keyword()) :: {:ok, Phoenix.LiveView.Socket.t()} | {:error, term(), Phoenix.LiveView.Socket.t()}