RubyGems - active_model_otp - Versions diffs - 2.2.0 → 2.3.0 - Mend

active_model_otp 2.2.0 → 2.3.0

Files changed (11) hide show

checksums.yaml +4 -4
data/.github/workflows/active_model_otp.yml +43 -0
data/README.md +22 -0
data/lib/active_model/one_time_password.rb +37 -12
data/lib/active_model/otp/version.rb +1 -1
data/test/models/default_interval_user.rb +5 -0
data/test/models/interval_user.rb +5 -0
data/test/one_time_password_test.rb +20 -0
data/test/schema.rb +16 -0
metadata +7 -3
data/.travis.yml +0 -43

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bdc023d65f130fca41bde8f20a7094e587c7940240ae5b36778e54d2efcf76ac
-  data.tar.gz: 1dab4dd23328538a3a3c8d9a712b9a16d01673b3d997538169126966c653cdf6
+  metadata.gz: 2a57a05fda7ae2023dc877a96228e00e5dbca948bc8d17c1058232a42086e285
+  data.tar.gz: 9d3a965117edbf33fb77585126be84e2fd44b613bbbc435c74627b198b87ee5f
 SHA512:
-  metadata.gz: f896afd30554da73cff730f4277aefe8805b4cbb3da0bf550039b14b8d4611374498b1cf4b0eae2fe80d7a35bdaafdc0ae1558ffbdea3f2f708d2334a81e1af2
-  data.tar.gz: 0d3b2a4fe8d0e26e9c06bd71e471bcabf4a048f1f1bd531691c0afbc5feda757147ca045ddedec34e587240b0b1337960a9248c0340e6f57ec5d7057cec776ea
+  metadata.gz: 847accabdd4eff2942a917f497197b3be90bb5cf9e9caefb0cd753635994e3bb8b730aab0d9387aa13c4e929793816333d094b620037a8f9c002a7cc3f3ebdcb
+  data.tar.gz: 6a47a8a378bdb2d9155a165e503f672b5c57576c7f9d4fdef271767422a2d9804a141252707cb0181b02c36a91024d1867b9114cdbc95e475c2e4b292f750b65

data/.github/workflows/active_model_otp.yml ADDED Viewed

@@ -0,0 +1,43 @@
+name: Active Model OTP
+on:
+  push:
+    branches: [main]
+  pull_request:
+    types: [opened, synchronize, reopened, edited]
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        gemfile: [rails_4.2, rails_5.0, rails_5.1, rails_5.2, rails_6.0, rails_6.1]
+        ruby-version: [2.3, 2.4, 2.5, 2.6, 2.7, 3.0]
+        exclude:
+          - { gemfile: rails_6.0, ruby-version: 2.3 }
+          - { gemfile: rails_6.1, ruby-version: 2.3 }
+          - { gemfile: rails_6.0, ruby-version: 2.4 }
+          - { gemfile: rails_6.1, ruby-version: 2.4 }
+          - { gemfile: rails_4.2, ruby-version: 2.7 }
+          - { gemfile: rails_4.2, ruby-version: 3.0 }
+          - { gemfile: rails_5.0, ruby-version: 3.0 }
+          - { gemfile: rails_5.1, ruby-version: 3.0 }
+          - { gemfile: rails_5.2, ruby-version: 3.0 }
+    env:
+      BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+      - name: Install dependencies
+        run: bundle install
+      - name: Run tests with Ruby ${{ matrix.ruby-version }} and Gemfile ${{ matrix.gemfile }}
+        run: bundle exec rake

data/README.md CHANGED Viewed

@@ -213,6 +213,28 @@ user.provisioning_uri(nil, issuer: 'MYAPP') #=> 'otpauth://totp/hello@heapsource
 This can then be rendered as a QR Code which can be scanned and added to the users list of OTP credentials.
+### Setting up a customer interval
+If you define a custom interval for TOTP codes, just as `has_one_time_password interval: 10` (for example), remember to include the interval also in `provisioning_uri` method. If not defined, the default value is 30 seconds (according to ROTP gem: https://github.com/mdp/rotp/blob/master/lib/rotp/totp.rb#L9)
+```ruby
+class User < ApplicationRecord
+  has_one_time_password interval: 10 # the interval value is in seconds
+end
+user = User.new
+user.provisioning_uri("hello", interval: 10) # => 'otpauth://totp/hello?secret=2z6hxkdwi3uvrnpn&period=10'
+# This code snippet generates OTP codes that expires every 10 seconds.
+```
+**Note**: Only some authenticator apps are compatible with custom `period` of tokens, for more details check these links:
+- https://labanskoller.se/blog/2019/07/11/many-common-mobile-authenticator-apps-accept-qr-codes-for-modes-they-dont-support
+- https://www.ibm.com/docs/en/sva/9.0.7?topic=authentication-configuring-totp-one-time-password-mechanism
+So, be careful and aware when using custom intervals/periods for your TOTP codes beyond the default 30 seconds :)
 ### Working example
 Scan the following barcode with your phone, using Google Authenticator

data/lib/active_model/one_time_password.rb CHANGED Viewed

@@ -2,25 +2,42 @@ module ActiveModel
   module OneTimePassword
     extend ActiveSupport::Concern
+    OTP_DEFAULT_COLUMN_NAME = 'otp_secret_key'.freeze
+    OTP_DEFAULT_COUNTER_COLUMN_NAME = 'otp_counter'.freeze
+    OTP_DEFAULT_BACKUP_CODES_COLUMN_NAME = 'otp_backup_codes'.freeze
+    OTP_DEFAULT_DIGITS = 6
+    OTP_DEFAULT_BACKUP_CODES_COUNT = 12
+    OTP_COUNTER_ENABLED_BY_DEFAULT = false
+    OTP_BACKUP_CODES_ENABLED_BY_DEFAULT = false
     module ClassMethods
       def has_one_time_password(options = {})
         cattr_accessor :otp_column_name, :otp_counter_column_name,
                        :otp_backup_codes_column_name
         class_attribute :otp_digits, :otp_counter_based,
-                        :otp_backup_codes_count, :otp_one_time_backup_codes
-        self.otp_column_name = (options[:column_name] || "otp_secret_key").to_s
-        self.otp_digits = options[:length] || 6
-        self.otp_counter_based = (options[:counter_based] || false)
-        self.otp_counter_column_name = (options[:counter_column_name] || "otp_counter").to_s
+                        :otp_backup_codes_count, :otp_one_time_backup_codes,
+                        :otp_interval
+        self.otp_column_name = (
+          options[:column_name] || OTP_DEFAULT_COLUMN_NAME
+        ).to_s
+        self.otp_digits = options[:length] || OTP_DEFAULT_DIGITS
+        self.otp_counter_based = (
+          options[:counter_based] || OTP_COUNTER_ENABLED_BY_DEFAULT
+        )
+        self.otp_counter_column_name = (
+          options[:counter_column_name] || OTP_DEFAULT_COUNTER_COLUMN_NAME
+        ).to_s
+        self.otp_interval = options[:interval]
         self.otp_backup_codes_column_name = (
-          options[:backup_codes_column_name] || 'otp_backup_codes'
+          options[:backup_codes_column_name] ||
+          OTP_DEFAULT_BACKUP_CODES_COLUMN_NAME
         ).to_s
-        self.otp_backup_codes_count = options[:backup_codes_count] || 12
+        self.otp_backup_codes_count = (
+          options[:backup_codes_count] || OTP_DEFAULT_BACKUP_CODES_COUNT
+        )
         self.otp_one_time_backup_codes = (
-          options[:one_time_backup_codes] || false
+          options[:one_time_backup_codes] || OTP_BACKUP_CODES_ENABLED_BY_DEFAULT
         )
         include InstanceMethodsOnActivation
@@ -144,7 +161,11 @@ module ActiveModel
       end
       def authenticate_totp(code, options = {})
-        totp = ROTP::TOTP.new(otp_column, digits: otp_digits)
+        totp = ROTP::TOTP.new(
+          otp_column,
+          digits: otp_digits,
+          interval: otp_interval
+        )
         if (drift = options[:drift])
           totp.verify(code, drift_behind: drift)
         else
@@ -166,7 +187,11 @@ module ActiveModel
                else
                  options
                end
-        ROTP::TOTP.new(otp_column, digits: otp_digits).at(time)
+        ROTP::TOTP.new(
+          otp_column,
+          digits: otp_digits,
+          interval: otp_interval
+        ).at(time)
       end
       def authenticate_backup_code(code)

data/lib/active_model/otp/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module ActiveModel
   module Otp
-    VERSION = "2.2.0".freeze
+    VERSION = '2.3.0'.freeze
   end
 end

data/test/models/default_interval_user.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+class DefaultIntervalUser < ActiveRecord::Base
+  has_one_time_password interval: 500
+end

data/test/models/interval_user.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+class IntervalUser < ActiveRecord::Base
+  has_one_time_password interval: 2
+end

data/test/one_time_password_test.rb CHANGED Viewed

@@ -162,4 +162,24 @@ class OtpTest < MiniTest::Test
   def test_otp_random_secret
     assert_match(/^.{32}$/, @user.class.otp_random_secret)
   end
+  def test_otp_interval
+    @interval_user = IntervalUser.new
+    @interval_user.email = 'roberto@heapsource.com'
+    @interval_user.run_callbacks :create
+    otp_code = @interval_user.otp_code
+    2.times { assert_match(otp_code, @interval_user.otp_code) }
+    sleep 5
+    refute_match(otp_code, @interval_user.otp_code)
+  end
+  def test_otp_default_interval
+    @default_interval_user = DefaultIntervalUser.new
+    @default_interval_user.email = 'roberto@heapsource.com'
+    @default_interval_user.run_callbacks :create
+    otp_code = @default_interval_user.otp_code
+    2.times { assert_match(otp_code, @default_interval_user.otp_code) }
+    sleep 5
+    assert_match(otp_code, @default_interval_user.otp_code)
+  end
 end

data/test/schema.rb CHANGED Viewed

@@ -8,4 +8,20 @@ ActiveRecord::Schema.define do
     t.string :otp_secret_key
     t.timestamps
   end
+  create_table :interval_users, force: true do |t|
+    t.string :key
+    t.string :email
+    t.integer :otp_counter
+    t.string :otp_secret_key
+    t.timestamps
+  end
+  create_table :default_interval_users, force: true do |t|
+    t.string :key
+    t.string :email
+    t.integer :otp_counter
+    t.string :otp_secret_key
+    t.timestamps
+  end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_model_otp
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors:
 - Guillermo Iguaran
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-30 00:00:00.000000000 Z
+date: 2021-06-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -120,8 +120,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/active_model_otp.yml"
 - ".gitignore"
-- ".travis.yml"
 - Appraisals
 - CHANGELOG.md
 - Gemfile
@@ -139,6 +139,8 @@ files:
 - lib/active_model/otp/version.rb
 - lib/active_model_otp.rb
 - test/models/activerecord_user.rb
+- test/models/default_interval_user.rb
+- test/models/interval_user.rb
 - test/models/member.rb
 - test/models/opt_in_two_factor.rb
 - test/models/user.rb
@@ -171,6 +173,8 @@ specification_version: 4
 summary: Adds methods to set and authenticate against one time passwords.
 test_files:
 - test/models/activerecord_user.rb
+- test/models/default_interval_user.rb
+- test/models/interval_user.rb
 - test/models/member.rb
 - test/models/opt_in_two_factor.rb
 - test/models/user.rb

data/.travis.yml DELETED Viewed

@@ -1,43 +0,0 @@
-rvm:
-  - 2.3
-  - 2.4
-  - 2.5
-  - 2.6
-  - 2.7
-  - 3.0
-  - ruby-head
-gemfile:
-  - gemfiles/rails_4.2.gemfile
-  - gemfiles/rails_5.0.gemfile
-  - gemfiles/rails_5.1.gemfile
-  - gemfiles/rails_5.2.gemfile
-  - gemfiles/rails_6.0.gemfile
-  - gemfiles/rails_6.1.gemfile
-matrix:
-  exclude:
-    - rvm: 2.3
-      gemfile: gemfiles/rails_6.0.gemfile
-    - rvm: 2.3
-      gemfile: gemfiles/rails_6.1.gemfile
-    - rvm: 2.4
-      gemfile: gemfiles/rails_6.0.gemfile
-    - rvm: 2.4
-      gemfile: gemfiles/rails_6.1.gemfile
-    - rvm: 2.7
-      gemfile: gemfiles/rails_4.2.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_4.2.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_5.0.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_5.1.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_5.2.gemfile
-  fast_finish: true
-  allow_failures:
-    - rvm: ruby-head
-# include:
-#   - rvm: jruby
-#     env: JRUBY_OPTS="--1.9 --server -Xcext.enabled=true"
-notifications:
-  email: false