authie 1.1.2 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0ea78ebd3e2b407c987201b3bc6ad66357c6658c
|
|
4
|
+
data.tar.gz: a4c4929103666a5b2b9c4db3341473374d7d9673
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2e9df9e143a97a0ff29234c32482bb9fe3b02d581233d0f89acce4e71c552ea46dd20e1de3f0e8e40df8496220cd2b3af81cf64a0211b243c8a1dacf4bf976b6
|
|
7
|
+
data.tar.gz: 6580ee0efb43f130eee21cfb65a20b994039e75fefcefad41881ca3f3c473e6c8512e7d8447d24d8d20cd718ab5da6054c75219423afcc22ba9b3299cefa4744
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration
|
|
2
|
+
def change
|
|
3
|
+
add_column :authie_sessions, :two_factored_at, :datetime
|
|
4
|
+
add_column :authie_sessions, :two_factored_ip, :string
|
|
5
|
+
add_column :authie_sessions, :requests, :integer, :default => 0
|
|
6
|
+
add_column :authie_sessions, :password_seen_at, :datetime
|
|
7
|
+
end
|
|
8
|
+
end
|
data/lib/authie/config.rb
CHANGED
data/lib/authie/session.rb
CHANGED
|
@@ -5,6 +5,7 @@ module Authie
|
|
|
5
5
|
class InactiveSession < Error; end
|
|
6
6
|
class ExpiredSession < Error; end
|
|
7
7
|
class BrowserMismatch < Error; end
|
|
8
|
+
class NoParentSessionForRevert < Error; end
|
|
8
9
|
|
|
9
10
|
# Set table name
|
|
10
11
|
self.table_name = "authie_sessions"
|
|
@@ -40,6 +41,7 @@ module Authie
|
|
|
40
41
|
self.last_activity_at = Time.now
|
|
41
42
|
self.last_activity_ip = controller.request.ip
|
|
42
43
|
self.last_activity_path = controller.request.path
|
|
44
|
+
self.requests += 1
|
|
43
45
|
self.save!
|
|
44
46
|
end
|
|
45
47
|
|
|
@@ -118,6 +120,54 @@ module Authie
|
|
|
118
120
|
(self.data ||= {})[key.to_s]
|
|
119
121
|
end
|
|
120
122
|
|
|
123
|
+
# Invalidate all sessions but this one for this user
|
|
124
|
+
def invalidate_others!
|
|
125
|
+
self.class.where.not(:id => self.id).where(:user => self.user).each do |s|
|
|
126
|
+
s.invalidate!
|
|
127
|
+
end
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
# Note that we have just seen the user enter their password.
|
|
131
|
+
def see_password!
|
|
132
|
+
self.password_seen_at = Time.now
|
|
133
|
+
self.save!
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
# Have we seen the user's password recently in this sesion?
|
|
137
|
+
def recently_seen_password?
|
|
138
|
+
!!(self.password_seen_at && self.password_seen_at >= Authie.config.sudo_session_timeout.ago)
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
# Is two factor authentication required for this request?
|
|
142
|
+
def two_factored?
|
|
143
|
+
!!(two_factored_at || self.parent_id)
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
# Mark this request as two factor authoritsed
|
|
147
|
+
def mark_as_two_factored!
|
|
148
|
+
self.two_factored_at = Time.now
|
|
149
|
+
self.two_factored_ip = controller.request.ip
|
|
150
|
+
self.save!
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
# Create a new session for impersonating for the given user
|
|
154
|
+
def impersonate!(user)
|
|
155
|
+
self.class.start(controller, :user => user, :parent => self)
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
# Revert back to the parent session
|
|
159
|
+
def revert_to_parent!
|
|
160
|
+
if self.parent
|
|
161
|
+
self.invalidate!
|
|
162
|
+
self.parent.activate!
|
|
163
|
+
self.parent.controller = self.controller
|
|
164
|
+
self.parent.set_cookie!
|
|
165
|
+
self.parent
|
|
166
|
+
else
|
|
167
|
+
raise NoParentSessionForRevert, "Session does not have a parent therefore cannot be reverted."
|
|
168
|
+
end
|
|
169
|
+
end
|
|
170
|
+
|
|
121
171
|
# Find a session from the database for the given controller instance.
|
|
122
172
|
# Returns a session object or :none if no session is found.
|
|
123
173
|
def self.get_session(controller)
|
data/lib/authie/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authie
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adam Cooke
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-03-
|
|
11
|
+
date: 2015-03-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: A Rails library for storing user sessions in a backend database
|
|
14
14
|
email:
|
|
@@ -20,6 +20,7 @@ files:
|
|
|
20
20
|
- db/migrate/20141012174250_create_authie_sessions.rb
|
|
21
21
|
- db/migrate/20141013115205_add_indexes_to_authie_sessions.rb
|
|
22
22
|
- db/migrate/20150109144120_add_parent_id_to_authie_sessions.rb
|
|
23
|
+
- db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb
|
|
23
24
|
- lib/authie.rb
|
|
24
25
|
- lib/authie/config.rb
|
|
25
26
|
- lib/authie/controller_delegate.rb
|