devise-authy 1.0.0

data/lib/devise-authy/version.rb

@@ -0,0 +1,3 @@
+module DeviseAuthy
+  VERSION = "0.0.1"
+end

data/lib/generators/active_record/devise_authy_generator.rb

@@ -0,0 +1,13 @@
+require 'rails/generators/active_record'
+
+module ActiveRecord
+  module Generators
+    class DeviseAuthyGenerator < ActiveRecord::Generators::Base
+      source_root File.expand_path("../templates", __FILE__)
+
+      def copy_devise_migration
+        migration_template "migration.rb", "db/migrate/devise_authy_add_to_#{table_name}"
+      end
+    end
+  end
+end

data/lib/generators/active_record/templates/migration.rb

@@ -0,0 +1,18 @@
+class DeviseAuthyAddTo<%= table_name.camelize %> < ActiveRecord::Migration
+  def self.up
+    change_table :<%= table_name %> do |t|
+      t.string    :authy_id
+      t.datetime  :last_sign_in_with_authy
+      t.boolean   :authy_enabled, :default => false
+    end
+
+    add_index :<%= table_name %>, :authy_id
+  end
+
+  def self.down
+    change_table :<%= table_name %> do |t|
+      t.remove :authy_id, :last_sign_in_with_authy, :authy_enabled
+    end
+  end
+end
+

data/lib/generators/devise_authy/devise_authy_generator.rb

@@ -0,0 +1,30 @@
+module DeviseAuthy
+  module Generators
+    class DeviseAuthyGenerator < Rails::Generators::NamedBase
+
+      namespace "devise_authy"
+
+      desc "Add :authy_authenticatable directive in the given model, plus accessors. Also generate migration for ActiveRecord"
+
+      def inject_devise_authy_content
+        path = File.join("app","models","#{file_path}.rb")
+        if File.exists?(path) &&
+          !File.read(path).include?("authy_authenticatable")
+          inject_into_file(path,
+                           "authy_authenticatable, :",
+                           :after => "devise :")
+        end
+
+        if File.exists?(path) &&
+          !File.read(path).include?(":authy_id")
+          inject_into_file(path,
+                           ":authy_id, :last_sign_in_with_authy, ",
+                           :after => "attr_accessible ") 
+        end
+      end
+
+      hook_for :orm
+
+    end
+  end
+end

data/lib/generators/devise_authy/install_generator.rb

@@ -0,0 +1,64 @@
+module DeviseAuthy
+  module Generators
+    # Install Generator
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path("../../templates", __FILE__)
+
+      class_option :haml, :type => :boolean, :required => false, :default => false, :desc => "Generate views in Haml"
+      class_option :sass, :type => :boolean, :required => false, :default => false, :desc => "Generate stylesheet in Sass"
+
+      desc "Install the devise authy extension"
+
+      def copy_locale
+        copy_file "../../../config/locales/en.yml", "config/locales/devise.authy.en.yml"
+      end
+
+      def copy_views
+        if options.haml?
+          copy_file '../../../app/views/devise/enable_authy.html.haml', 'app/views/devise/devise_authy/enable_authy.html.haml'
+          copy_file '../../../app/views/devise/verify_authy.html.haml', 'app/views/devise/devise_authy/verify_authy.html.haml'
+          copy_file '../../../app/views/devise/verify_authy_installation.html.haml', 'app/views/devise/devise_authy/verify_authy_installation.html.haml'
+        else
+          copy_file '../../../app/views/devise/enable_authy.html.erb', 'app/views/devise/devise_authy/enable_authy.html.erb'
+          copy_file '../../../app/views/devise/verify_authy.html.erb', 'app/views/devise/devise_authy/verify_authy.html.erb'
+          copy_file '../../../app/views/devise/verify_authy_installation.html.erb', 'app/views/devise/devise_authy/verify_authy_installation.html.erb'
+        end
+      end
+
+      def copy_assets
+        if options.sass?
+          copy_file '../../../app/assets/stylesheets/devise_authy.sass', 'app/assets/stylesheets/devise_authy.sass'
+        else
+          copy_file '../../../app/assets/stylesheets/devise_authy.css', 'app/assets/stylesheets/devise_authy.css'
+        end
+        copy_file '../../../app/assets/javascripts/devise_authy.js', 'app/assets/javascripts/devise_authy.js'
+      end
+
+      def inject_assets_in_layout
+        {
+          :haml => {
+            :before => %r{%body\s*$},
+            :content => %@    
+    =javascript_include_tag "https://www.authy.com/form.authy.min.js"
+    =stylesheet_link_tag "https://www.authy.com/form.authy.min.css"
+    =javascript_include_tag "devise_authy.js"
+@
+          },
+          :erb => {
+            :before => %r{\s*</\s*head\s*>\s*},
+            :content => %@    
+  <%=javascript_include_tag "https://www.authy.com/form.authy.min.js" %>
+  <%=stylesheet_link_tag "https://www.authy.com/form.authy.min.css" %>
+  <%=javascript_include_tag "devise_authy.js" %>
+@
+          }
+        }.each do |extension, opts|
+          file_path = "app/views/layouts/application.html.#{extension}"
+          if File.exists?(file_path) && !File.read(file_path).include?("devise_authy.js")
+            inject_into_file(file_path, opts.delete(:content), opts) 
+          end
+        end
+      end
+    end
+  end
+end

data/spec/controllers/devise_authy_controller_spec.rb

@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+describe Devise::DeviseAuthyController do
+  include Devise::TestHelpers
+
+  before :each do
+    @user = create_user(:authy_id => '80')
+  end
+
+  describe "GET #show" do
+    it "Should render the second step of authentication" do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      get :show
+      response.should render_template('show')
+    end
+  end
+
+  describe "PUT #update" do
+    it "Should login the user if token is ok" do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      response = mock("authy_request", body: {'status' => 'ok'}.to_json)
+      response.stub(:ok?).and_return(true)
+      Authy::API.should_receive(:verify).with(:id => '80', :token => '567890').and_return(response)
+
+      put :update, :user => {
+        :authy_id => '80',
+        :token => '567890'
+      }
+      response.should redirect_to(root_url)
+      flash.now[:notice].should_not be_nil
+    end
+
+    it "Shouldn't login the user if token is invalid" do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      response = mock("authy_request", body: {"errors"=>{"token"=>"is invalid"}}.to_json)
+      response.stub(:ok?).and_return(false)
+      Authy::API.should_receive(:verify).with(:id => '80', :token => '567890').and_return(response)
+      put :update, :user => {
+        :authy_id => '80',
+        :token => '567890'
+      }
+      response.should redirect_to(root_url)
+    end
+  end
+
+  describe "GET #register" do
+    it "Should render enable authy view" do
+      sign_in @user
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      get :register
+      response.should render_template('register')
+    end
+
+    it "Shouldn't render enable authy view" do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      get :register
+      response.should redirect_to(new_user_session_url)
+    end
+  end
+
+  describe "POST #create" do
+    it "Should create user in authy application" do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      sign_in @user
+      response = mock("authy_request", body: {'success' => 'ok'}.to_json)
+      response.should_receive(:ok?).and_return(true)
+      response.should_receive(:id).and_return('99')
+      Authy::API.should_receive(:register_user).with(:email => @user.email, :cellphone => '3010008090', :country_code => '57').and_return(response)
+
+      post :create, :cellphone => '3010008090', :country_code => '57'
+
+      flash.now[:notice].should_not be_nil
+      response.should redirect_to(root_url)
+    end
+
+    it "Should redirect if user isn't authenticated" do
+      request.env["devise.mapping"] = Devise.mappings[:user]
+      post :create, :user => {
+        :cellphone => '3010008090',
+        :country_code => '57'
+      }
+      response.should redirect_to(new_user_session_url)
+    end
+  end
+end

data/spec/generators_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..'))
+require 'rails/generators'
+require 'generators/devise_authy/devise_authy_generator'
+
+describe "generators for devise_authy" do
+  RAILS_APP_PATH = File.expand_path("../rails_app", __FILE__)
+
+  it "rails g should include the generators" do
+    @output = `cd #{RAILS_APP_PATH} && rails g`
+    @output.include?('devise_authy:install').should be_true
+    @output.include?('active_record:devise_authy').should be_true
+  end
+
+  it "rails g devise_authy:install" do
+    @output = `cd #{RAILS_APP_PATH} && rails g devise_authy:install -p`
+    @output.include?('config/initializers/devise.rb').should be_true
+    @output.include?('config/locales/devise.authy.en.yml').should be_true
+    @output.include?('app/views/devise/devise_authy/register.html.erb').should be_true
+    @output.include?('app/views/devise/devise_authy/show.html.erb').should be_true
+    @output.include?('app/assets/stylesheets/devise_authy.css').should be_true
+  end
+end

data/spec/integration/authy_authenticatable.rb

@@ -0,0 +1,88 @@
+require 'spec_helper'
+
+describe "Authy Autnenticatable", :type => :request do
+  describe "If user don't have two factor authentication should login with email - password" do
+    before :each do
+      @user = create_user(:email => 'foo@bar.com')
+    end
+
+    it "Sign in should succeed" do
+      fill_sign_in_form('foo@bar.com', '12345678')
+      current_path.should == root_path
+      page.should have_content('Signed in successfully.')
+    end
+
+    it "Sign in shouldn't success" do
+      fill_sign_in_form('foo@bar.com', '14567823')
+      current_path.should == new_user_session_path
+      page.should_not have_content('Signed in successfully.')
+    end
+  end
+
+  describe "If user have two factor authentication" do
+    before :each do
+      @user = create_user(:authy_id => '90')
+    end
+
+    describe "Without cookie['authy_authentication']" do
+      it "Sign in should succeed" do
+        authy_response = mock('authy_response', :ok? => true)
+        Authy::API.should_receive(:verify).with(:id => '90', :token => '324567').and_return(authy_response)
+
+        visit new_user_session_path
+        fill_sign_in_form(@user.email, '12345678')
+        current_path.should == user_devise_authy_path
+        page.should have_content('Please enter your Authy token')
+
+        within('#devise_authy') do
+          fill_in 'authy-token', :with => '324567'
+        end
+        click_on 'Check Token'
+        current_path.should == root_path
+        page.should have_content(I18n.t('devise.devise_authy.user.signed_in'))
+        @user.reload
+        @user.last_sign_in_with_authy.should_not be_nil
+      end
+
+      it "Sign in shouldn't success" do
+        authy_response = mock('authy_response', :ok? => false)
+        Authy::API.should_receive(:verify).with(:id => '90', :token => '324567').and_return(authy_response)
+
+        visit new_user_session_path
+        fill_sign_in_form(@user.email, '12345678')
+        current_path.should == user_devise_authy_path
+        page.should have_content('Please enter your Authy token')
+
+        within('#devise_authy') do
+          fill_in 'authy-token', :with => '324567'
+        end
+        click_on 'Check Token'
+        current_path.should == new_user_session_path
+        @user.reload
+        @user.last_sign_in_with_authy.should be_nil
+      end
+    end
+
+    it "With cookie['authy_authentication'] and last_sign_in_with_authy less than one month shouldn't show the request token view" do
+      page.driver.browser.set_cookie('authy_authentication=true')
+      @user.last_sign_in_with_authy = 2.days.ago
+      @user.save
+      @user.reload
+
+      visit new_user_session_path
+      fill_sign_in_form(@user.email, '12345678')
+      current_path.should == root_path
+    end
+
+    it "With cookie['authy_authentication'] and last_sign_in_with_authy greater than one month should Show the request token view" do
+      page.driver.browser.set_cookie('authy_authentication=true')
+      @user.last_sign_in_with_authy = 2.months.ago
+      @user.save
+      @user.reload
+
+      visit new_user_session_path
+      fill_sign_in_form(@user.email, '12345678')
+      current_path.should == user_devise_authy_path
+    end
+  end
+end

data/spec/models/authy_authenticatable.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe Devise::Models::AuthyAuthenticatable do
+  before(:each) do
+    @user = create_user(:authy_id => '20')
+  end
+
+  describe "User#find_by_authy_id" do
+    it "Should find the user" do
+      User.find_by_authy_id('20').should_not be_nil
+    end
+
+    it "Shouldn't find the user" do
+      User.find_by_authy_id('80').should be_nil
+    end
+  end
+end

data/spec/orm/active_record.rb

@@ -0,0 +1,4 @@
+ActiveRecord::Migration.verbose = false
+ActiveRecord::Base.logger = Logger.new(nil)
+
+ActiveRecord::Migrator.migrate(File.expand_path("../../rails_app/db/migrate/", __FILE__))

data/spec/rails_app/Rakefile

@@ -0,0 +1,10 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+require 'rake'
+require 'rake/testtask'
+require 'rdoc/task'
+
+Rails.application.load_tasks

data/spec/rails_app/app/assets/javascripts/application.js

@@ -0,0 +1,10 @@
+// This is a manifest file that'll be compiled into including all the files listed below.
+// Add new JavaScript/Coffee code in separate files in this directory and they'll automatically
+// be included in the compiled file accessible from http://example.com/assets/application.js
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+//= require jquery
+//= require jquery_ujs
+//= require form.authy
+//= require_tree .

data/spec/rails_app/app/assets/stylesheets/application.css

@@ -0,0 +1,9 @@
+/*
+ * This is a manifest file that'll automatically include all the stylesheets available in this directory
+ * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
+ * the top of the compiled file, but it's generally better to create a new file per style scope.
+ *= require_self
+ *= require_tree .
+ *= require 'flags.authy'
+ *= require 'form.authy'
+*/

data/spec/rails_app/app/assets/stylesheets/devise_authy.css

@@ -0,0 +1,26 @@
+.devise_authy {
+  margin-left: auto;
+  margin-right: auto;
+  width: 350px;
+}
+
+legend {
+  display: block;
+  width: 100%;
+  padding: 0;
+  margin-bottom: 20px;
+  font-size: 21px;
+  line-height: 40px;
+  color: #333;
+  border-bottom: 1px solid #E5E5E5;
+}
+
+label,
+input,
+button {
+  font-size: 14px;
+  font-weight: normal;
+  line-height: 20px;
+  padding: 8px;
+  margin: 8px;
+}

data/spec/rails_app/app/assets/stylesheets/devise_authy.css.scss

@@ -0,0 +1,26 @@
+.devise_authy {
+  margin-left: auto;
+  margin-right: auto;
+  width: 350px;
+}
+
+legend {
+  display: block;
+  width: 100%;
+  padding: 0;
+  margin-bottom: 20px;
+  font-size: 21px;
+  line-height: 40px;
+  color: #333;
+  border-bottom: 1px solid #E5E5E5;
+}
+
+label,
+input[type="submit"],
+button {
+  font-size: 14px;
+  font-weight: normal;
+  line-height: 20px;
+  padding: 8px;
+  margin: 8px;
+}