devise-authy 1.0.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +3 -1
- data/Gemfile.lock +90 -62
- data/Rakefile +1 -1
- data/VERSION +1 -1
- data/app/controllers/devise/devise_authy_controller.rb +23 -5
- data/app/views/devise/enable_authy.html.erb +2 -3
- data/app/views/devise/enable_authy.html.haml +2 -5
- data/app/views/devise/verify_authy.html.erb +5 -0
- data/app/views/devise/verify_authy.html.haml +3 -0
- data/authy-devise-demo/Gemfile +1 -0
- data/authy-devise-demo/Gemfile.lock +12 -3
- data/authy-devise-demo/app/views/devise/devise_authy/enable_authy.html.erb +2 -3
- data/authy-devise-demo/app/views/devise/devise_authy/verify_authy.html.erb +5 -0
- data/authy-devise-demo/app/views/layouts/application.html.erb +14 -2
- data/authy-devise-demo/config/initializers/devise.rb +7 -2
- data/authy-devise-demo/config/locales/devise.authy.en.yml +4 -1
- data/config/locales/en.yml +4 -1
- data/devise-authy.gemspec +62 -51
- data/lib/devise-authy.rb +3 -0
- data/lib/devise-authy/controllers/helpers.rb +40 -17
- data/lib/devise-authy/models/authy_authenticatable.rb +2 -0
- data/lib/generators/devise_authy/install_generator.rb +10 -3
- data/spec/controllers/devise_authy_controller_spec.rb +134 -45
- data/spec/features/authy_authenticatable_spec.rb +95 -0
- data/spec/generators_spec.rb +12 -6
- data/spec/orm/active_record.rb +1 -1
- data/spec/rails-app/Gemfile +8 -0
- data/spec/rails-app/Gemfile.lock +111 -0
- data/spec/{rails_app → rails-app}/Rakefile +2 -5
- data/spec/{rails_app → rails-app}/app/assets/images/rails.png +0 -0
- data/spec/rails-app/app/assets/javascripts/application.js +15 -0
- data/spec/rails-app/app/assets/javascripts/devise_authy.js +7 -0
- data/spec/rails-app/app/assets/javascripts/welcome.js +2 -0
- data/spec/rails-app/app/assets/stylesheets/application.css +13 -0
- data/spec/{rails_app → rails-app}/app/assets/stylesheets/devise_authy.css +0 -0
- data/spec/rails-app/app/assets/stylesheets/welcome.css.scss +3 -0
- data/spec/{rails_app → rails-app}/app/controllers/application_controller.rb +0 -1
- data/spec/rails-app/app/controllers/welcome_controller.rb +6 -0
- data/spec/{rails_app → rails-app}/app/helpers/application_helper.rb +0 -0
- data/spec/rails-app/app/helpers/welcome_helper.rb +2 -0
- data/spec/{rails_app → rails-app}/app/mailers/.gitkeep +0 -0
- data/spec/{rails_app → rails-app}/app/models/.gitkeep +0 -0
- data/spec/{rails_app → rails-app}/app/models/user.rb +4 -2
- data/spec/{rails_app/app/views/devise/devise_authy/register.html.erb → rails-app/app/views/devise/devise_authy/enable_authy.html.erb} +4 -6
- data/spec/rails-app/app/views/devise/devise_authy/verify_authy.html.erb +13 -0
- data/spec/rails-app/app/views/devise/devise_authy/verify_authy_installation.html.erb +10 -0
- data/spec/rails-app/app/views/layouts/application.html.erb +29 -0
- data/spec/rails-app/app/views/welcome/index.html.erb +5 -0
- data/spec/{rails_app → rails-app}/config.ru +0 -0
- data/spec/{rails_app → rails-app}/config/application.rb +18 -2
- data/spec/rails-app/config/boot.rb +6 -0
- data/spec/{rails_app → rails-app}/config/database.yml +6 -3
- data/spec/{rails_app → rails-app}/config/environment.rb +0 -0
- data/spec/{rails_app → rails-app}/config/environments/development.rb +2 -0
- data/spec/{rails_app → rails-app}/config/environments/production.rb +0 -0
- data/spec/{rails_app → rails-app}/config/environments/test.rb +0 -0
- data/spec/rails-app/config/initializers/authy.rb +2 -0
- data/spec/{rails_app → rails-app}/config/initializers/backtrace_silencers.rb +0 -0
- data/spec/{rails_app → rails-app}/config/initializers/devise.rb +13 -5
- data/spec/{rails_app → rails-app}/config/initializers/inflections.rb +5 -0
- data/spec/{rails_app → rails-app}/config/initializers/mime_types.rb +0 -0
- data/spec/{rails_app → rails-app}/config/initializers/secret_token.rb +1 -1
- data/spec/{rails_app → rails-app}/config/initializers/session_store.rb +2 -2
- data/spec/{rails_app → rails-app}/config/initializers/wrap_parameters.rb +0 -0
- data/spec/{rails_app → rails-app}/config/locales/devise.authy.en.yml +7 -2
- data/spec/rails-app/config/locales/devise.en.yml +59 -0
- data/spec/rails-app/config/locales/en.yml +5 -0
- data/spec/{rails_app → rails-app}/config/routes.rb +3 -2
- data/spec/rails-app/db/development.sqlite3 +0 -0
- data/spec/{rails_app/db/migrate/20121029205626_devise_create_users.rb → rails-app/db/migrate/20130419164907_devise_create_users.rb} +15 -1
- data/spec/{rails_app/db/migrate/20121029205628_devise_authy_add_to_users.rb → rails-app/db/migrate/20130419164936_devise_authy_add_to_users.rb} +5 -2
- data/spec/{rails_app → rails-app}/db/schema.rb +7 -12
- data/spec/rails-app/db/seeds.rb +7 -0
- data/spec/rails-app/lib/assets/.gitkeep +0 -0
- data/spec/rails-app/lib/tasks/.gitkeep +0 -0
- data/spec/rails-app/public/404.html +26 -0
- data/spec/rails-app/public/422.html +26 -0
- data/spec/rails-app/public/500.html +25 -0
- data/spec/rails-app/public/favicon.ico +0 -0
- data/spec/rails-app/public/robots.txt +5 -0
- data/spec/{rails_app → rails-app}/script/rails +0 -0
- data/spec/routing/routes_spec.rb +20 -8
- data/spec/spec_helper.rb +1 -2
- data/spec/support/helpers.rb +6 -1
- metadata +86 -62
- data/spec/integration/authy_authenticatable.rb +0 -88
- data/spec/rails_app/app/assets/javascripts/application.js +0 -10
- data/spec/rails_app/app/assets/stylesheets/application.css +0 -9
- data/spec/rails_app/app/assets/stylesheets/devise_authy.css.scss +0 -26
- data/spec/rails_app/app/assets/stylesheets/scaffolds.css.scss +0 -56
- data/spec/rails_app/app/controllers/posts_controller.rb +0 -83
- data/spec/rails_app/app/helpers/posts_helper.rb +0 -2
- data/spec/rails_app/app/models/post.rb +0 -2
- data/spec/rails_app/app/views/devise/devise_authy/show.html.erb +0 -10
- data/spec/rails_app/app/views/layouts/application.html.erb +0 -24
- data/spec/rails_app/app/views/posts/_form.html.erb +0 -25
- data/spec/rails_app/app/views/posts/edit.html.erb +0 -6
- data/spec/rails_app/app/views/posts/index.html.erb +0 -27
- data/spec/rails_app/app/views/posts/new.html.erb +0 -5
- data/spec/rails_app/app/views/posts/show.html.erb +0 -15
- data/spec/rails_app/config/boot.rb +0 -7
- data/spec/rails_app/config/initializers/authy.rb +0 -3
- data/spec/rails_app/db/migrate/20121029205627_create_posts.rb +0 -10
- data/spec/rails_app/public/favicon.ico +0 -0
@@ -6,6 +6,11 @@
|
|
6
6
|
<legend><%= I18n.t('submit_token_title', {:scope => 'devise'}) %></legend>
|
7
7
|
<%= label_tag :token %>
|
8
8
|
<%= text_field_tag :token, "", :autocomplete => :off, :id => 'authy-token' %>
|
9
|
+
<label>
|
10
|
+
<%= check_box_tag :remember_device %>
|
11
|
+
<span><%= I18n.t('remember_device', {:scope => 'devise'}) %></span>
|
12
|
+
</label>
|
13
|
+
|
9
14
|
<%= link_to '?', '#', :id => 'authy-help' %>
|
10
15
|
<%= authy_request_sms_link %>
|
11
16
|
<%= submit_tag I18n.t('submit_token', {:scope => 'devise'}), :class => 'btn' %>
|
@@ -4,7 +4,7 @@
|
|
4
4
|
<title>AuthyDeviseDemo</title>
|
5
5
|
<%= stylesheet_link_tag "application", :media => "all" %>
|
6
6
|
<%= javascript_include_tag "application" %>
|
7
|
-
<%= csrf_meta_tags %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
8
|
<%=javascript_include_tag "https://www.authy.com/form.authy.min.js" %>
|
9
9
|
<%=stylesheet_link_tag "https://www.authy.com/form.authy.min.css" %>
|
10
10
|
<%=javascript_include_tag "devise_authy.js" %>
|
@@ -12,7 +12,19 @@
|
|
12
12
|
</head>
|
13
13
|
<body>
|
14
14
|
|
15
|
-
|
15
|
+
<% if flash[:notice] %>
|
16
|
+
<div id="notice">
|
17
|
+
<%= flash[:notice] %>
|
18
|
+
</div>
|
19
|
+
<% end %>
|
20
|
+
|
21
|
+
<% if flash[:error] %>
|
22
|
+
<div class='alert alert-error'>
|
23
|
+
<%= flash[:error] %>
|
24
|
+
</div>
|
25
|
+
<% end %>
|
26
|
+
|
27
|
+
<%= yield %>
|
16
28
|
|
17
29
|
</body>
|
18
30
|
</html>
|
@@ -125,7 +125,7 @@ Devise.setup do |config|
|
|
125
125
|
# The time you want to timeout the user session without activity. After this
|
126
126
|
# time the user will be asked for credentials again. Default is 30 minutes.
|
127
127
|
# config.timeout_in = 30.minutes
|
128
|
-
|
128
|
+
|
129
129
|
# If true, expires auth token on session timeout.
|
130
130
|
# config.expire_auth_token_on_timeout = false
|
131
131
|
|
@@ -229,4 +229,9 @@ Devise.setup do |config|
|
|
229
229
|
# When using omniauth, Devise cannot automatically set Omniauth path,
|
230
230
|
# so you need to do it manually. For the users scope, it would be:
|
231
231
|
# config.omniauth_path_prefix = "/my_engine/users/auth"
|
232
|
-
|
232
|
+
|
233
|
+
# ==> Devise Authy Authentication Extension
|
234
|
+
# How long should the user's device be remembered for.
|
235
|
+
config.authy_remember_device = 1.minute
|
236
|
+
|
237
|
+
end
|
@@ -7,12 +7,15 @@ en:
|
|
7
7
|
cellphone: 'Enter your cellphone'
|
8
8
|
country: 'Enter you country'
|
9
9
|
request_sms: 'Request SMS'
|
10
|
+
remember_device: 'Remember Device'
|
10
11
|
|
11
12
|
authy_verify_installation_title: "Verify your account"
|
12
13
|
enable_my_account: 'Enable my account'
|
13
14
|
|
14
15
|
devise_authy:
|
15
16
|
user:
|
16
|
-
enabled: 'Two factor authentication was
|
17
|
+
enabled: 'Two factor authentication was enabled'
|
17
18
|
not_enabled: 'Something went wrong while enabling two factor authentication'
|
18
19
|
signed_in: 'Signed in with Authy successfully.'
|
20
|
+
already_enabled: "Two factor authentication is already enabled."
|
21
|
+
invalid_token: 'The entered token is invalid.'
|
data/config/locales/en.yml
CHANGED
@@ -7,12 +7,15 @@ en:
|
|
7
7
|
cellphone: 'Enter your cellphone'
|
8
8
|
country: 'Enter you country'
|
9
9
|
request_sms: 'Request SMS'
|
10
|
+
remember_device: 'Remember Device'
|
10
11
|
|
11
12
|
authy_verify_installation_title: "Verify your account"
|
12
13
|
enable_my_account: 'Enable my account'
|
13
14
|
|
14
15
|
devise_authy:
|
15
16
|
user:
|
16
|
-
enabled: 'Two factor authentication was
|
17
|
+
enabled: 'Two factor authentication was enabled'
|
17
18
|
not_enabled: 'Something went wrong while enabling two factor authentication'
|
18
19
|
signed_in: 'Signed in with Authy successfully.'
|
20
|
+
already_enabled: "Two factor authentication is already enabled."
|
21
|
+
invalid_token: 'The entered token is invalid'
|
data/devise-authy.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = "devise-authy"
|
8
|
-
s.version = "1.
|
8
|
+
s.version = "1.2.1"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Authy Inc."]
|
12
|
-
s.date = "2013-04-
|
12
|
+
s.date = "2013-04-22"
|
13
13
|
s.description = "Authy plugin for Devise"
|
14
14
|
s.email = "support@authy.com"
|
15
15
|
s.extra_rdoc_files = [
|
@@ -120,62 +120,70 @@ Gem::Specification.new do |s|
|
|
120
120
|
"lib/generators/devise_authy/devise_authy_generator.rb",
|
121
121
|
"lib/generators/devise_authy/install_generator.rb",
|
122
122
|
"spec/controllers/devise_authy_controller_spec.rb",
|
123
|
+
"spec/features/authy_authenticatable_spec.rb",
|
123
124
|
"spec/generators_spec.rb",
|
124
|
-
"spec/integration/authy_authenticatable.rb",
|
125
125
|
"spec/models/authy_authenticatable.rb",
|
126
126
|
"spec/orm/active_record.rb",
|
127
|
-
"spec/
|
128
|
-
"spec/
|
129
|
-
"spec/
|
130
|
-
"spec/
|
131
|
-
"spec/
|
132
|
-
"spec/
|
133
|
-
"spec/
|
134
|
-
"spec/
|
135
|
-
"spec/
|
136
|
-
"spec/
|
137
|
-
"spec/
|
138
|
-
"spec/
|
139
|
-
"spec/
|
140
|
-
"spec/
|
141
|
-
"spec/
|
142
|
-
"spec/
|
143
|
-
"spec/
|
144
|
-
"spec/
|
145
|
-
"spec/
|
146
|
-
"spec/
|
147
|
-
"spec/
|
148
|
-
"spec/
|
149
|
-
"spec/
|
150
|
-
"spec/
|
151
|
-
"spec/
|
152
|
-
"spec/
|
153
|
-
"spec/
|
154
|
-
"spec/
|
155
|
-
"spec/
|
156
|
-
"spec/
|
157
|
-
"spec/
|
158
|
-
"spec/
|
159
|
-
"spec/
|
160
|
-
"spec/
|
161
|
-
"spec/
|
162
|
-
"spec/
|
163
|
-
"spec/
|
164
|
-
"spec/
|
165
|
-
"spec/
|
166
|
-
"spec/
|
167
|
-
"spec/
|
168
|
-
"spec/
|
169
|
-
"spec/
|
170
|
-
"spec/
|
171
|
-
"spec/
|
172
|
-
"spec/
|
173
|
-
"spec/
|
127
|
+
"spec/rails-app/Gemfile",
|
128
|
+
"spec/rails-app/Gemfile.lock",
|
129
|
+
"spec/rails-app/Rakefile",
|
130
|
+
"spec/rails-app/app/assets/images/rails.png",
|
131
|
+
"spec/rails-app/app/assets/javascripts/application.js",
|
132
|
+
"spec/rails-app/app/assets/javascripts/devise_authy.js",
|
133
|
+
"spec/rails-app/app/assets/javascripts/welcome.js",
|
134
|
+
"spec/rails-app/app/assets/stylesheets/application.css",
|
135
|
+
"spec/rails-app/app/assets/stylesheets/devise_authy.css",
|
136
|
+
"spec/rails-app/app/assets/stylesheets/welcome.css.scss",
|
137
|
+
"spec/rails-app/app/controllers/application_controller.rb",
|
138
|
+
"spec/rails-app/app/controllers/welcome_controller.rb",
|
139
|
+
"spec/rails-app/app/helpers/application_helper.rb",
|
140
|
+
"spec/rails-app/app/helpers/welcome_helper.rb",
|
141
|
+
"spec/rails-app/app/mailers/.gitkeep",
|
142
|
+
"spec/rails-app/app/models/.gitkeep",
|
143
|
+
"spec/rails-app/app/models/user.rb",
|
144
|
+
"spec/rails-app/app/views/devise/devise_authy/enable_authy.html.erb",
|
145
|
+
"spec/rails-app/app/views/devise/devise_authy/verify_authy.html.erb",
|
146
|
+
"spec/rails-app/app/views/devise/devise_authy/verify_authy_installation.html.erb",
|
147
|
+
"spec/rails-app/app/views/layouts/application.html.erb",
|
148
|
+
"spec/rails-app/app/views/welcome/index.html.erb",
|
149
|
+
"spec/rails-app/config.ru",
|
150
|
+
"spec/rails-app/config/application.rb",
|
151
|
+
"spec/rails-app/config/boot.rb",
|
152
|
+
"spec/rails-app/config/database.yml",
|
153
|
+
"spec/rails-app/config/environment.rb",
|
154
|
+
"spec/rails-app/config/environments/development.rb",
|
155
|
+
"spec/rails-app/config/environments/production.rb",
|
156
|
+
"spec/rails-app/config/environments/test.rb",
|
157
|
+
"spec/rails-app/config/initializers/authy.rb",
|
158
|
+
"spec/rails-app/config/initializers/backtrace_silencers.rb",
|
159
|
+
"spec/rails-app/config/initializers/devise.rb",
|
160
|
+
"spec/rails-app/config/initializers/inflections.rb",
|
161
|
+
"spec/rails-app/config/initializers/mime_types.rb",
|
162
|
+
"spec/rails-app/config/initializers/secret_token.rb",
|
163
|
+
"spec/rails-app/config/initializers/session_store.rb",
|
164
|
+
"spec/rails-app/config/initializers/wrap_parameters.rb",
|
165
|
+
"spec/rails-app/config/locales/devise.authy.en.yml",
|
166
|
+
"spec/rails-app/config/locales/devise.en.yml",
|
167
|
+
"spec/rails-app/config/locales/en.yml",
|
168
|
+
"spec/rails-app/config/routes.rb",
|
169
|
+
"spec/rails-app/db/development.sqlite3",
|
170
|
+
"spec/rails-app/db/migrate/20130419164907_devise_create_users.rb",
|
171
|
+
"spec/rails-app/db/migrate/20130419164936_devise_authy_add_to_users.rb",
|
172
|
+
"spec/rails-app/db/schema.rb",
|
173
|
+
"spec/rails-app/db/seeds.rb",
|
174
|
+
"spec/rails-app/lib/assets/.gitkeep",
|
175
|
+
"spec/rails-app/lib/tasks/.gitkeep",
|
176
|
+
"spec/rails-app/public/404.html",
|
177
|
+
"spec/rails-app/public/422.html",
|
178
|
+
"spec/rails-app/public/500.html",
|
179
|
+
"spec/rails-app/public/favicon.ico",
|
180
|
+
"spec/rails-app/public/robots.txt",
|
181
|
+
"spec/rails-app/script/rails",
|
174
182
|
"spec/routing/routes_spec.rb",
|
175
183
|
"spec/spec_helper.rb",
|
176
184
|
"spec/support/helpers.rb"
|
177
185
|
]
|
178
|
-
s.homepage = "
|
186
|
+
s.homepage = "https://github.com/authy/authy-devise"
|
179
187
|
s.licenses = ["MIT"]
|
180
188
|
s.require_paths = ["lib"]
|
181
189
|
s.rubygems_version = "1.8.24"
|
@@ -195,6 +203,7 @@ Gem::Specification.new do |s|
|
|
195
203
|
s.add_development_dependency(%q<simplecov>, [">= 0"])
|
196
204
|
s.add_development_dependency(%q<sass-rails>, [">= 0"])
|
197
205
|
s.add_development_dependency(%q<jquery-rails>, [">= 0"])
|
206
|
+
s.add_development_dependency(%q<pry>, [">= 0"])
|
198
207
|
else
|
199
208
|
s.add_dependency(%q<devise>, [">= 0"])
|
200
209
|
s.add_dependency(%q<authy>, [">= 0"])
|
@@ -206,6 +215,7 @@ Gem::Specification.new do |s|
|
|
206
215
|
s.add_dependency(%q<simplecov>, [">= 0"])
|
207
216
|
s.add_dependency(%q<sass-rails>, [">= 0"])
|
208
217
|
s.add_dependency(%q<jquery-rails>, [">= 0"])
|
218
|
+
s.add_dependency(%q<pry>, [">= 0"])
|
209
219
|
end
|
210
220
|
else
|
211
221
|
s.add_dependency(%q<devise>, [">= 0"])
|
@@ -218,6 +228,7 @@ Gem::Specification.new do |s|
|
|
218
228
|
s.add_dependency(%q<simplecov>, [">= 0"])
|
219
229
|
s.add_dependency(%q<sass-rails>, [">= 0"])
|
220
230
|
s.add_dependency(%q<jquery-rails>, [">= 0"])
|
231
|
+
s.add_dependency(%q<pry>, [">= 0"])
|
221
232
|
end
|
222
233
|
end
|
223
234
|
|
data/lib/devise-authy.rb
CHANGED
@@ -1,9 +1,12 @@
|
|
1
1
|
require 'active_support/concern'
|
2
|
+
require 'active_support/core_ext/integer/time'
|
2
3
|
require 'devise-authy/version'
|
3
4
|
require 'devise'
|
4
5
|
require 'authy'
|
5
6
|
|
6
7
|
module Devise
|
8
|
+
mattr_accessor :authy_remember_device
|
9
|
+
@@authy_remember_device = 1.month
|
7
10
|
end
|
8
11
|
|
9
12
|
module DeviseAuthy
|
@@ -4,28 +4,51 @@ module DeviseAuthy
|
|
4
4
|
extend ActiveSupport::Concern
|
5
5
|
|
6
6
|
included do
|
7
|
-
before_filter :check_request_and_redirect_to_verify_token
|
7
|
+
before_filter :check_request_and_redirect_to_verify_token, :if => :is_signing_in?
|
8
8
|
end
|
9
9
|
|
10
10
|
private
|
11
|
+
def remember_device
|
12
|
+
cookies.signed[:remember_device] = {
|
13
|
+
:value => Time.now.to_i,
|
14
|
+
:secure => !(Rails.env.test? || Rails.env.development?)
|
15
|
+
}
|
16
|
+
end
|
17
|
+
|
18
|
+
def require_token?
|
19
|
+
if cookies.signed[:remember_device].present? &&
|
20
|
+
(Time.now.to_i - cookies.signed[:remember_device].to_i) < \
|
21
|
+
resource_class.authy_remember_device.to_i
|
22
|
+
return false
|
23
|
+
end
|
24
|
+
|
25
|
+
return true
|
26
|
+
end
|
27
|
+
|
28
|
+
def is_signing_in?
|
29
|
+
if devise_controller? && signed_in?(resource_name) &&
|
30
|
+
self.class == Devise::SessionsController && self.action_name == "create"
|
31
|
+
return true
|
32
|
+
end
|
33
|
+
|
34
|
+
return false
|
35
|
+
end
|
11
36
|
|
12
37
|
def check_request_and_redirect_to_verify_token
|
13
|
-
if
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
end
|
28
|
-
end
|
38
|
+
if signed_in?(resource_name) &&
|
39
|
+
warden.session(resource_name)[:with_authy_authentication] &&
|
40
|
+
require_token?
|
41
|
+
# login with 2fa
|
42
|
+
id = warden.session(resource_name)[:id]
|
43
|
+
warden.logout
|
44
|
+
warden.reset_session! # make sure the session resetted
|
45
|
+
session["#{resource_name}_id"] = id
|
46
|
+
# this is safe to put in the session because the cookie is signed
|
47
|
+
session["#{resource_name}_password_checked"] = true
|
48
|
+
session["#{resource_name}_return_to"] = request.path if request.get?
|
49
|
+
|
50
|
+
redirect_to verify_authy_path_for(resource_name)
|
51
|
+
return
|
29
52
|
end
|
30
53
|
end
|
31
54
|
|
@@ -9,6 +9,13 @@ module DeviseAuthy
|
|
9
9
|
|
10
10
|
desc "Install the devise authy extension"
|
11
11
|
|
12
|
+
def add_configs
|
13
|
+
inject_into_file "config/initializers/devise.rb", "\n" +
|
14
|
+
" # ==> Devise Authy Authentication Extension\n" +
|
15
|
+
" # How long should the user's device be remembered for.\n" +
|
16
|
+
" # config.authy_remember_device = 1.month\n\n", :before => /^end[\r\n]*$/
|
17
|
+
end
|
18
|
+
|
12
19
|
def copy_locale
|
13
20
|
copy_file "../../../config/locales/en.yml", "config/locales/devise.authy.en.yml"
|
14
21
|
end
|
@@ -38,7 +45,7 @@ module DeviseAuthy
|
|
38
45
|
{
|
39
46
|
:haml => {
|
40
47
|
:before => %r{%body\s*$},
|
41
|
-
:content => %@
|
48
|
+
:content => %@
|
42
49
|
=javascript_include_tag "https://www.authy.com/form.authy.min.js"
|
43
50
|
=stylesheet_link_tag "https://www.authy.com/form.authy.min.css"
|
44
51
|
=javascript_include_tag "devise_authy.js"
|
@@ -46,7 +53,7 @@ module DeviseAuthy
|
|
46
53
|
},
|
47
54
|
:erb => {
|
48
55
|
:before => %r{\s*</\s*head\s*>\s*},
|
49
|
-
:content => %@
|
56
|
+
:content => %@
|
50
57
|
<%=javascript_include_tag "https://www.authy.com/form.authy.min.js" %>
|
51
58
|
<%=stylesheet_link_tag "https://www.authy.com/form.authy.min.css" %>
|
52
59
|
<%=javascript_include_tag "devise_authy.js" %>
|
@@ -55,7 +62,7 @@ module DeviseAuthy
|
|
55
62
|
}.each do |extension, opts|
|
56
63
|
file_path = "app/views/layouts/application.html.#{extension}"
|
57
64
|
if File.exists?(file_path) && !File.read(file_path).include?("devise_authy.js")
|
58
|
-
inject_into_file(file_path, opts.delete(:content), opts)
|
65
|
+
inject_into_file(file_path, opts.delete(:content), opts)
|
59
66
|
end
|
60
67
|
end
|
61
68
|
end
|
@@ -4,82 +4,171 @@ describe Devise::DeviseAuthyController do
|
|
4
4
|
include Devise::TestHelpers
|
5
5
|
|
6
6
|
before :each do
|
7
|
-
|
7
|
+
request.env["devise.mapping"] = Devise.mappings[:user]
|
8
|
+
@user = create_user(:authy_id => 2)
|
8
9
|
end
|
9
10
|
|
10
|
-
describe "GET #
|
11
|
+
describe "GET #verify_authy" do
|
11
12
|
it "Should render the second step of authentication" do
|
12
|
-
request.
|
13
|
-
|
14
|
-
|
13
|
+
request.session["user_id"] = @user.id
|
14
|
+
request.session["user_password_checked"] = true
|
15
|
+
get :GET_verify_authy
|
16
|
+
response.should render_template('verify_authy')
|
17
|
+
end
|
18
|
+
|
19
|
+
it "Should no render the second step of authentication if first step is incomplete" do
|
20
|
+
request.session["user_id"] = @user.id
|
21
|
+
get :GET_verify_authy
|
22
|
+
response.should redirect_to(root_url)
|
23
|
+
end
|
24
|
+
|
25
|
+
it "should redirect to root_url" do
|
26
|
+
get :GET_verify_authy
|
27
|
+
response.should redirect_to(root_url)
|
15
28
|
end
|
16
29
|
end
|
17
30
|
|
18
|
-
describe "
|
31
|
+
describe "POST #verify_authy" do
|
19
32
|
it "Should login the user if token is ok" do
|
20
|
-
request.
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
}
|
33
|
+
request.session["user_id"] = @user.id
|
34
|
+
request.session["user_password_checked"] = true
|
35
|
+
|
36
|
+
post :POST_verify_authy, :token => '0000000'
|
37
|
+
@user.reload
|
38
|
+
@user.last_sign_in_with_authy.should_not be_nil
|
39
|
+
|
40
|
+
response.cookies["remember_device"].should be_nil
|
29
41
|
response.should redirect_to(root_url)
|
30
42
|
flash.now[:notice].should_not be_nil
|
31
43
|
end
|
32
44
|
|
33
|
-
it "
|
34
|
-
request.
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
45
|
+
it "Should set remember_device if selected" do
|
46
|
+
request.session["user_id"] = @user.id
|
47
|
+
request.session["user_password_checked"] = true
|
48
|
+
|
49
|
+
post :POST_verify_authy, :token => '0000000', :remember_device => '1'
|
50
|
+
@user.reload
|
51
|
+
@user.last_sign_in_with_authy.should_not be_nil
|
52
|
+
|
53
|
+
response.cookies["remember_device"].should_not be_nil
|
42
54
|
response.should redirect_to(root_url)
|
55
|
+
flash.now[:notice].should_not be_nil
|
56
|
+
end
|
57
|
+
|
58
|
+
it "Shouldn't login the user if token is invalid" do
|
59
|
+
request.session["user_id"] = @user.id
|
60
|
+
request.session["user_password_checked"] = true
|
61
|
+
|
62
|
+
post :POST_verify_authy, :token => '5678900'
|
63
|
+
response.should render_template('verify_authy')
|
43
64
|
end
|
44
65
|
end
|
45
66
|
|
46
|
-
describe "GET #
|
67
|
+
describe "GET #enable_authy" do
|
47
68
|
it "Should render enable authy view" do
|
48
|
-
|
49
|
-
|
50
|
-
get :
|
51
|
-
response.should render_template('
|
69
|
+
user2 = create_user
|
70
|
+
sign_in user2
|
71
|
+
get :GET_enable_authy
|
72
|
+
response.should render_template('enable_authy')
|
52
73
|
end
|
53
74
|
|
54
75
|
it "Shouldn't render enable authy view" do
|
55
|
-
|
56
|
-
get :register
|
76
|
+
get :GET_enable_authy
|
57
77
|
response.should redirect_to(new_user_session_url)
|
58
78
|
end
|
79
|
+
|
80
|
+
it "should redirect if user has authy enabled" do
|
81
|
+
@user.update_attribute(:authy_enabled, true)
|
82
|
+
sign_in @user
|
83
|
+
get :GET_enable_authy
|
84
|
+
response.should redirect_to(root_url)
|
85
|
+
flash.now[:notice].should == "Two factor authentication is already enabled."
|
86
|
+
end
|
87
|
+
|
88
|
+
it "Should render enable authy view if authy enabled is false" do
|
89
|
+
sign_in @user
|
90
|
+
get :GET_enable_authy
|
91
|
+
response.should render_template('enable_authy')
|
92
|
+
end
|
59
93
|
end
|
60
94
|
|
61
|
-
describe "POST #
|
95
|
+
describe "POST #enable_authy" do
|
62
96
|
it "Should create user in authy application" do
|
63
|
-
|
97
|
+
user2 = create_user
|
98
|
+
sign_in user2
|
99
|
+
|
100
|
+
post :POST_enable_authy, :cellphone => '2222227', :country_code => '57'
|
101
|
+
user2.reload
|
102
|
+
user2.authy_id.should_not be_nil
|
103
|
+
flash.now[:notice].should == "Two factor authentication was enabled"
|
104
|
+
response.should redirect_to(user_verify_authy_installation_url)
|
105
|
+
end
|
106
|
+
|
107
|
+
it "Should not create user register user failed" do
|
108
|
+
user2 = create_user
|
109
|
+
sign_in user2
|
110
|
+
|
111
|
+
post :POST_enable_authy, :cellphone => '22222', :country_code => "57"
|
112
|
+
response.should render_template('enable_authy')
|
113
|
+
flash[:error].should == "Something went wrong while enabling two factor authentication"
|
114
|
+
end
|
115
|
+
|
116
|
+
it "Should redirect if user isn't authenticated" do
|
117
|
+
post :POST_enable_authy, :cellphone => '3010008090', :country_code => '57'
|
118
|
+
response.should redirect_to(new_user_session_url)
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
describe "GET #verify_authy_installation" do
|
123
|
+
it "Should render the authy installation page" do
|
64
124
|
sign_in @user
|
65
|
-
|
66
|
-
response.
|
67
|
-
|
68
|
-
Authy::API.should_receive(:register_user).with(:email => @user.email, :cellphone => '3010008090', :country_code => '57').and_return(response)
|
125
|
+
get :GET_verify_authy_installation
|
126
|
+
response.should render_template('verify_authy_installation')
|
127
|
+
end
|
69
128
|
|
70
|
-
|
129
|
+
it "Should redirect if user isn't authenticated" do
|
130
|
+
get :GET_verify_authy_installation
|
131
|
+
response.should redirect_to(new_user_session_url)
|
132
|
+
end
|
133
|
+
end
|
71
134
|
|
72
|
-
|
135
|
+
describe "POST #verify_authy_installation" do
|
136
|
+
it "Should enable authy for user" do
|
137
|
+
sign_in @user
|
138
|
+
post :POST_verify_authy_installation, :token => "0000000"
|
73
139
|
response.should redirect_to(root_url)
|
140
|
+
flash[:notice].should == 'Two factor authentication was enabled'
|
141
|
+
end
|
142
|
+
|
143
|
+
it "should not enable authy for user" do
|
144
|
+
sign_in @user
|
145
|
+
post :POST_verify_authy_installation, :token => "0007777"
|
146
|
+
response.should render_template('verify_authy_installation')
|
147
|
+
flash[:error].should == 'Something went wrong while enabling two factor authentication'
|
74
148
|
end
|
75
149
|
|
76
150
|
it "Should redirect if user isn't authenticated" do
|
77
|
-
|
78
|
-
post :create, :user => {
|
79
|
-
:cellphone => '3010008090',
|
80
|
-
:country_code => '57'
|
81
|
-
}
|
151
|
+
get :GET_verify_authy_installation
|
82
152
|
response.should redirect_to(new_user_session_url)
|
83
153
|
end
|
84
154
|
end
|
85
|
-
|
155
|
+
|
156
|
+
describe "POST #request_sms" do
|
157
|
+
it "Should send sms if user is logged" do
|
158
|
+
sign_in @user
|
159
|
+
post :request_sms
|
160
|
+
response.content_type.should == 'application/json'
|
161
|
+
body = JSON.parse(response.body)
|
162
|
+
body['sent'].should be_true
|
163
|
+
body['message'].should == "SMS token was sent"
|
164
|
+
end
|
165
|
+
|
166
|
+
it "Shoul not send sms if user couldn't be found" do
|
167
|
+
post :request_sms
|
168
|
+
response.content_type.should == 'application/json'
|
169
|
+
body = JSON.parse(response.body)
|
170
|
+
body['sent'].should be_false
|
171
|
+
body['message'].should == "User couldn't be found."
|
172
|
+
end
|
173
|
+
end
|
174
|
+
end
|