authie 4.0.0.rc5 → 4.0.0.rc8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/db/migrate/20220502180100_add_two_factor_required_to_sessions.rb +7 -0
- data/lib/authie/config.rb +4 -0
- data/lib/authie/controller_delegate.rb +4 -1
- data/lib/authie/controller_extension.rb +4 -0
- data/lib/authie/session.rb +23 -1
- data/lib/authie/session_model.rb +24 -10
- metadata +3 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 34f5fbbc0393fb8f28c1aa13fa1bf7e1bb04c53588c679844dcf46348c119921
|
4
|
+
data.tar.gz: f875d3738a56db47b795cacfcabcf1447d87efec7b7a231db06d8b72bce387db
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6b1866dae5679014d40a15b9bf6ba1b463b80f7ffba8246ef056bcbe48cce07b39395a85dbe0b6ef1849271c794044571dd4cbad71c3591a478167b378917bb2
|
7
|
+
data.tar.gz: a109dad855e4d97a11cf4b9f4dea6316383e34a5a7a2a13c10bffc1efe8a5ffcc45c487bb90793dadbcd694a5f2ecb647d0c519a6cc17fb53dc77bb8722d7ea1
|
data/lib/authie/config.rb
CHANGED
@@ -8,6 +8,8 @@ module Authie
|
|
8
8
|
attr_accessor :persistent_session_length
|
9
9
|
attr_accessor :sudo_session_timeout
|
10
10
|
attr_accessor :browser_id_cookie_name
|
11
|
+
attr_accessor :session_token_length
|
12
|
+
attr_accessor :extend_session_expiry_on_touch
|
11
13
|
attr_accessor :events
|
12
14
|
|
13
15
|
def initialize
|
@@ -15,6 +17,8 @@ module Authie
|
|
15
17
|
@persistent_session_length = 2.months
|
16
18
|
@sudo_session_timeout = 10.minutes
|
17
19
|
@browser_id_cookie_name = :browser_id
|
20
|
+
@session_token_length = 64
|
21
|
+
@extend_session_expiry_on_touch = false
|
18
22
|
@events = EventManager.new
|
19
23
|
end
|
20
24
|
end
|
@@ -9,10 +9,13 @@ module Authie
|
|
9
9
|
# The controller delegate implements methods that can be used by a controller. These are then
|
10
10
|
# extended into controllers as needed (see ControllerExtension).
|
11
11
|
class ControllerDelegate
|
12
|
+
attr_accessor :touch_auth_session_enabled
|
13
|
+
|
12
14
|
# @param controller [ActionController::Base]
|
13
15
|
# @return [Authie::ControllerDelegate]
|
14
16
|
def initialize(controller)
|
15
17
|
@controller = controller
|
18
|
+
@touch_auth_session_enabled = true
|
16
19
|
end
|
17
20
|
|
18
21
|
# Sets a browser ID. This must be performed on any page request where AUthie will be used.
|
@@ -52,7 +55,7 @@ module Authie
|
|
52
55
|
def touch_auth_session
|
53
56
|
yield if block_given?
|
54
57
|
ensure
|
55
|
-
auth_session.touch if logged_in?
|
58
|
+
auth_session.touch if @touch_auth_session_enabled && logged_in?
|
56
59
|
end
|
57
60
|
|
58
61
|
# Return the user for the currently logged in user or nil if no user is logged in
|
data/lib/authie/session.rb
CHANGED
@@ -92,6 +92,7 @@ module Authie
|
|
92
92
|
@session.last_activity_ip = @controller.request.ip
|
93
93
|
@session.last_activity_path = @controller.request.path
|
94
94
|
@session.requests += 1
|
95
|
+
extend_session_expiry_if_appropriate
|
95
96
|
@session.save!
|
96
97
|
Authie.config.events.dispatch(:session_touched, self)
|
97
98
|
self
|
@@ -113,9 +114,10 @@ module Authie
|
|
113
114
|
#
|
114
115
|
# @raises [ActiveRecord::RecordInvalid]
|
115
116
|
# @return [Authie::Session]
|
116
|
-
def mark_as_two_factored
|
117
|
+
def mark_as_two_factored(skip: false)
|
117
118
|
@session.two_factored_at = Time.now
|
118
119
|
@session.two_factored_ip = @controller.request.ip
|
120
|
+
@session.skip_two_factor = skip
|
119
121
|
@session.save!
|
120
122
|
Authie.config.events.dispatch(:marked_as_two_factor, self)
|
121
123
|
self
|
@@ -132,6 +134,15 @@ module Authie
|
|
132
134
|
self
|
133
135
|
end
|
134
136
|
|
137
|
+
# Resets the token for the currently active session to a new string
|
138
|
+
#
|
139
|
+
# @return [Authie::Session]
|
140
|
+
def reset_token
|
141
|
+
@session.reset_token
|
142
|
+
set_cookie
|
143
|
+
self
|
144
|
+
end
|
145
|
+
|
135
146
|
private
|
136
147
|
|
137
148
|
# rubocop:disable Naming/AccessorMethodName
|
@@ -201,6 +212,16 @@ module Authie
|
|
201
212
|
self
|
202
213
|
end
|
203
214
|
|
215
|
+
def extend_session_expiry_if_appropriate
|
216
|
+
return if @session.expires_at.nil?
|
217
|
+
return unless Authie.config.extend_session_expiry_on_touch
|
218
|
+
|
219
|
+
# If enabled, sessions with an expiry time will automatiaclly be incremented
|
220
|
+
# whenever a page is touched. The cookie will also be updated as appropriate.
|
221
|
+
@session.expires_at = Authie.config.persistent_session_length.from_now
|
222
|
+
set_cookie
|
223
|
+
end
|
224
|
+
|
204
225
|
class << self
|
205
226
|
# Create a new session within the given controller for the
|
206
227
|
#
|
@@ -284,6 +305,7 @@ module Authie
|
|
284
305
|
delegate :two_factored_at, to: :session
|
285
306
|
delegate :two_factored_ip, to: :session
|
286
307
|
delegate :two_factored?, to: :session
|
308
|
+
delegate :skip_two_factor, to: :session
|
287
309
|
delegate :update, to: :session
|
288
310
|
delegate :update!, to: :session
|
289
311
|
delegate :user_agent, to: :session
|
data/lib/authie/session_model.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require 'active_record/base'
|
4
|
-
require '
|
4
|
+
require 'securerandom'
|
5
5
|
require 'authie/config'
|
6
6
|
|
7
7
|
module Authie
|
@@ -19,15 +19,8 @@ module Authie
|
|
19
19
|
# Attributes
|
20
20
|
serialize :data, Hash
|
21
21
|
|
22
|
-
before_validation
|
23
|
-
|
24
|
-
self.last_activity_path = last_activity_path[0, 255] if last_activity_path.is_a?(String)
|
25
|
-
end
|
26
|
-
|
27
|
-
before_create do
|
28
|
-
self.temporary_token = SecureRandomString.new(44)
|
29
|
-
self.token_hash = self.class.hash_token(temporary_token)
|
30
|
-
end
|
22
|
+
before_validation :shorten_strings
|
23
|
+
before_create :set_new_token
|
31
24
|
|
32
25
|
# Return the user that
|
33
26
|
def user
|
@@ -109,6 +102,27 @@ module Authie
|
|
109
102
|
self.class.where('id < ?', id).for_user(user).where(login_ip: login_ip).empty?
|
110
103
|
end
|
111
104
|
|
105
|
+
# Reset a new token for the session and return the new token
|
106
|
+
#
|
107
|
+
# @return [String]
|
108
|
+
def reset_token
|
109
|
+
set_new_token
|
110
|
+
save!
|
111
|
+
temporary_token
|
112
|
+
end
|
113
|
+
|
114
|
+
private
|
115
|
+
|
116
|
+
def shorten_strings
|
117
|
+
self.user_agent = user_agent[0, 255] if user_agent.is_a?(String)
|
118
|
+
self.last_activity_path = last_activity_path[0, 255] if last_activity_path.is_a?(String)
|
119
|
+
end
|
120
|
+
|
121
|
+
def set_new_token
|
122
|
+
self.temporary_token = SecureRandom.alphanumeric(Authie.config.session_token_length)
|
123
|
+
self.token_hash = self.class.hash_token(temporary_token)
|
124
|
+
end
|
125
|
+
|
112
126
|
class << self
|
113
127
|
# Find a session from the database for the given controller instance.
|
114
128
|
# Returns a session object or :none if no session is found.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authie
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.0.0.
|
4
|
+
version: 4.0.0.rc8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adam Cooke
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-05-
|
11
|
+
date: 2022-05-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activerecord
|
@@ -30,20 +30,6 @@ dependencies:
|
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: '8.0'
|
33
|
-
- !ruby/object:Gem::Dependency
|
34
|
-
name: secure_random_string
|
35
|
-
requirement: !ruby/object:Gem::Requirement
|
36
|
-
requirements:
|
37
|
-
- - ">="
|
38
|
-
- !ruby/object:Gem::Version
|
39
|
-
version: '0'
|
40
|
-
type: :runtime
|
41
|
-
prerelease: false
|
42
|
-
version_requirements: !ruby/object:Gem::Requirement
|
43
|
-
requirements:
|
44
|
-
- - ">="
|
45
|
-
- !ruby/object:Gem::Version
|
46
|
-
version: '0'
|
47
33
|
- !ruby/object:Gem::Dependency
|
48
34
|
name: appraisal
|
49
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -246,6 +232,7 @@ files:
|
|
246
232
|
- db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb
|
247
233
|
- db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb
|
248
234
|
- db/migrate/20180215152200_add_host_to_authie_sessions.rb
|
235
|
+
- db/migrate/20220502180100_add_two_factor_required_to_sessions.rb
|
249
236
|
- lib/authie.rb
|
250
237
|
- lib/authie/config.rb
|
251
238
|
- lib/authie/controller_delegate.rb
|