active_model_otp 0.1.0 → 1.0.0

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    ZjdjOTMxYzkxNjI1MGM0ODdiZmNkZmFiYTZiMjBlZjc4ZTQzMjg2Mw==
+  data.tar.gz: !binary |-
+    ZTQ4OGJlNTQzOTViZWEzNDU1MWU1YmQ3Y2Q5Njc3ZDQ0ZjdmMDVkYQ==
+SHA512:
+  metadata.gz: !binary |-
+    YWIyZDViZGE0YWRhYjc2M2YyZjRkYWVhMDI3NjA4YjgxMzRhY2E1MjNkOWM4
+    MmE5YjZlOTlhYmVkMDhkZjNjZjMzOTYzNzkzNTQ0ODZjMGEzOTRjZTc1OGNj
+    NDYwNDRiNmEzNmNjZWJhYTQxNzdhNzE2MzBjYzVhNjFhMzAzMWQ=
+  data.tar.gz: !binary |-
+    YjdkNDlkYmRjNWM1MTRlZDQzZTMwNzFkZGE4OGMwMzU5NmQ1YWExMDY4YTA2
+    NTMwOTgwYWE5NjdkM2M1MzdiMDc3MGZhMWM0YWUzMDA2NDFlNDFmNWM3ZTlk
+    Y2ViODliODQ4YzQxYmY1Y2UyNWNiYjIzY2QwMDQzZDllNWFhYjQ=

data/CHANGELOG.md

@@ -0,0 +1,9 @@
+#v1.0.0
+- Avoid overriding predefined otp_column value when initializing resource (Ilan Stern) https://github.com/heapsource/active_model_otp/pull/10
+- Pad OTP codes with less than 6 digits (Johan Brissmyr) https://github.com/heapsource/active_model_otp/pull/7
+- Get rid of deprecation warnings in Rails 4.1 (Nick DeMonner)
+
+#v0.1.0
+- OTP codes can be in 5 or 6 digits (André Luis Leal Cardoso Junior)
+- Require 'cgi', rotp needs it for encoding parameters (André Luis Leal Cardoso Junior)
+- Change column name for otp secret key (robertomiranda)

data/README.md

@@ -37,17 +37,22 @@ class User < ActiveRecord::Base
 end
 ```
 
+Note: If you're adding this to an existing user model you'll need to generate *otp_secret_key* with a migration like:
+```ruby
+User.all.each { |user| user.update_attribute(:otp_secret_key, ROTP::Base32.random_base32) }
+```
+
 
 ##Usage
 
 The has_one_time_password sentence provides to the model some useful methods in order to implement our TFA system. AMo:Otp generates one time passwords according to [RFC 4226](http://tools.ietf.org/html/rfc4226) and the [HOTP RFC](http://tools.ietf.org/html/draft-mraihi-totp-timebased-00). This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail.
 
-The otp_secret_key is saved automatically when a object is created, 
+The otp_secret_key is saved automatically when a object is created,
 
 ```ruby
 user = User.create(email: "hello@heapsource.com")
 user.otp_secret_key
- => "jt3gdd2qm6su5iqh" 
+ => "jt3gdd2qm6su5iqh"
 ```
 
 **Note:** You can fork the applications for [iPhone](https://github.com/heapsource/google-authenticator) & [Android](https://github.com/heapsource/google-authenticator.android) and customize it
@@ -57,6 +62,12 @@ user.otp_secret_key
 user.otp_code # => '186522'
 sleep 30
 user.otp_code # => '850738'
+
+# Override current time
+user.otp_code(time: Time.now + 3600) # => '317438'
+
+# Don't zero-pad to six digits
+user.otp_code(padding: false) # => '438'
 ```
 
 ### Authenticating using a code
@@ -80,11 +91,11 @@ user.authenticate_otp('186522', drift: 60) # => true
 The library works with the Google Authenticator iPhone and Android app, and also includes the ability to generate provisioning URI's to use with the QR Code scanner built into the app.
 
 ```ruby
-# Use you user's emails for generate the provision_url
-user.provision_uri # => 'otpauth://totp/hello@heapsource.com?secret=2z6hxkdwi3uvrnpn'
+# Use you user's emails for generate the provisioning_url
+user.provisioning_uri # => 'otpauth://totp/hello@heapsource.com?secret=2z6hxkdwi3uvrnpn'
 
-# Use a custom fied for generate the provision_url
-user.provision_uri("hello") # => 'otpauth://totp/hello?secret=2z6hxkdwi3uvrnpn'
+# Use a custom fied for generate the provisioning_url
+user.provisioning_uri("hello") # => 'otpauth://totp/hello?secret=2z6hxkdwi3uvrnpn'
 ```
 
 This can then be rendered as a QR Code which can then be scanned and added to the users list of OTP credentials.
@@ -119,13 +130,10 @@ puts "Current code #{user.otp_code}"
 
 ### Useful Examples
 
-#### Generating QR Code with Google Charts API
-
-#### Generating QR Code with rqrcode and chunky_png
-
-#### Sendind code via email with Twilio
-
-#### Using with Mongoid
+- [Generate QR code with rqrcode gem](https://github.com/heapsource/active_model_otp/wiki/Generate-QR-code-with-rqrcode-gem)
+- Generating QR Code with Google Charts API
+- [Sendind code via email with Twilio](https://github.com/heapsource/active_model_otp/wiki/Send-code-via-Twilio-SMS)
+- Using with Mongoid
 
 ## Contributing
 

data/lib/active_model/one_time_password.rb

@@ -10,7 +10,7 @@ module ActiveModel
 
         include InstanceMethodsOnActivation
 
-        before_create { self.otp_column = ROTP::Base32.random_base32 }
+        before_create { self.otp_column ||= ROTP::Base32.random_base32 }
 
         if respond_to?(:attributes_protected_by_default)
           def self.attributes_protected_by_default #:nodoc:
@@ -30,8 +30,15 @@ module ActiveModel
         end
       end
 
-      def otp_code(time = Time.now)
-        ROTP::TOTP.new(self.otp_column).at(time)
+      def otp_code(options = {})
+        if options.is_a? Hash
+          time = options.fetch(:time, Time.now)
+          padding = options.fetch(:padding, true)
+        else
+          time = options
+          padding = true
+        end
+        ROTP::TOTP.new(self.otp_column).at(time, padding)
       end
 
       def provisioning_uri(account = nil)

data/lib/active_model/otp/version.rb

@@ -1,5 +1,5 @@
 module ActiveModel
   module Otp
-    VERSION = "0.1.0"
+    VERSION = "1.0.0"
   end
 end

data/lib/active_model_otp.rb

@@ -1,5 +1,5 @@
 require "active_model"
-require "active_support/core_ext/class/attribute_accessors"
+require "active_support/core_ext/module/attribute_accessors"
 require "cgi"
 require "rotp"
 require "active_model/one_time_password"

data/test/one_time_password_test.rb

@@ -27,8 +27,14 @@ class OtpTest < MiniTest::Unit::TestCase
   end
 
   def test_otp_code
-    assert_match(/\d{5,6}/, @user.otp_code.to_s)
-    assert_match(/\d{5,6}/, @visitor.otp_code.to_s)
+    assert_match(/^\d{6}$/, @user.otp_code.to_s)
+    assert_match(/^\d{6}$/, @visitor.otp_code.to_s)
+  end
+
+  def test_otp_code_padding
+    @user.otp_column = 'kw5jhligwqaiw7jc'
+    assert_match(/^\d{6}$/, @user.otp_code(time: 2160, padding: true).to_s)
+    assert_match(/^\d{3}$/, @user.otp_code(time: 2160, padding: false).to_s)
   end
 
   def test_provisioning_uri_with_provided_account

metadata

@@ -1,8 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_model_otp
 version: !ruby/object:Gem::Version
-  version: 0.1.0
-  prerelease: 
+  version: 1.0.0
 platform: ruby
 authors:
 - Guillermo Iguaran
@@ -11,12 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-19 00:00:00.000000000 Z
+date: 2014-08-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -24,7 +22,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -32,7 +29,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rotp
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -40,7 +36,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -48,7 +43,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -56,7 +50,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -64,7 +57,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -72,7 +64,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -80,7 +71,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -88,7 +78,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -105,6 +94,7 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - .travis.yml
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -120,27 +110,26 @@ files:
 homepage: ''
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.25
+rubygems_version: 2.2.2
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Adds methods to set and authenticate against one time passwords.
 test_files:
 - test/models/user.rb