action_auth 1.4.1 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f2082f44369afe3132a783d6bd8477b7df97188bf29c55791a131ed4b5cc8034
4
- data.tar.gz: ca85a89d45d638a85bef5a9f18c5e881deea0d716feddc5ac33d49c687e0f0d7
3
+ metadata.gz: beb1aed113f8cce08b4e352b8d5d7f652b89a10cbf7ef7470c871da89b9346fc
4
+ data.tar.gz: f1ec6c10834bde54f5edbd1b473b72c55a8929cd9e8674c1f416bc1d70213a6d
5
5
  SHA512:
6
- metadata.gz: 6409ba5c720feb68d07b4e9dc4a8fa1d234e990fdcfe3fe710410f3671ae4d044ff58784c0015a67dc07083a0b4b840fcbcdc2494191bcfb852208ede5c0fadf
7
- data.tar.gz: b156d5b0c0e6edc056b5935c3f18ec5677ea925e3dcfe8979e13048e2db0526ebcfed8f91b33f6d1109daf87cef8f510b7367bf488740a5de9d5593a81f9adaf
6
+ metadata.gz: 53abcdf203341654f8a1c63decdd54d6e06b1457b2de13e0a11f9c8e3243900a14cc04a661b727c6dedda4a81c61bbf4dd10efdea70d259be40be844cd4e5c36
7
+ data.tar.gz: 0d5ddeea817b8daeb0392c956aa3bd4e05c645d5b58333353b7854a9751f1a64913e0f7c3f29a32d8f14c9d449f4c325c3be4db8bd18e0089dd158782ffdbe75
data/README.md CHANGED
@@ -103,8 +103,9 @@ ActionAuth.configure do |config|
103
103
  config.default_from_email = "from@example.com"
104
104
  config.magic_link_enabled = true
105
105
  config.passkey_only = true # Allows sign in with only a passkey
106
+ config.pwned_enabled = true # defined?(Pwned)
106
107
  config.verify_email_on_sign_in = true
107
- config.webauthn_enabled = true
108
+ config.webauthn_enabled = true # defined?(WebAuthn)
108
109
  config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
109
110
  config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
110
111
  end
@@ -38,7 +38,8 @@ class ActionAuth::WebauthnCredentialsController < ApplicationController
38
38
  external_id: webauthn_credential.id,
39
39
  nickname: params[:credential_nickname],
40
40
  public_key: webauthn_credential.public_key,
41
- sign_count: webauthn_credential.sign_count
41
+ sign_count: webauthn_credential.sign_count,
42
+ key_type: key_type
42
43
  )
43
44
 
44
45
  if credential.save
@@ -57,4 +58,27 @@ class ActionAuth::WebauthnCredentialsController < ApplicationController
57
58
 
58
59
  redirect_to sessions_path
59
60
  end
61
+
62
+ private
63
+
64
+ def key_type
65
+ transports = params.dig(:response, :transports)
66
+ return :unknown unless transports.present?
67
+
68
+ transport_types = {
69
+ ["internal", "hybrid"] => :passkey,
70
+ ["usb", "nfc"] => :hardware,
71
+ ["bluetooth", "wireless"] => :wireless,
72
+ }.freeze
73
+
74
+ transport_types.each do |keys, type|
75
+ if transports.is_a?(String)
76
+ return type if keys.include?(transports)
77
+ elsif transports.is_a?(Array)
78
+ return type if (keys & transports).any?
79
+ end
80
+ end
81
+
82
+ :unknown
83
+ end
60
84
  end
@@ -10,5 +10,12 @@ module ActionAuth
10
10
  greater_than_or_equal_to: 0,
11
11
  less_than_or_equal_to: 2**32 - 1
12
12
  }
13
+
14
+ enum :key_type, {
15
+ unknown: 0,
16
+ passkey: 1,
17
+ hardware: 2,
18
+ wireless: 3
19
+ }
13
20
  end
14
21
  end
@@ -36,6 +36,7 @@
36
36
  <thead>
37
37
  <tr>
38
38
  <th>Key</th>
39
+ <th>Type</th>
39
40
  <th nowrap>Registered On</th>
40
41
  <th nowrap></th>
41
42
  </tr>
@@ -44,6 +45,7 @@
44
45
  <% current_user.webauthn_credentials.each do |credential| %>
45
46
  <%= content_tag :tr, id: dom_id(credential) do %>
46
47
  <td><%= credential.nickname %></td>
48
+ <td><%= credential.key_type %></td>
47
49
  <td nowrap><%= credential.created_at.strftime('%B %d, %Y') %></td>
48
50
  <td nowrap><%= button_to "Delete", credential, method: :delete, class: "btn btn-primary" %></td>
49
51
  <% end %>
@@ -10,7 +10,7 @@
10
10
  class: "action-auth--text-center" do %>
11
11
 
12
12
  <div class="mb-3 action-auth--text-center">
13
- Insert a USB key, if necessary, and tap it.
13
+ You must use a passkey, not a hardware key, to sign in.
14
14
  An account with a matching passkey is required.
15
15
  </div>
16
16
  <% end %>
@@ -0,0 +1,5 @@
1
+ class AddTypeToWebauthnCredentials < ActiveRecord::Migration[7.2]
2
+ def change
3
+ add_column :webauthn_credentials, :key_type, :integer, default: 0, limit: 2
4
+ end
5
+ end
@@ -4,6 +4,8 @@ module ActionAuth
4
4
  attr_accessor :allow_user_deletion
5
5
  attr_accessor :default_from_email
6
6
  attr_accessor :magic_link_enabled
7
+ attr_accessor :passkey_only
8
+ attr_accessor :pwned_enabled
7
9
  attr_accessor :verify_email_on_sign_in
8
10
  attr_accessor :webauthn_enabled
9
11
  attr_accessor :webauthn_origin
@@ -1,3 +1,3 @@
1
1
  module ActionAuth
2
- VERSION = "1.4.1"
2
+ VERSION = "1.5.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: action_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Kimura
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-15 00:00:00.000000000 Z
11
+ date: 2024-08-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -98,6 +98,7 @@ files:
98
98
  - db/migrate/20231107170349_create_action_auth_sessions.rb
99
99
  - db/migrate/20240111125859_add_webauthn_credentials.rb
100
100
  - db/migrate/20240111142545_add_webauthn_id_to_users.rb
101
+ - db/migrate/20240818032321_add_type_to_webauthn_credentials.rb
101
102
  - lib/action_auth.rb
102
103
  - lib/action_auth/configuration.rb
103
104
  - lib/action_auth/controllers/helpers.rb
@@ -127,7 +128,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
127
128
  - !ruby/object:Gem::Version
128
129
  version: '0'
129
130
  requirements: []
130
- rubygems_version: 3.5.11
131
+ rubygems_version: 3.5.17
131
132
  signing_key:
132
133
  specification_version: 4
133
134
  summary: A simple Rails engine for authorization.