RubyGems - active_model_otp - Versions diffs - 0.0.1 → 0.0.2 - Mend

active_model_otp 0.0.1 → 0.0.2

Files changed (9) hide show

data/.travis.yml +11 -0
data/README.md +7 -2
data/active_model_otp.gemspec +1 -1
data/lib/active_model/one_time_password.rb +16 -5
data/lib/active_model/otp/version.rb +1 -1
data/lib/active_model_otp.rb +1 -0
data/test/models/visitor.rb +12 -0
data/test/one_time_password_test.rb +13 -3
metadata +6 -3

data/.travis.yml ADDED Viewed

@@ -0,0 +1,11 @@
+rvm:
+  - 1.9.3
+  - 2.0.0
+matrix:
+  include:
+    - rvm: jruby
+      env: JRUBY_OPTS="--1.9 --server -Xcext.enabled=true"
+    - rvm: jruby-head
+      env: JRUBY_OPTS="--1.9 --server -Xcext.enabled=true"
+notifications:
+  email: false

data/README.md CHANGED Viewed

@@ -1,3 +1,5 @@
+[![Build Status](https://travis-ci.org/heapsource/active_model_otp.png)](https://travis-ci.org/heapsource/active_model_otp)
 # ActiveModel::Otp
 **ActiveModel::Otp** makes adding **Two Factor Authentication**(TFA) to a model simple, let's see what's required to get AMo::Otp working in our Application, using Rails 4.0 (AMo::Otp is also compatible with Rails 3.x versions) we're going to use an User model and some authentication to it. Inspired in AM::SecurePassword
@@ -38,8 +40,9 @@ end
 ##Usage
-The has_one_time_password sentence provides to the model some useful methods in order to implement our TFA system.
-The otp_secret_key is saved automatically when a object is created, otp_secret_key is generated according to [RFC 4226](http://tools.ietf.org/html/rfc4226) and the [HOTP RFC](http://tools.ietf.org/html/draft-mraihi-totp-timebased-00). This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail.
+The has_one_time_password sentence provides to the model some useful methods in order to implement our TFA system. AMo:Otp generates one time passwords according to [RFC 4226](http://tools.ietf.org/html/rfc4226) and the [HOTP RFC](http://tools.ietf.org/html/draft-mraihi-totp-timebased-00). This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail.
+The otp_secret_key is saved automatically when a object is created,
 ```ruby
 user = User.create(email: "hello@heapsource.com")
@@ -112,6 +115,8 @@ user.otp_secret_key = "2z6hxkdwi3uvrnpn"
 puts "Current code #{user.otp_code}"
 ```
+**Note:** otp_secret_key must be generated using RFC 3548 base32 key strings (for compatilibity with google authenticator)
 ### Useful Examples
 #### Generating QR Code with Google Charts API

data/active_model_otp.gemspec CHANGED Viewed

@@ -6,7 +6,7 @@ require 'active_model/otp/version'
 Gem::Specification.new do |spec|
   spec.name          = "active_model_otp"
   spec.version       = ActiveModel::Otp::VERSION
-  spec.authors       = ["Guillermo Iguaran", "Roberto Miranda", "Firebase.co"]
+  spec.authors       = ["Guillermo Iguaran", "Roberto Miranda", "Heapsource"]
   spec.email         = ["guilleiguaran@gmail.com", "rjmaltamar@gmail.com", "hello@firebase.co"]
   spec.description   = %q{Adds methods to set and authenticate against one time passwords. Inspired in AM::SecurePassword"}
   spec.summary       = "Adds methods to set and authenticate against one time passwords."

data/lib/active_model/one_time_password.rb CHANGED Viewed

@@ -5,13 +5,16 @@ module ActiveModel
     module ClassMethods
       def has_one_time_password(options = {})
+        cattr_accessor :otp_column_name
+        self.otp_column_name = (options[:column_name] || "otp_secret_key").to_s
         include InstanceMethodsOnActivation
-        before_create { self.otp_secret_key = ROTP::Base32.random_base32 }
+        before_create { self.otp_column = ROTP::Base32.random_base32 }
         if respond_to?(:attributes_protected_by_default)
           def self.attributes_protected_by_default #:nodoc:
-            super + ["otp_secret_key"]
+            super + [self.otp_column_name]
           end
         end
       end
@@ -19,7 +22,7 @@ module ActiveModel
     module InstanceMethodsOnActivation
       def authenticate_otp(code, options = {})
-        totp = ROTP::TOTP.new(self.otp_secret_key)
+        totp = ROTP::TOTP.new(self.otp_column)
         if drift = options[:drift]
           totp.verify_with_drift(code, drift)
         else
@@ -28,12 +31,20 @@ module ActiveModel
       end
       def otp_code(time = Time.now)
-        ROTP::TOTP.new(self.otp_secret_key).at(time)
+        ROTP::TOTP.new(self.otp_column).at(time)
       end
       def provisioning_uri(account = nil)
         account ||= self.email if self.respond_to?(:email)
-        ROTP::TOTP.new(self.otp_secret_key).provisioning_uri(account)
+        ROTP::TOTP.new(self.otp_column).provisioning_uri(account)
+      end
+      def otp_column
+        self.send(self.class.otp_column_name)
+      end
+      def otp_column=(attr)
+        self.send("#{self.class.otp_column_name}=", attr)
       end
     end

data/lib/active_model/otp/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module ActiveModel
   module Otp
-    VERSION = "0.0.1"
+    VERSION = "0.0.2"
   end
 end

data/lib/active_model_otp.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require "active_model"
 require "active_support/core_ext/class/attribute_accessors"
+require "cgi"
 require "rotp"
 require "active_model/one_time_password"

data/test/models/visitor.rb ADDED Viewed

@@ -0,0 +1,12 @@
+class Visitor
+  extend ActiveModel::Callbacks
+  include ActiveModel::Validations
+  include ActiveModel::OneTimePassword
+  define_model_callbacks :create
+  attr_accessor :otp_token, :email
+  has_one_time_password :column_name  => :otp_token
+end

data/test/one_time_password_test.rb CHANGED Viewed

@@ -5,29 +5,39 @@ class OtpTest < MiniTest::Unit::TestCase
     @user = User.new
     @user.email = 'roberto@heapsource.com'
     @user.run_callbacks :create
+    @visitor = Visitor.new
+    @visitor.email = 'roberto@heapsource.com'
+    @visitor.run_callbacks :create
   end
   def test_authenticate_with_otp
     code = @user.otp_code
     assert @user.authenticate_otp(code)
+    code = @visitor.otp_code
+    assert @visitor.authenticate_otp(code)
   end
   def test_authenticate_with_otp_when_drift_is_allowed
     code = @user.otp_code(Time.now - 30)
     assert @user.authenticate_otp(code, drift: 60)
+    code = @visitor.otp_code(Time.now - 30)
+    assert @visitor.authenticate_otp(code, drift: 60)
   end
   def test_otp_code
-    assert_match(/\d{6}/, @user.otp_code.to_s)
+    assert_match(/\d{5,6}/, @user.otp_code.to_s)
+    assert_match(/\d{5,6}/, @visitor.otp_code.to_s)
   end
   def test_provisioning_uri_with_provided_account
     assert_match %r{otpauth://totp/roberto\?secret=\w{16}}, @user.provisioning_uri("roberto")
+    assert_match %r{otpauth://totp/roberto\?secret=\w{16}}, @visitor.provisioning_uri("roberto")
   end
   def test_provisioning_uri_with_email_field
     assert_match %r{otpauth://totp/roberto@heapsource\.com\?secret=\w{16}}, @user.provisioning_uri
+    assert_match %r{otpauth://totp/roberto@heapsource\.com\?secret=\w{16}}, @visitor.provisioning_uri
   end
 end

metadata CHANGED Viewed

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: active_model_otp
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
   prerelease:
 platform: ruby
 authors:
 - Guillermo Iguaran
 - Roberto Miranda
-- Firebase.co
+- Heapsource
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-07-11 00:00:00.000000000 Z
+date: 2013-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -104,6 +104,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- .travis.yml
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -113,6 +114,7 @@ files:
 - lib/active_model/otp/version.rb
 - lib/active_model_otp.rb
 - test/models/user.rb
+- test/models/visitor.rb
 - test/one_time_password_test.rb
 - test/test_helper.rb
 homepage: ''
@@ -142,5 +144,6 @@ specification_version: 3
 summary: Adds methods to set and authenticate against one time passwords.
 test_files:
 - test/models/user.rb
+- test/models/visitor.rb
 - test/one_time_password_test.rb
 - test/test_helper.rb