devise-authy 1.0.0 → 1.2.1

data/authy-devise-demo/app/views/devise/devise_authy/verify_authy.html.erb

@@ -6,6 +6,11 @@
   <legend><%= I18n.t('submit_token_title', {:scope => 'devise'}) %></legend>
   <%= label_tag :token %>
   <%= text_field_tag :token, "", :autocomplete => :off, :id => 'authy-token' %>
+  <label>
+    <%= check_box_tag :remember_device %>
+    <span><%= I18n.t('remember_device', {:scope => 'devise'}) %></span>
+  </label>
+
   <%= link_to '?', '#', :id => 'authy-help' %>
   <%= authy_request_sms_link %>
   <%= submit_tag I18n.t('submit_token', {:scope => 'devise'}), :class => 'btn' %>

data/authy-devise-demo/app/views/layouts/application.html.erb

@@ -4,7 +4,7 @@
   <title>AuthyDeviseDemo</title>
   <%= stylesheet_link_tag    "application", :media => "all" %>
   <%= javascript_include_tag "application" %>
-  <%= csrf_meta_tags %>    
+  <%= csrf_meta_tags %>
   <%=javascript_include_tag "https://www.authy.com/form.authy.min.js" %>
   <%=stylesheet_link_tag "https://www.authy.com/form.authy.min.css" %>
   <%=javascript_include_tag "devise_authy.js" %>
@@ -12,7 +12,19 @@
 </head>
 <body>
 
-<%= yield %>
+  <% if flash[:notice] %>
+    <div id="notice">
+      <%= flash[:notice] %>
+    </div>
+  <% end %>
+
+  <% if flash[:error] %>
+    <div class='alert alert-error'>
+      <%= flash[:error] %>
+    </div>
+  <% end %>
+
+  <%= yield %>
 
 </body>
 </html>

data/authy-devise-demo/config/initializers/devise.rb

@@ -125,7 +125,7 @@ Devise.setup do |config|
   # The time you want to timeout the user session without activity. After this
   # time the user will be asked for credentials again. Default is 30 minutes.
   # config.timeout_in = 30.minutes
-  
+
   # If true, expires auth token on session timeout.
   # config.expire_auth_token_on_timeout = false
 
@@ -229,4 +229,9 @@ Devise.setup do |config|
   # When using omniauth, Devise cannot automatically set Omniauth path,
   # so you need to do it manually. For the users scope, it would be:
   # config.omniauth_path_prefix = "/my_engine/users/auth"
-end
+
+  # ==> Devise Authy Authentication Extension
+  # How long should the user's device be remembered for.
+  config.authy_remember_device = 1.minute
+
+end

data/authy-devise-demo/config/locales/devise.authy.en.yml

@@ -7,12 +7,15 @@ en:
     cellphone: 'Enter your cellphone'
     country: 'Enter you country'
     request_sms: 'Request SMS'
+    remember_device: 'Remember Device'
 
     authy_verify_installation_title: "Verify your account"
     enable_my_account: 'Enable my account'
 
     devise_authy:
       user:
-        enabled: 'Two factor authentication was enable'
+        enabled: 'Two factor authentication was enabled'
         not_enabled: 'Something went wrong while enabling two factor authentication'
         signed_in: 'Signed in with Authy successfully.'
+        already_enabled: "Two factor authentication is already enabled."
+        invalid_token: 'The entered token is invalid.'

data/config/locales/en.yml

@@ -7,12 +7,15 @@ en:
     cellphone: 'Enter your cellphone'
     country: 'Enter you country'
     request_sms: 'Request SMS'
+    remember_device: 'Remember Device'
 
     authy_verify_installation_title: "Verify your account"
     enable_my_account: 'Enable my account'
 
     devise_authy:
       user:
-        enabled: 'Two factor authentication was enable'
+        enabled: 'Two factor authentication was enabled'
         not_enabled: 'Something went wrong while enabling two factor authentication'
         signed_in: 'Signed in with Authy successfully.'
+        already_enabled: "Two factor authentication is already enabled."
+        invalid_token: 'The entered token is invalid'

data/devise-authy.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = "devise-authy"
-  s.version = "1.0.0"
+  s.version = "1.2.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Authy Inc."]
-  s.date = "2013-04-10"
+  s.date = "2013-04-22"
   s.description = "Authy plugin for Devise"
   s.email = "support@authy.com"
   s.extra_rdoc_files = [
@@ -120,62 +120,70 @@ Gem::Specification.new do |s|
     "lib/generators/devise_authy/devise_authy_generator.rb",
     "lib/generators/devise_authy/install_generator.rb",
     "spec/controllers/devise_authy_controller_spec.rb",
+    "spec/features/authy_authenticatable_spec.rb",
     "spec/generators_spec.rb",
-    "spec/integration/authy_authenticatable.rb",
     "spec/models/authy_authenticatable.rb",
     "spec/orm/active_record.rb",
-    "spec/rails_app/Rakefile",
-    "spec/rails_app/app/assets/images/rails.png",
-    "spec/rails_app/app/assets/javascripts/application.js",
-    "spec/rails_app/app/assets/stylesheets/application.css",
-    "spec/rails_app/app/assets/stylesheets/devise_authy.css",
-    "spec/rails_app/app/assets/stylesheets/devise_authy.css.scss",
-    "spec/rails_app/app/assets/stylesheets/scaffolds.css.scss",
-    "spec/rails_app/app/controllers/application_controller.rb",
-    "spec/rails_app/app/controllers/posts_controller.rb",
-    "spec/rails_app/app/helpers/application_helper.rb",
-    "spec/rails_app/app/helpers/posts_helper.rb",
-    "spec/rails_app/app/mailers/.gitkeep",
-    "spec/rails_app/app/models/.gitkeep",
-    "spec/rails_app/app/models/post.rb",
-    "spec/rails_app/app/models/user.rb",
-    "spec/rails_app/app/views/devise/devise_authy/register.html.erb",
-    "spec/rails_app/app/views/devise/devise_authy/show.html.erb",
-    "spec/rails_app/app/views/layouts/application.html.erb",
-    "spec/rails_app/app/views/posts/_form.html.erb",
-    "spec/rails_app/app/views/posts/edit.html.erb",
-    "spec/rails_app/app/views/posts/index.html.erb",
-    "spec/rails_app/app/views/posts/new.html.erb",
-    "spec/rails_app/app/views/posts/show.html.erb",
-    "spec/rails_app/config.ru",
-    "spec/rails_app/config/application.rb",
-    "spec/rails_app/config/boot.rb",
-    "spec/rails_app/config/database.yml",
-    "spec/rails_app/config/environment.rb",
-    "spec/rails_app/config/environments/development.rb",
-    "spec/rails_app/config/environments/production.rb",
-    "spec/rails_app/config/environments/test.rb",
-    "spec/rails_app/config/initializers/authy.rb",
-    "spec/rails_app/config/initializers/backtrace_silencers.rb",
-    "spec/rails_app/config/initializers/devise.rb",
-    "spec/rails_app/config/initializers/inflections.rb",
-    "spec/rails_app/config/initializers/mime_types.rb",
-    "spec/rails_app/config/initializers/secret_token.rb",
-    "spec/rails_app/config/initializers/session_store.rb",
-    "spec/rails_app/config/initializers/wrap_parameters.rb",
-    "spec/rails_app/config/locales/devise.authy.en.yml",
-    "spec/rails_app/config/routes.rb",
-    "spec/rails_app/db/migrate/20121029205626_devise_create_users.rb",
-    "spec/rails_app/db/migrate/20121029205627_create_posts.rb",
-    "spec/rails_app/db/migrate/20121029205628_devise_authy_add_to_users.rb",
-    "spec/rails_app/db/schema.rb",
-    "spec/rails_app/public/favicon.ico",
-    "spec/rails_app/script/rails",
+    "spec/rails-app/Gemfile",
+    "spec/rails-app/Gemfile.lock",
+    "spec/rails-app/Rakefile",
+    "spec/rails-app/app/assets/images/rails.png",
+    "spec/rails-app/app/assets/javascripts/application.js",
+    "spec/rails-app/app/assets/javascripts/devise_authy.js",
+    "spec/rails-app/app/assets/javascripts/welcome.js",
+    "spec/rails-app/app/assets/stylesheets/application.css",
+    "spec/rails-app/app/assets/stylesheets/devise_authy.css",
+    "spec/rails-app/app/assets/stylesheets/welcome.css.scss",
+    "spec/rails-app/app/controllers/application_controller.rb",
+    "spec/rails-app/app/controllers/welcome_controller.rb",
+    "spec/rails-app/app/helpers/application_helper.rb",
+    "spec/rails-app/app/helpers/welcome_helper.rb",
+    "spec/rails-app/app/mailers/.gitkeep",
+    "spec/rails-app/app/models/.gitkeep",
+    "spec/rails-app/app/models/user.rb",
+    "spec/rails-app/app/views/devise/devise_authy/enable_authy.html.erb",
+    "spec/rails-app/app/views/devise/devise_authy/verify_authy.html.erb",
+    "spec/rails-app/app/views/devise/devise_authy/verify_authy_installation.html.erb",
+    "spec/rails-app/app/views/layouts/application.html.erb",
+    "spec/rails-app/app/views/welcome/index.html.erb",
+    "spec/rails-app/config.ru",
+    "spec/rails-app/config/application.rb",
+    "spec/rails-app/config/boot.rb",
+    "spec/rails-app/config/database.yml",
+    "spec/rails-app/config/environment.rb",
+    "spec/rails-app/config/environments/development.rb",
+    "spec/rails-app/config/environments/production.rb",
+    "spec/rails-app/config/environments/test.rb",
+    "spec/rails-app/config/initializers/authy.rb",
+    "spec/rails-app/config/initializers/backtrace_silencers.rb",
+    "spec/rails-app/config/initializers/devise.rb",
+    "spec/rails-app/config/initializers/inflections.rb",
+    "spec/rails-app/config/initializers/mime_types.rb",
+    "spec/rails-app/config/initializers/secret_token.rb",
+    "spec/rails-app/config/initializers/session_store.rb",
+    "spec/rails-app/config/initializers/wrap_parameters.rb",
+    "spec/rails-app/config/locales/devise.authy.en.yml",
+    "spec/rails-app/config/locales/devise.en.yml",
+    "spec/rails-app/config/locales/en.yml",
+    "spec/rails-app/config/routes.rb",
+    "spec/rails-app/db/development.sqlite3",
+    "spec/rails-app/db/migrate/20130419164907_devise_create_users.rb",
+    "spec/rails-app/db/migrate/20130419164936_devise_authy_add_to_users.rb",
+    "spec/rails-app/db/schema.rb",
+    "spec/rails-app/db/seeds.rb",
+    "spec/rails-app/lib/assets/.gitkeep",
+    "spec/rails-app/lib/tasks/.gitkeep",
+    "spec/rails-app/public/404.html",
+    "spec/rails-app/public/422.html",
+    "spec/rails-app/public/500.html",
+    "spec/rails-app/public/favicon.ico",
+    "spec/rails-app/public/robots.txt",
+    "spec/rails-app/script/rails",
     "spec/routing/routes_spec.rb",
     "spec/spec_helper.rb",
     "spec/support/helpers.rb"
   ]
-  s.homepage = "http://github.com/senekis/devise-authy"
+  s.homepage = "https://github.com/authy/authy-devise"
   s.licenses = ["MIT"]
   s.require_paths = ["lib"]
   s.rubygems_version = "1.8.24"
@@ -195,6 +203,7 @@ Gem::Specification.new do |s|
       s.add_development_dependency(%q<simplecov>, [">= 0"])
       s.add_development_dependency(%q<sass-rails>, [">= 0"])
       s.add_development_dependency(%q<jquery-rails>, [">= 0"])
+      s.add_development_dependency(%q<pry>, [">= 0"])
     else
       s.add_dependency(%q<devise>, [">= 0"])
       s.add_dependency(%q<authy>, [">= 0"])
@@ -206,6 +215,7 @@ Gem::Specification.new do |s|
       s.add_dependency(%q<simplecov>, [">= 0"])
       s.add_dependency(%q<sass-rails>, [">= 0"])
       s.add_dependency(%q<jquery-rails>, [">= 0"])
+      s.add_dependency(%q<pry>, [">= 0"])
     end
   else
     s.add_dependency(%q<devise>, [">= 0"])
@@ -218,6 +228,7 @@ Gem::Specification.new do |s|
     s.add_dependency(%q<simplecov>, [">= 0"])
     s.add_dependency(%q<sass-rails>, [">= 0"])
     s.add_dependency(%q<jquery-rails>, [">= 0"])
+    s.add_dependency(%q<pry>, [">= 0"])
   end
 end
 

data/lib/devise-authy.rb

@@ -1,9 +1,12 @@
 require 'active_support/concern'
+require 'active_support/core_ext/integer/time'
 require 'devise-authy/version'
 require 'devise'
 require 'authy'
 
 module Devise
+  mattr_accessor :authy_remember_device
+  @@authy_remember_device = 1.month
 end
 
 module DeviseAuthy

data/lib/devise-authy/controllers/helpers.rb

@@ -4,28 +4,51 @@ module DeviseAuthy
       extend ActiveSupport::Concern
 
       included do
-        before_filter :check_request_and_redirect_to_verify_token
+        before_filter :check_request_and_redirect_to_verify_token, :if => :is_signing_in?
       end
 
       private
+      def remember_device
+        cookies.signed[:remember_device] = {
+          :value => Time.now.to_i,
+          :secure => !(Rails.env.test? || Rails.env.development?)
+        }
+      end
+
+      def require_token?
+        if cookies.signed[:remember_device].present? &&
+          (Time.now.to_i - cookies.signed[:remember_device].to_i) < \
+          resource_class.authy_remember_device.to_i
+          return false
+        end
+
+        return true
+      end
+
+      def is_signing_in?
+        if devise_controller? && signed_in?(resource_name) &&
+           self.class == Devise::SessionsController && self.action_name == "create"
+          return true
+        end
+
+        return false
+      end
 
       def check_request_and_redirect_to_verify_token
-        if devise_controller? && !request.format.nil? && request.format.html?
-          Devise.mappings.keys.flatten.any? do |scope|
-            if signed_in?(scope) && warden.session(scope)[:with_authy_authentication]
-              # login with 2fa
-              id = warden.session(scope)[:id]
-              warden.logout
-              warden.reset_session! # make sure the session resetted
-              session["#{scope}_id"] = id
-              # this is safe to put in the session because the cookie is signed
-              session["#{scope}_password_checked"] = true
-              session["#{scope}_return_to"] = request.path if request.get?
-
-              redirect_to verify_authy_path_for(scope)
-              return
-            end
-          end
+        if signed_in?(resource_name) &&
+           warden.session(resource_name)[:with_authy_authentication] &&
+           require_token?
+          # login with 2fa
+          id = warden.session(resource_name)[:id]
+          warden.logout
+          warden.reset_session! # make sure the session resetted
+          session["#{resource_name}_id"] = id
+          # this is safe to put in the session because the cookie is signed
+          session["#{resource_name}_password_checked"] = true
+          session["#{resource_name}_return_to"] = request.path if request.get?
+
+          redirect_to verify_authy_path_for(resource_name)
+          return
         end
       end
 

data/lib/devise-authy/models/authy_authenticatable.rb

@@ -16,6 +16,8 @@ module Devise
         def find_by_authy_id(authy_id)
           find(:first, :conditions => {:authy_id => authy_id})
         end
+
+        Devise::Models.config(self, :authy_remember_device)
       end
     end
   end

data/lib/generators/devise_authy/install_generator.rb

@@ -9,6 +9,13 @@ module DeviseAuthy
 
       desc "Install the devise authy extension"
 
+      def add_configs
+        inject_into_file "config/initializers/devise.rb", "\n" +
+        "  # ==> Devise Authy Authentication Extension\n" +
+        "  # How long should the user's device be remembered for.\n" +
+        "  # config.authy_remember_device = 1.month\n\n", :before => /^end[\r\n]*$/
+      end
+
       def copy_locale
         copy_file "../../../config/locales/en.yml", "config/locales/devise.authy.en.yml"
       end
@@ -38,7 +45,7 @@ module DeviseAuthy
         {
           :haml => {
             :before => %r{%body\s*$},
-            :content => %@    
+            :content => %@
     =javascript_include_tag "https://www.authy.com/form.authy.min.js"
     =stylesheet_link_tag "https://www.authy.com/form.authy.min.css"
     =javascript_include_tag "devise_authy.js"
@@ -46,7 +53,7 @@ module DeviseAuthy
           },
           :erb => {
             :before => %r{\s*</\s*head\s*>\s*},
-            :content => %@    
+            :content => %@
   <%=javascript_include_tag "https://www.authy.com/form.authy.min.js" %>
   <%=stylesheet_link_tag "https://www.authy.com/form.authy.min.css" %>
   <%=javascript_include_tag "devise_authy.js" %>
@@ -55,7 +62,7 @@ module DeviseAuthy
         }.each do |extension, opts|
           file_path = "app/views/layouts/application.html.#{extension}"
           if File.exists?(file_path) && !File.read(file_path).include?("devise_authy.js")
-            inject_into_file(file_path, opts.delete(:content), opts) 
+            inject_into_file(file_path, opts.delete(:content), opts)
           end
         end
       end

data/spec/controllers/devise_authy_controller_spec.rb

@@ -4,82 +4,171 @@ describe Devise::DeviseAuthyController do
   include Devise::TestHelpers
 
   before :each do
-    @user = create_user(:authy_id => '80')
+    request.env["devise.mapping"] = Devise.mappings[:user]
+    @user = create_user(:authy_id => 2)
   end
 
-  describe "GET #show" do
+  describe "GET #verify_authy" do
     it "Should render the second step of authentication" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      get :show
-      response.should render_template('show')
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+      get :GET_verify_authy
+      response.should render_template('verify_authy')
+    end
+
+    it "Should no render the second step of authentication if first step is incomplete" do
+      request.session["user_id"] = @user.id
+      get :GET_verify_authy
+      response.should redirect_to(root_url)
+    end
+
+    it "should redirect to root_url" do
+      get :GET_verify_authy
+      response.should redirect_to(root_url)
     end
   end
 
-  describe "PUT #update" do
+  describe "POST #verify_authy" do
     it "Should login the user if token is ok" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      response = mock("authy_request", body: {'status' => 'ok'}.to_json)
-      response.stub(:ok?).and_return(true)
-      Authy::API.should_receive(:verify).with(:id => '80', :token => '567890').and_return(response)
-
-      put :update, :user => {
-        :authy_id => '80',
-        :token => '567890'
-      }
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+
+      post :POST_verify_authy, :token => '0000000'
+      @user.reload
+      @user.last_sign_in_with_authy.should_not be_nil
+
+      response.cookies["remember_device"].should be_nil
       response.should redirect_to(root_url)
       flash.now[:notice].should_not be_nil
     end
 
-    it "Shouldn't login the user if token is invalid" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      response = mock("authy_request", body: {"errors"=>{"token"=>"is invalid"}}.to_json)
-      response.stub(:ok?).and_return(false)
-      Authy::API.should_receive(:verify).with(:id => '80', :token => '567890').and_return(response)
-      put :update, :user => {
-        :authy_id => '80',
-        :token => '567890'
-      }
+    it "Should set remember_device if selected" do
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+
+      post :POST_verify_authy, :token => '0000000', :remember_device => '1'
+      @user.reload
+      @user.last_sign_in_with_authy.should_not be_nil
+
+      response.cookies["remember_device"].should_not be_nil
       response.should redirect_to(root_url)
+      flash.now[:notice].should_not be_nil
+    end
+
+    it "Shouldn't login the user if token is invalid" do
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+
+      post :POST_verify_authy, :token => '5678900'
+      response.should render_template('verify_authy')
     end
   end
 
-  describe "GET #register" do
+  describe "GET #enable_authy" do
     it "Should render enable authy view" do
-      sign_in @user
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      get :register
-      response.should render_template('register')
+      user2 = create_user
+      sign_in user2
+      get :GET_enable_authy
+      response.should render_template('enable_authy')
     end
 
     it "Shouldn't render enable authy view" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      get :register
+      get :GET_enable_authy
       response.should redirect_to(new_user_session_url)
     end
+
+    it "should redirect if user has authy enabled" do
+      @user.update_attribute(:authy_enabled, true)
+      sign_in @user
+      get :GET_enable_authy
+      response.should redirect_to(root_url)
+      flash.now[:notice].should == "Two factor authentication is already enabled."
+    end
+
+    it "Should render enable authy view if authy enabled is false" do
+      sign_in @user
+      get :GET_enable_authy
+      response.should render_template('enable_authy')
+    end
   end
 
-  describe "POST #create" do
+  describe "POST #enable_authy" do
     it "Should create user in authy application" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
+      user2 = create_user
+      sign_in user2
+
+      post :POST_enable_authy, :cellphone => '2222227', :country_code => '57'
+      user2.reload
+      user2.authy_id.should_not be_nil
+      flash.now[:notice].should == "Two factor authentication was enabled"
+      response.should redirect_to(user_verify_authy_installation_url)
+    end
+
+    it "Should not create user register user failed" do
+      user2 = create_user
+      sign_in user2
+
+      post :POST_enable_authy, :cellphone => '22222', :country_code => "57"
+      response.should render_template('enable_authy')
+      flash[:error].should == "Something went wrong while enabling two factor authentication"
+    end
+
+    it "Should redirect if user isn't authenticated" do
+      post :POST_enable_authy, :cellphone => '3010008090', :country_code => '57'
+      response.should redirect_to(new_user_session_url)
+    end
+  end
+
+  describe "GET #verify_authy_installation" do
+    it "Should render the authy installation page" do
       sign_in @user
-      response = mock("authy_request", body: {'success' => 'ok'}.to_json)
-      response.should_receive(:ok?).and_return(true)
-      response.should_receive(:id).and_return('99')
-      Authy::API.should_receive(:register_user).with(:email => @user.email, :cellphone => '3010008090', :country_code => '57').and_return(response)
+      get :GET_verify_authy_installation
+      response.should render_template('verify_authy_installation')
+    end
 
-      post :create, :cellphone => '3010008090', :country_code => '57'
+    it "Should redirect if user isn't authenticated" do
+      get :GET_verify_authy_installation
+      response.should redirect_to(new_user_session_url)
+    end
+  end
 
-      flash.now[:notice].should_not be_nil
+  describe "POST #verify_authy_installation" do
+    it "Should enable authy for user" do
+      sign_in @user
+      post :POST_verify_authy_installation, :token => "0000000"
       response.should redirect_to(root_url)
+      flash[:notice].should == 'Two factor authentication was enabled'
+    end
+
+    it "should not enable authy for user" do
+      sign_in @user
+      post :POST_verify_authy_installation, :token => "0007777"
+      response.should render_template('verify_authy_installation')
+      flash[:error].should == 'Something went wrong while enabling two factor authentication'
     end
 
     it "Should redirect if user isn't authenticated" do
-      request.env["devise.mapping"] = Devise.mappings[:user]
-      post :create, :user => {
-        :cellphone => '3010008090',
-        :country_code => '57'
-      }
+      get :GET_verify_authy_installation
       response.should redirect_to(new_user_session_url)
     end
   end
-end
+
+  describe "POST #request_sms" do
+    it "Should send sms if user is logged" do
+      sign_in @user
+      post :request_sms
+      response.content_type.should == 'application/json'
+      body = JSON.parse(response.body)
+      body['sent'].should be_true
+      body['message'].should == "SMS token was sent"
+    end
+
+    it "Shoul not send sms if user couldn't be found" do
+      post :request_sms
+      response.content_type.should == 'application/json'
+      body = JSON.parse(response.body)
+      body['sent'].should be_false
+      body['message'].should == "User couldn't be found."
+    end
+  end
+end