devise-2fa 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.circleci/config.yml +46 -0
- data/.gitignore +8 -0
- data/Gemfile +3 -22
- data/README.md +13 -14
- data/Rakefile +6 -28
- data/bin/rspec +10 -0
- data/bin/setup +12 -0
- data/{devise-2fa.gemspec → devise_2fa.gemspec} +15 -8
- data/lib/devise-2fa/version.rb +1 -1
- data/lib/devise_two_factorable/models/two_factorable.rb +5 -1
- data/{test → spec}/dummy/Rakefile +2 -3
- data/{test/dummy/app/mailers/.gitkeep → spec/dummy/app/assets/images/.keep} +0 -0
- data/spec/dummy/app/assets/javascripts/application.js +3 -0
- data/{test/dummy/lib/assets/.gitkeep → spec/dummy/app/assets/javascripts/channels/.keep} +0 -0
- data/spec/dummy/app/assets/stylesheets/application.css +15 -0
- data/{test → spec}/dummy/app/controllers/application_controller.rb +4 -1
- data/{test/dummy/public/favicon.ico → spec/dummy/app/controllers/concerns/.keep} +0 -0
- data/{test → spec}/dummy/app/helpers/application_helper.rb +0 -0
- data/spec/dummy/app/models/application_record.rb +3 -0
- data/spec/dummy/app/models/concerns/.keep +0 -0
- data/spec/dummy/app/models/user.rb +6 -0
- data/spec/dummy/app/views/layouts/application.html.erb +19 -0
- data/spec/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/spec/dummy/bin/bundle +3 -0
- data/spec/dummy/bin/rails +4 -0
- data/spec/dummy/bin/rake +4 -0
- data/spec/dummy/bin/setup +25 -0
- data/spec/dummy/bin/update +25 -0
- data/spec/dummy/bin/yarn +11 -0
- data/spec/dummy/config.ru +5 -0
- data/spec/dummy/config/application.rb +14 -0
- data/spec/dummy/config/boot.rb +5 -0
- data/{test → spec}/dummy/config/database.yml +10 -10
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +61 -0
- data/{test → spec}/dummy/config/environments/test.rb +15 -5
- data/spec/dummy/config/initializers/assets.rb +4 -0
- data/{test → spec}/dummy/config/initializers/backtrace_silencers.rb +0 -0
- data/spec/dummy/config/initializers/cookies_serializer.rb +5 -0
- data/{test → spec}/dummy/config/initializers/devise.rb +134 -56
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/{test → spec}/dummy/config/initializers/inflections.rb +6 -5
- data/{test → spec}/dummy/config/initializers/mime_types.rb +0 -1
- data/{test → spec}/dummy/config/initializers/wrap_parameters.rb +5 -5
- data/spec/dummy/config/locales/devise.en.yml +68 -0
- data/spec/dummy/config/locales/devise.two_factor.en.yml +57 -0
- data/spec/dummy/config/locales/en.yml +2 -0
- data/spec/dummy/config/puma.rb +9 -0
- data/spec/dummy/config/routes.rb +4 -0
- data/spec/dummy/config/spring.rb +6 -0
- data/spec/dummy/config/storage.yml +8 -0
- data/spec/dummy/db/migrate/20190311184605_devise_create_users.rb +44 -0
- data/{test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb → spec/dummy/db/migrate/20190312222952_devise_two_factor_add_to_users.rb} +4 -5
- data/spec/dummy/db/schema.rb +39 -0
- data/spec/dummy/lib/assets/.keep +0 -0
- data/spec/dummy/package.json +5 -0
- data/spec/dummy/public/404.html +1 -0
- data/spec/dummy/public/422.html +1 -0
- data/spec/dummy/public/500.html +19 -0
- data/spec/dummy/public/apple-touch-icon-precomposed.png +0 -0
- data/spec/dummy/public/apple-touch-icon.png +0 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/storage/.keep +0 -0
- data/spec/models/user_spec.rb +33 -0
- data/spec/spec_helper.rb +69 -0
- data/spec/system/persistence_spec.rb +59 -0
- data/spec/system/refresh_spec.rb +100 -0
- data/spec/system/token_spec.rb +41 -0
- data/spec/system/users_spec.rb +98 -0
- metadata +213 -123
- data/.travis.yml +0 -28
- data/lib/devise_two_factorable/two_factorable.rb +0 -131
- data/test/dummy/README.rdoc +0 -261
- data/test/dummy/app/assets/javascripts/application.js +0 -13
- data/test/dummy/app/assets/stylesheets/application.css +0 -13
- data/test/dummy/app/controllers/posts_controller.rb +0 -83
- data/test/dummy/app/helpers/posts_helper.rb +0 -2
- data/test/dummy/app/models/post.rb +0 -2
- data/test/dummy/app/models/user.rb +0 -20
- data/test/dummy/app/views/layouts/application.html.erb +0 -14
- data/test/dummy/app/views/posts/_form.html.erb +0 -25
- data/test/dummy/app/views/posts/edit.html.erb +0 -6
- data/test/dummy/app/views/posts/index.html.erb +0 -25
- data/test/dummy/app/views/posts/new.html.erb +0 -5
- data/test/dummy/app/views/posts/show.html.erb +0 -15
- data/test/dummy/config.ru +0 -4
- data/test/dummy/config/application.rb +0 -67
- data/test/dummy/config/boot.rb +0 -10
- data/test/dummy/config/environment.rb +0 -5
- data/test/dummy/config/environments/development.rb +0 -37
- data/test/dummy/config/environments/production.rb +0 -73
- data/test/dummy/config/initializers/secret_token.rb +0 -8
- data/test/dummy/config/initializers/session_store.rb +0 -8
- data/test/dummy/config/locales/en.yml +0 -5
- data/test/dummy/config/routes.rb +0 -6
- data/test/dummy/db/migrate/20130125101430_create_users.rb +0 -9
- data/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb +0 -52
- data/test/dummy/db/migrate/20130131142320_create_posts.rb +0 -10
- data/test/dummy/public/404.html +0 -26
- data/test/dummy/public/422.html +0 -26
- data/test/dummy/public/500.html +0 -25
- data/test/dummy/script/rails +0 -6
- data/test/integration/persistence_test.rb +0 -63
- data/test/integration/refresh_test.rb +0 -103
- data/test/integration/sign_in_test.rb +0 -85
- data/test/integration/token_test.rb +0 -30
- data/test/integration_tests_helper.rb +0 -64
- data/test/model_tests_helper.rb +0 -20
- data/test/models/two_factorable_test.rb +0 -120
- data/test/orm/active_record.rb +0 -4
- data/test/orm/mongoid.rb +0 -13
- data/test/support/mongoid.yml +0 -6
- data/test/support/symmetric_encryption.yml +0 -70
- data/test/test_helper.rb +0 -18
@@ -1,15 +1,16 @@
|
|
1
1
|
# Be sure to restart your server when you modify this file.
|
2
2
|
|
3
|
-
# Add new inflection rules using the following format
|
4
|
-
#
|
5
|
-
#
|
3
|
+
# Add new inflection rules using the following format. Inflections
|
4
|
+
# are locale specific, and you may define rules for as many different
|
5
|
+
# locales as you wish. All of these examples are active by default:
|
6
|
+
# ActiveSupport::Inflector.inflections(:en) do |inflect|
|
6
7
|
# inflect.plural /^(ox)$/i, '\1en'
|
7
8
|
# inflect.singular /^(ox)en/i, '\1'
|
8
9
|
# inflect.irregular 'person', 'people'
|
9
10
|
# inflect.uncountable %w( fish sheep )
|
10
11
|
# end
|
11
|
-
|
12
|
+
|
12
13
|
# These inflection rules are supported but not enabled by default:
|
13
|
-
# ActiveSupport::Inflector.inflections do |inflect|
|
14
|
+
# ActiveSupport::Inflector.inflections(:en) do |inflect|
|
14
15
|
# inflect.acronym 'RESTful'
|
15
16
|
# end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# Be sure to restart your server when you modify this file.
|
2
|
-
|
2
|
+
|
3
3
|
# This file contains settings for ActionController::ParamsWrapper which
|
4
4
|
# is enabled by default.
|
5
5
|
|
@@ -8,7 +8,7 @@ ActiveSupport.on_load(:action_controller) do
|
|
8
8
|
wrap_parameters format: [:json]
|
9
9
|
end
|
10
10
|
|
11
|
-
#
|
12
|
-
ActiveSupport.on_load(:active_record) do
|
13
|
-
|
14
|
-
end
|
11
|
+
# To enable root element in JSON for ActiveRecord objects.
|
12
|
+
# ActiveSupport.on_load(:active_record) do
|
13
|
+
# self.include_root_in_json = true
|
14
|
+
# end
|
@@ -0,0 +1,68 @@
|
|
1
|
+
# Additional translations at https://github.com/plataformatec/devise/wiki/I18n
|
2
|
+
|
3
|
+
en:
|
4
|
+
devise:
|
5
|
+
confirmations:
|
6
|
+
confirmed: "Your email address has been successfully confirmed."
|
7
|
+
send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
|
8
|
+
send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
|
9
|
+
failure:
|
10
|
+
already_authenticated: "You are already signed in."
|
11
|
+
inactive: "Your account is not activated yet."
|
12
|
+
invalid: "Invalid %{authentication_keys} or password."
|
13
|
+
locked: "Your account is locked."
|
14
|
+
last_attempt: "You have one more attempt before your account is locked."
|
15
|
+
not_found_in_database: "Invalid %{authentication_keys} or password."
|
16
|
+
timeout: "Your session expired. Please sign in again to continue."
|
17
|
+
unauthenticated: "You need to sign in or sign up before continuing."
|
18
|
+
unconfirmed: "You have to confirm your email address before continuing."
|
19
|
+
mailer:
|
20
|
+
confirmation_instructions:
|
21
|
+
subject: "Confirmation instructions"
|
22
|
+
reset_password_instructions:
|
23
|
+
subject: "Reset password instructions"
|
24
|
+
unlock_instructions:
|
25
|
+
subject: "Unlock instructions"
|
26
|
+
email_changed:
|
27
|
+
subject: "Email Changed"
|
28
|
+
password_change:
|
29
|
+
subject: "Password Changed"
|
30
|
+
omniauth_callbacks:
|
31
|
+
failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
|
32
|
+
success: "Successfully authenticated from %{kind} account."
|
33
|
+
passwords:
|
34
|
+
no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
|
35
|
+
send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
|
36
|
+
send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
|
37
|
+
updated: "Your password has been changed successfully. You are now signed in."
|
38
|
+
updated_not_active: "Your password has been changed successfully."
|
39
|
+
registrations:
|
40
|
+
destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
|
41
|
+
signed_up: "Welcome! You have signed up successfully."
|
42
|
+
signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
|
43
|
+
signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
|
44
|
+
signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
|
45
|
+
update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirm link to confirm your new email address."
|
46
|
+
updated: "Your account has been updated successfully."
|
47
|
+
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
|
48
|
+
sessions:
|
49
|
+
signed_in: "Signed in successfully."
|
50
|
+
signed_out: "Signed out successfully."
|
51
|
+
already_signed_out: "Signed out successfully."
|
52
|
+
credentials:
|
53
|
+
signed_in: 'Signed in successfully.'
|
54
|
+
signed_out: 'Signed out successfully.'
|
55
|
+
unlocks:
|
56
|
+
send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
|
57
|
+
send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
|
58
|
+
unlocked: "Your account has been unlocked successfully. Please sign in to continue."
|
59
|
+
errors:
|
60
|
+
messages:
|
61
|
+
already_confirmed: "was already confirmed, please try signing in"
|
62
|
+
confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
|
63
|
+
expired: "has expired, please request a new one"
|
64
|
+
not_found: "not found"
|
65
|
+
not_locked: "was not locked"
|
66
|
+
not_saved:
|
67
|
+
one: "1 error prohibited this %{resource} from being saved:"
|
68
|
+
other: "%{count} errors prohibited this %{resource} from being saved:"
|
@@ -0,0 +1,57 @@
|
|
1
|
+
en:
|
2
|
+
devise:
|
3
|
+
two_factor:
|
4
|
+
submit_token:
|
5
|
+
title: 'Check Token'
|
6
|
+
explain: "A token is required because two-factor authentication is enabled on your account"
|
7
|
+
prompt: 'Please enter your two-factor authentication token:'
|
8
|
+
recovery_prompt: 'Please enter your recovery code:'
|
9
|
+
submit: 'Submit Token'
|
10
|
+
submit_recovery: 'Submit Recovery Code'
|
11
|
+
recovery_link: "I don't have my device, I want to use a recovery code"
|
12
|
+
credentials:
|
13
|
+
token_invalid: 'The token you provided was invalid.'
|
14
|
+
token_blank: 'Please provide a token generated by your device.'
|
15
|
+
need_to_refresh_credentials: 'We need to check your credentials before you can change these settings.'
|
16
|
+
valid_refresh: 'Thank you, your credentials were accepted.'
|
17
|
+
invalid_refresh: 'Sorry, you provided the wrong credentials.'
|
18
|
+
credentials_refresh:
|
19
|
+
title: 'Please enter your password again.'
|
20
|
+
explain: 'To confirm your identity, please re-enter your password.'
|
21
|
+
go_on: 'Continue'
|
22
|
+
identity: 'Identity'
|
23
|
+
token: 'Your two-factor authentication token'
|
24
|
+
token_secret:
|
25
|
+
title: 'Token Secret'
|
26
|
+
explain: 'Take a photo of this QR code with your mobile device.'
|
27
|
+
manual_provisioning: 'Manual provisioning code'
|
28
|
+
reset_otp: 'Reset your Two-Factor Authentication status'
|
29
|
+
reset_explain: 'This will reset your credentials, and disable two-factor authentication.'
|
30
|
+
reset_explain_warn: 'You will need to enroll your mobile device again.'
|
31
|
+
tokens:
|
32
|
+
title: 'Two-Factor Authentication'
|
33
|
+
explain: 'Two-Factor Authentication adds adds an additional layer of security to your account. When logging in you will be asked for a code that you can generate on a physical device, like your phone.'
|
34
|
+
enable_request: 'Would you like to enable Two-Factor Authentication?'
|
35
|
+
status: 'Enable Two-Factor Authentication'
|
36
|
+
submit: 'Continue'
|
37
|
+
successfully_updated: 'Your two-factor authentication settings have been updated.'
|
38
|
+
successfully_reset_creds: 'Your two-factor authentication credentials have been reset.'
|
39
|
+
successfully_set_persistence: 'Your device is now trusted.'
|
40
|
+
successfully_cleared_persistence: 'Your device has been removed from the list of trusted devices.'
|
41
|
+
successfully_reset_persistence: 'Your list of trusted devices has been cleared.'
|
42
|
+
need_to_refresh_credentials: 'We need to check your credentials before you can change these settings.'
|
43
|
+
recovery:
|
44
|
+
title: 'Recovery Codes'
|
45
|
+
explain: 'Store these recovery codes in a safe place. They will allow you to log back in if your token device is lost, stolen, or unavailable.'
|
46
|
+
sequence: 'Sequence'
|
47
|
+
code: 'Recovery Code'
|
48
|
+
codes_list: 'View recovery codes'
|
49
|
+
download_codes: 'Download recovery codes'
|
50
|
+
trusted_devices:
|
51
|
+
title: 'Trusted Browsers'
|
52
|
+
explain: 'If you set this browser as trusted, you will not be asked to perform two-factor authentication when logging in for one month.'
|
53
|
+
device_trusted: 'This browser is trusted.'
|
54
|
+
device_not_trusted: 'This browser is not trusted.'
|
55
|
+
trust_remove: 'Untrust this browser'
|
56
|
+
trust_add: 'Trust this browser'
|
57
|
+
trust_clear: 'Clear all trusted browsers'
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class DeviseCreateUsers < ActiveRecord::Migration[5.2]
|
4
|
+
def change
|
5
|
+
create_table :users do |t|
|
6
|
+
## Database authenticatable
|
7
|
+
t.string :email, null: false, default: ""
|
8
|
+
t.string :encrypted_password, null: false, default: ""
|
9
|
+
|
10
|
+
## Recoverable
|
11
|
+
t.string :reset_password_token
|
12
|
+
t.datetime :reset_password_sent_at
|
13
|
+
|
14
|
+
## Rememberable
|
15
|
+
t.datetime :remember_created_at
|
16
|
+
|
17
|
+
## Trackable
|
18
|
+
# t.integer :sign_in_count, default: 0, null: false
|
19
|
+
# t.datetime :current_sign_in_at
|
20
|
+
# t.datetime :last_sign_in_at
|
21
|
+
# t.string :current_sign_in_ip
|
22
|
+
# t.string :last_sign_in_ip
|
23
|
+
|
24
|
+
## Confirmable
|
25
|
+
# t.string :confirmation_token
|
26
|
+
# t.datetime :confirmed_at
|
27
|
+
# t.datetime :confirmation_sent_at
|
28
|
+
# t.string :unconfirmed_email # Only if using reconfirmable
|
29
|
+
|
30
|
+
## Lockable
|
31
|
+
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
|
32
|
+
# t.string :unlock_token # Only if unlock strategy is :email or :both
|
33
|
+
# t.datetime :locked_at
|
34
|
+
|
35
|
+
|
36
|
+
t.timestamps null: false
|
37
|
+
end
|
38
|
+
|
39
|
+
add_index :users, :email, unique: true
|
40
|
+
add_index :users, :reset_password_token, unique: true
|
41
|
+
# add_index :users, :confirmation_token, unique: true
|
42
|
+
# add_index :users, :unlock_token, unique: true
|
43
|
+
end
|
44
|
+
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
class DeviseTwoFactorAddToUsers < ActiveRecord::Migration
|
1
|
+
class DeviseTwoFactorAddToUsers < ActiveRecord::Migration[5.0]
|
2
2
|
def self.up
|
3
3
|
change_table :users do |t|
|
4
4
|
t.string :otp_auth_secret
|
@@ -6,7 +6,6 @@ class DeviseTwoFactorAddToUsers < ActiveRecord::Migration
|
|
6
6
|
t.boolean :otp_enabled, default: false, null: false
|
7
7
|
t.boolean :otp_mandatory, default: false, null: false
|
8
8
|
t.datetime :otp_enabled_on
|
9
|
-
t.integer :otp_time_drift, default: 0, null: false
|
10
9
|
t.integer :otp_failed_attempts, default: 0, null: false
|
11
10
|
t.integer :otp_recovery_counter, default: 0, null: false
|
12
11
|
t.string :otp_persistence_seed
|
@@ -14,15 +13,15 @@ class DeviseTwoFactorAddToUsers < ActiveRecord::Migration
|
|
14
13
|
t.string :otp_session_challenge
|
15
14
|
t.datetime :otp_challenge_expires
|
16
15
|
end
|
17
|
-
|
18
|
-
add_index :users, :otp_session_challenge, unique: true
|
16
|
+
add_index :users, :otp_session_challenge, unique: true
|
19
17
|
add_index :users, :otp_challenge_expires
|
20
18
|
end
|
21
19
|
|
22
20
|
def self.down
|
23
21
|
change_table :users do |t|
|
24
22
|
t.remove :otp_auth_secret, :otp_recovery_secret, :otp_enabled, :otp_mandatory, :otp_enabled_on, :otp_session_challenge,
|
25
|
-
|
23
|
+
:otp_challenge_expires, :otp_failed_attempts, :otp_recovery_counter, :otp_persistence_seed
|
24
|
+
|
26
25
|
end
|
27
26
|
end
|
28
27
|
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# This file is auto-generated from the current state of the database. Instead
|
2
|
+
# of editing this file, please use the migrations feature of Active Record to
|
3
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
4
|
+
#
|
5
|
+
# Note that this schema.rb definition is the authoritative source for your
|
6
|
+
# database schema. If you need to create the application database on another
|
7
|
+
# system, you should be using db:schema:load, not running all the migrations
|
8
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
9
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
10
|
+
#
|
11
|
+
# It's strongly recommended that you check this file into your version control system.
|
12
|
+
|
13
|
+
ActiveRecord::Schema.define(version: 2019_03_12_222952) do
|
14
|
+
|
15
|
+
create_table "users", force: :cascade do |t|
|
16
|
+
t.string "email", default: "", null: false
|
17
|
+
t.string "encrypted_password", default: "", null: false
|
18
|
+
t.string "reset_password_token"
|
19
|
+
t.datetime "reset_password_sent_at"
|
20
|
+
t.datetime "remember_created_at"
|
21
|
+
t.datetime "created_at", null: false
|
22
|
+
t.datetime "updated_at", null: false
|
23
|
+
t.string "otp_auth_secret"
|
24
|
+
t.string "otp_recovery_secret"
|
25
|
+
t.boolean "otp_enabled", default: false, null: false
|
26
|
+
t.boolean "otp_mandatory", default: false, null: false
|
27
|
+
t.datetime "otp_enabled_on"
|
28
|
+
t.integer "otp_failed_attempts", default: 0, null: false
|
29
|
+
t.integer "otp_recovery_counter", default: 0, null: false
|
30
|
+
t.string "otp_persistence_seed"
|
31
|
+
t.string "otp_session_challenge"
|
32
|
+
t.datetime "otp_challenge_expires"
|
33
|
+
t.index ["email"], name: "index_users_on_email", unique: true
|
34
|
+
t.index ["otp_challenge_expires"], name: "index_users_on_otp_challenge_expires"
|
35
|
+
t.index ["otp_session_challenge"], name: "index_users_on_otp_session_challenge", unique: true
|
36
|
+
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
File without changes
|
@@ -0,0 +1 @@
|
|
1
|
+
<h1>404</h1>
|
@@ -0,0 +1 @@
|
|
1
|
+
<h1>422</h1>
|
@@ -0,0 +1,19 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>We're sorry, but something went wrong (500)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
</style>
|
8
|
+
</head>
|
9
|
+
|
10
|
+
<body class="rails-default-error-page">
|
11
|
+
<!-- This file lives in public/500.html -->
|
12
|
+
<div class="dialog">
|
13
|
+
<div>
|
14
|
+
<h1>We're sorry, but something went wrong.</h1>
|
15
|
+
</div>
|
16
|
+
<p>If you are the application owner check the logs for more information.</p>
|
17
|
+
</div>
|
18
|
+
</body>
|
19
|
+
</html>
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
RSpec.describe User, type: :model do
|
6
|
+
subject (:user) { User.new(email: 'mb@geemail.com', password: 'iwantabigmac1') }
|
7
|
+
it 'is valid' do
|
8
|
+
expect(user).to be_valid
|
9
|
+
end
|
10
|
+
|
11
|
+
describe '#associations' do
|
12
|
+
it { is_expected.to respond_to(:email) }
|
13
|
+
it { is_expected.to respond_to(:encrypted_password) }
|
14
|
+
end
|
15
|
+
|
16
|
+
describe 'validations' do
|
17
|
+
describe '#email' do
|
18
|
+
subject(:user) { User.new(password: 'iwantabigmac1') }
|
19
|
+
|
20
|
+
it 'is required' do
|
21
|
+
expect(user).to be_invalid
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe '#password' do
|
26
|
+
subject(:user) { User.new(email: 'mb@geemail.com')}
|
27
|
+
|
28
|
+
it 'is required' do
|
29
|
+
expect(user).to be_invalid
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
ENV["RAILS_ENV"] ||= "test"
|
4
|
+
|
5
|
+
require "rails/all"
|
6
|
+
require "dummy/config/application"
|
7
|
+
require 'bundler/setup'
|
8
|
+
require 'rspec/rails'
|
9
|
+
|
10
|
+
Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
|
11
|
+
|
12
|
+
Dummy::Application.initialize!
|
13
|
+
|
14
|
+
require 'capybara/rails'
|
15
|
+
|
16
|
+
Capybara.server = :webrick
|
17
|
+
|
18
|
+
RSpec.configure do |config|
|
19
|
+
config.infer_spec_type_from_file_location!
|
20
|
+
config.use_transactional_fixtures = true
|
21
|
+
|
22
|
+
config.include Devise::Test::IntegrationHelpers, type: :system
|
23
|
+
|
24
|
+
config.before(:each, type: :system) do
|
25
|
+
driven_by :rack_test
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
|
30
|
+
def enable_otp_and_sign_in(user)
|
31
|
+
sign_in user
|
32
|
+
visit user_token_path
|
33
|
+
|
34
|
+
fill_in 'user_refresh_password', with: user.password
|
35
|
+
click_on 'Continue'
|
36
|
+
check 'user_otp_enabled'
|
37
|
+
click_on 'Continue'
|
38
|
+
Capybara.reset_sessions!
|
39
|
+
|
40
|
+
visit '/'
|
41
|
+
|
42
|
+
fill_in 'user_email', with: user.email
|
43
|
+
fill_in 'user_password', with: user.password
|
44
|
+
click_button('Log in')
|
45
|
+
end
|
46
|
+
|
47
|
+
def disable_otp
|
48
|
+
visit user_token_path
|
49
|
+
uncheck 'user_otp_enabled'
|
50
|
+
click_button 'Continue'
|
51
|
+
end
|
52
|
+
|
53
|
+
def sign_in_user(user)
|
54
|
+
visit '/users/sign_in'
|
55
|
+
fill_in 'user_email', with: user.email
|
56
|
+
fill_in 'user_password', with: user.password
|
57
|
+
click_button('Log in')
|
58
|
+
end
|
59
|
+
|
60
|
+
def otp_challenge_for(user)
|
61
|
+
fill_in 'user_token', with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
|
62
|
+
click_button 'Submit Token'
|
63
|
+
end
|
64
|
+
|
65
|
+
def enable_otp_and_sign_in_with_otp(user)
|
66
|
+
enable_otp_and_sign_in(user)
|
67
|
+
fill_in 'user_token', with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
|
68
|
+
click_button 'Submit Token'
|
69
|
+
end
|