cookie_crypt 1.1.0 → 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +24 -24
- data/app/controllers/devise/cookie_crypt_controller.rb +2 -1
- data/lib/cookie_crypt/controllers/helpers.rb +4 -3
- data/lib/cookie_crypt/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cd6be403f4ffd116ee2af138abec9364b4f81a80
|
|
4
|
+
data.tar.gz: a135e2aa98c8b52251f5d000b7f6f13120c377e7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd8b49990f3a4e3692ebb9b72fc071071064fee4dd7bd444c170dda7a46f6bacaa28e5b618260394fe79eec44a0a17aab6e06d235ae2754cd65eaf0ada130cc6
|
|
7
|
+
data.tar.gz: 834e21eb5f589775cb0b050d2e77c00e080a965a0731885d4bea9455b976b21a9674f568c499f881664f68a3ec9b8bce7883cc1c04f79e13543e8174c6ca4266
|
data/README.md
CHANGED
|
@@ -58,7 +58,7 @@ This process will move your data (in a dev environment) from the old system to t
|
|
|
58
58
|
|
|
59
59
|
Assuming all files are already on the production box, run
|
|
60
60
|
|
|
61
|
-
bundle exec rake db:migrate
|
|
61
|
+
bundle exec rake db:migrate VERSION=(version of the FIRST migration)
|
|
62
62
|
|
|
63
63
|
To go forward only to the next migration, then run
|
|
64
64
|
|
|
@@ -67,7 +67,7 @@ To go forward only to the next migration, then run
|
|
|
67
67
|
On your model to export the security question and answer data to security_hash (nothing else will be added though it may notify you of conflicts).
|
|
68
68
|
Do not overwrite the conflicting migration file. Then run
|
|
69
69
|
|
|
70
|
-
bundle exec rake db:migrate
|
|
70
|
+
bundle exec rake db:migrate
|
|
71
71
|
|
|
72
72
|
Again to remove the old fields.
|
|
73
73
|
|
|
@@ -134,28 +134,28 @@ browser.
|
|
|
134
134
|
### Whats new with the 1.1 Update
|
|
135
135
|
* Reworked security questions and answers to allow for more customization options
|
|
136
136
|
* cookie_crypt_auth_through
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
137
|
+
* :one_question_cyclical
|
|
138
|
+
* The default
|
|
139
|
+
* Each user must answer only one of their questions at the end of a cookie cycle to authenticate.
|
|
140
|
+
* The questions are chosen cyclically, the user will not answer the same question the next time they have to auth through two-factor
|
|
141
|
+
* This prevents users logging in on a new machine from always being shown the same questions and is more secure
|
|
142
|
+
* :one_question_random
|
|
143
|
+
* The user is shown a random question that was not their previous question every time they auth through two-factor, otherwise exactly like cyclical
|
|
144
|
+
* :two_questions_cyclical
|
|
145
|
+
* Exactly like one_question_cyclical except two questions must be answered every auth
|
|
146
|
+
* :two_questions_random
|
|
147
|
+
* Exactly like one_question_random except two questions must be answered every auth
|
|
148
|
+
* :all_questions
|
|
149
|
+
* This option is not advised, but is available. It is the old functionality the system had.
|
|
150
|
+
* The user must answer all authentication questions every auth session
|
|
151
151
|
* cookie_crypt_minimum_questions
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
152
|
+
* Default is 3
|
|
153
|
+
* Minimum number of questions and answers the user must enter into the system on their initial attempt
|
|
154
|
+
* Systems upgrading from 1.0 will prompt the user to add the difference in numbers of questions and answers
|
|
155
155
|
* cycle_question_on_fail_count
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
156
|
+
* Default is 2
|
|
157
|
+
* Minimum number of failed attempts before the question(s) is(are) cycled to the next question(s)
|
|
158
|
+
* Works in conjunction with max_cookie_crypt_login_attempts
|
|
159
159
|
* enable_custom_question_counts
|
|
160
|
-
|
|
161
|
-
|
|
160
|
+
* Default is false
|
|
161
|
+
* Allows users to have more than the minimum number of security question / answer pairs.
|
|
@@ -47,10 +47,11 @@ class Devise::CookieCryptController < DeviseController
|
|
|
47
47
|
elsif (h.keys.count/2) < resource.class.cookie_crypt_minimum_questions # Need to update hash from an old install
|
|
48
48
|
|
|
49
49
|
((h.keys.count/2)+1..(params[:security].keys.count/2)+((h.keys.count/2))).each do |n|
|
|
50
|
+
puts "TESTING::#{n}"
|
|
50
51
|
h["security_question_#{n}"] = sanitize(params[:security]["security_question_#{n}".to_sym])
|
|
51
52
|
h["security_answer_#{n}"] = Digest::SHA512.hexdigest(sanitize(params[:security]["security_answer_#{n}".to_sym]))
|
|
52
53
|
end
|
|
53
|
-
|
|
54
|
+
puts "TESTING2::#{h}"
|
|
54
55
|
resource.security_hash = h.to_s
|
|
55
56
|
|
|
56
57
|
resource.save
|
|
@@ -74,9 +74,10 @@ module CookieCrypt
|
|
|
74
74
|
unless resource.class.cookie_crypt_auth_through == :all_questions
|
|
75
75
|
if resource.class.cookie_crypt_auth_through == :one_question_cyclical ||
|
|
76
76
|
resource.class.cookie_crypt_auth_through == :two_questions_cyclical
|
|
77
|
-
|
|
77
|
+
|
|
78
|
+
answers << "security_answer_#{resource.security_cycle+session[:cyclemod]}"
|
|
78
79
|
else #random cyclemod case
|
|
79
|
-
answers <<
|
|
80
|
+
answers << "security_answer_#{session[:cyclemod]}"
|
|
80
81
|
end
|
|
81
82
|
end
|
|
82
83
|
|
|
@@ -106,7 +107,7 @@ module CookieCrypt
|
|
|
106
107
|
end
|
|
107
108
|
end
|
|
108
109
|
|
|
109
|
-
authed = true unless
|
|
110
|
+
authed = true unless a_arr.include?(false)
|
|
110
111
|
authed
|
|
111
112
|
end
|
|
112
113
|
|
data/lib/cookie_crypt/version.rb
CHANGED