cookie_crypt 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +24 -24
- data/app/controllers/devise/cookie_crypt_controller.rb +2 -1
- data/lib/cookie_crypt/controllers/helpers.rb +4 -3
- data/lib/cookie_crypt/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cd6be403f4ffd116ee2af138abec9364b4f81a80
|
|
4
|
+
data.tar.gz: a135e2aa98c8b52251f5d000b7f6f13120c377e7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd8b49990f3a4e3692ebb9b72fc071071064fee4dd7bd444c170dda7a46f6bacaa28e5b618260394fe79eec44a0a17aab6e06d235ae2754cd65eaf0ada130cc6
|
|
7
|
+
data.tar.gz: 834e21eb5f589775cb0b050d2e77c00e080a965a0731885d4bea9455b976b21a9674f568c499f881664f68a3ec9b8bce7883cc1c04f79e13543e8174c6ca4266
|
data/README.md
CHANGED
|
@@ -58,7 +58,7 @@ This process will move your data (in a dev environment) from the old system to t
|
|
|
58
58
|
|
|
59
59
|
Assuming all files are already on the production box, run
|
|
60
60
|
|
|
61
|
-
bundle exec rake db:migrate
|
|
61
|
+
bundle exec rake db:migrate VERSION=(version of the FIRST migration)
|
|
62
62
|
|
|
63
63
|
To go forward only to the next migration, then run
|
|
64
64
|
|
|
@@ -67,7 +67,7 @@ To go forward only to the next migration, then run
|
|
|
67
67
|
On your model to export the security question and answer data to security_hash (nothing else will be added though it may notify you of conflicts).
|
|
68
68
|
Do not overwrite the conflicting migration file. Then run
|
|
69
69
|
|
|
70
|
-
bundle exec rake db:migrate
|
|
70
|
+
bundle exec rake db:migrate
|
|
71
71
|
|
|
72
72
|
Again to remove the old fields.
|
|
73
73
|
|
|
@@ -134,28 +134,28 @@ browser.
|
|
|
134
134
|
### Whats new with the 1.1 Update
|
|
135
135
|
* Reworked security questions and answers to allow for more customization options
|
|
136
136
|
* cookie_crypt_auth_through
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
137
|
+
* :one_question_cyclical
|
|
138
|
+
* The default
|
|
139
|
+
* Each user must answer only one of their questions at the end of a cookie cycle to authenticate.
|
|
140
|
+
* The questions are chosen cyclically, the user will not answer the same question the next time they have to auth through two-factor
|
|
141
|
+
* This prevents users logging in on a new machine from always being shown the same questions and is more secure
|
|
142
|
+
* :one_question_random
|
|
143
|
+
* The user is shown a random question that was not their previous question every time they auth through two-factor, otherwise exactly like cyclical
|
|
144
|
+
* :two_questions_cyclical
|
|
145
|
+
* Exactly like one_question_cyclical except two questions must be answered every auth
|
|
146
|
+
* :two_questions_random
|
|
147
|
+
* Exactly like one_question_random except two questions must be answered every auth
|
|
148
|
+
* :all_questions
|
|
149
|
+
* This option is not advised, but is available. It is the old functionality the system had.
|
|
150
|
+
* The user must answer all authentication questions every auth session
|
|
151
151
|
* cookie_crypt_minimum_questions
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
152
|
+
* Default is 3
|
|
153
|
+
* Minimum number of questions and answers the user must enter into the system on their initial attempt
|
|
154
|
+
* Systems upgrading from 1.0 will prompt the user to add the difference in numbers of questions and answers
|
|
155
155
|
* cycle_question_on_fail_count
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
156
|
+
* Default is 2
|
|
157
|
+
* Minimum number of failed attempts before the question(s) is(are) cycled to the next question(s)
|
|
158
|
+
* Works in conjunction with max_cookie_crypt_login_attempts
|
|
159
159
|
* enable_custom_question_counts
|
|
160
|
-
|
|
161
|
-
|
|
160
|
+
* Default is false
|
|
161
|
+
* Allows users to have more than the minimum number of security question / answer pairs.
|
|
@@ -47,10 +47,11 @@ class Devise::CookieCryptController < DeviseController
|
|
|
47
47
|
elsif (h.keys.count/2) < resource.class.cookie_crypt_minimum_questions # Need to update hash from an old install
|
|
48
48
|
|
|
49
49
|
((h.keys.count/2)+1..(params[:security].keys.count/2)+((h.keys.count/2))).each do |n|
|
|
50
|
+
puts "TESTING::#{n}"
|
|
50
51
|
h["security_question_#{n}"] = sanitize(params[:security]["security_question_#{n}".to_sym])
|
|
51
52
|
h["security_answer_#{n}"] = Digest::SHA512.hexdigest(sanitize(params[:security]["security_answer_#{n}".to_sym]))
|
|
52
53
|
end
|
|
53
|
-
|
|
54
|
+
puts "TESTING2::#{h}"
|
|
54
55
|
resource.security_hash = h.to_s
|
|
55
56
|
|
|
56
57
|
resource.save
|
|
@@ -74,9 +74,10 @@ module CookieCrypt
|
|
|
74
74
|
unless resource.class.cookie_crypt_auth_through == :all_questions
|
|
75
75
|
if resource.class.cookie_crypt_auth_through == :one_question_cyclical ||
|
|
76
76
|
resource.class.cookie_crypt_auth_through == :two_questions_cyclical
|
|
77
|
-
|
|
77
|
+
|
|
78
|
+
answers << "security_answer_#{resource.security_cycle+session[:cyclemod]}"
|
|
78
79
|
else #random cyclemod case
|
|
79
|
-
answers <<
|
|
80
|
+
answers << "security_answer_#{session[:cyclemod]}"
|
|
80
81
|
end
|
|
81
82
|
end
|
|
82
83
|
|
|
@@ -106,7 +107,7 @@ module CookieCrypt
|
|
|
106
107
|
end
|
|
107
108
|
end
|
|
108
109
|
|
|
109
|
-
authed = true unless
|
|
110
|
+
authed = true unless a_arr.include?(false)
|
|
110
111
|
authed
|
|
111
112
|
end
|
|
112
113
|
|
data/lib/cookie_crypt/version.rb
CHANGED