authentication-zero 2.16.24 → 2.16.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/Gemfile.lock +1 -1
  4. data/lib/authentication_zero/version.rb +1 -1
  5. data/lib/generators/authentication/authentication_generator.rb +3 -2
  6. data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/profile/totps_controller.rb.tt +6 -1
  7. data/lib/generators/authentication/templates/erb/two_factor_authentication/profile/totps/new.html.erb.tt +12 -0
  8. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 769f7682100782d48f09608fc6468e6be06375acd2d1dabd01f0aef1074b2c96
4
- data.tar.gz: 04453fdec338106d6d2668809f2dc84b40bfb0f0635ac26204be27f6f7d0f001
3
+ metadata.gz: 7e2f92cea6894605d40f9db5bad75a4cb227a89043a19f8fe79172b83731b226
4
+ data.tar.gz: 85801b84481982cabfc5d1bbbbc554893d4597ed70a7550f1f4e299f8b4b81ae
5
5
  SHA512:
6
- metadata.gz: 5b020228f7e344bf79771883bf498f25315078f0a8282ea617e817d658808c7706f70dc8325e1c759cf305177e9999a9f8c564666f366e25f3a9c7f85156c8c8
7
- data.tar.gz: 57ab3706f6025956a4e08d4c3c332b36685cb4f9d8dedbf5d88ccfe4ff445d4d7c572a74bea5d64071e1e9b19ddcad938357836f07c0e0a630f86cca1c5c3d0f
6
+ metadata.gz: cc3bddc51a3cbe07dc2dd990ae65b9692699f3dad8d370da99952ee7cedb3c6d31699ee7804e5c0b5b0ff8a8e5b05182a9a1c40d58d04c364d7171f53c193b8d
7
+ data.tar.gz: 07bccc4f5eb51fac1da60e82bd3f819f2b29aec97085d73fd13d819ed69b81a704b12bd866e2340b6641ee860563d49a67bea43854a2efa0da23004c9501a598
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## Authentication Zero 2.16.25 ##
2
+
3
+ * Add new option to refresh otp secret
4
+
1
5
  ## Authentication Zero 2.16.24 ##
2
6
 
3
7
  * Remove otp secret from client
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.16.24)
4
+ authentication-zero (2.16.25)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/lib/authentication_zero/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.16.24"
2
+ VERSION = "2.16.25"
3
3
  end
data/lib/generators/authentication/authentication_generator.rb CHANGED
@@ -117,7 +117,8 @@ class AuthenticationGenerator < Rails::Generators::Base
117
117
 
118
118
  def install_javascript_dependencies
119
119
  return if options.api?
120
- template "javascript/controllers/application.js", "app/javascript/controllers/application.js"
120
+
121
+ template "javascript/controllers/application.js", "app/javascript/controllers/application.js", force: true
121
122
 
122
123
  if webauthn?
123
124
  run "bin/importmap pin stimulus-web-authn" if importmaps?
@@ -195,7 +196,7 @@ class AuthenticationGenerator < Rails::Generators::Base
195
196
 
196
197
  if two_factor?
197
198
  route "resources :recovery_codes, only: [:index, :create]", namespace: [:two_factor_authentication, :profile]
198
- route "resource :totp, only: [:new, :create]", namespace: [:two_factor_authentication, :profile]
199
+ route "resource :totp, only: [:new, :create, :update]", namespace: [:two_factor_authentication, :profile]
199
200
  route "resources :security_keys", namespace: [:two_factor_authentication, :profile] if webauthn?
200
201
 
201
202
  route "resource :recovery_codes, only: [:new, :create]", namespace: [:two_factor_authentication, :challenge]
data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/profile/totps_controller.rb.tt CHANGED
@@ -1,6 +1,6 @@
1
1
  class TwoFactorAuthentication::Profile::TotpsController < ApplicationController
2
2
  before_action :set_user
3
- before_action :set_totp
3
+ before_action :set_totp, only: %i[ new create ]
4
4
 
5
5
  def new
6
6
  @qr_code = RQRCode::QRCode.new(provisioning_uri)
@@ -15,6 +15,11 @@ class TwoFactorAuthentication::Profile::TotpsController < ApplicationController
15
15
  end
16
16
  end
17
17
 
18
+ def update
19
+ @user.update! otp_secret: ROTP::Base32.random
20
+ redirect_to new_two_factor_authentication_profile_totp_path
21
+ end
22
+
18
23
  private
19
24
  def set_user
20
25
  @user = Current.user
data/lib/generators/authentication/templates/erb/two_factor_authentication/profile/totps/new.html.erb.tt CHANGED
@@ -1,5 +1,17 @@
1
1
  <p style="color: red"><%%= alert %></p>
2
2
 
3
+ <%% if Current.user.otp_required_for_sign_in? %>
4
+ <h1>Want to replace your existing 2FA setup?</h1>
5
+
6
+ <p>Your account is already protected with two-factor authentication. You can replace that setup if you want to switch to a new phone or authenticator app.</p>
7
+
8
+ <p><strong>Do you want to continue? Your existing 2FA setup will no longer work.</strong></p>
9
+
10
+ <%%= button_to "Yes, replace my 2FA setup", two_factor_authentication_profile_totp_path, method: :patch %>
11
+
12
+ <hr>
13
+ <%% end %>
14
+
3
15
  <h1>Upgrade your security with 2FA</h1>
4
16
 
5
17
  <h2>Step 1: Get an Authenticator App</h2>
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.16.24
4
+ version: 2.16.25
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon