devise-authy 1.7.0 → 2.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -13
- data/.github/workflows/build.yml +32 -0
- data/.gitignore +45 -0
- data/.rspec +1 -0
- data/Appraisals +22 -0
- data/CHANGELOG.md +152 -0
- data/Gemfile +2 -23
- data/LICENSE.txt +1 -1
- data/README.md +147 -36
- data/Rakefile +1 -14
- data/app/controllers/devise/devise_authy_controller.rb +90 -30
- data/app/controllers/devise_authy/passwords_controller.rb +18 -0
- data/app/views/devise/enable_authy.html.erb +2 -2
- data/app/views/devise/enable_authy.html.haml +2 -2
- data/app/views/devise/verify_authy.html.erb +23 -6
- data/app/views/devise/verify_authy.html.haml +21 -6
- data/app/views/devise/verify_authy_installation.html.erb +14 -6
- data/app/views/devise/verify_authy_installation.html.haml +12 -4
- data/config/locales/en.yml +8 -4
- data/config.ru +9 -0
- data/devise-authy.gemspec +44 -239
- data/gemfiles/.bundle/config +2 -0
- data/gemfiles/rails_5_2.gemfile +14 -0
- data/gemfiles/rails_6.gemfile +15 -0
- data/lib/devise-authy/controllers/helpers.rb +31 -12
- data/lib/devise-authy/controllers/view_helpers.rb +13 -7
- data/lib/devise-authy/mapping.rb +10 -7
- data/lib/devise-authy/models/authy_authenticatable.rb +2 -2
- data/lib/devise-authy/rails.rb +1 -1
- data/lib/devise-authy/routes.rb +3 -2
- data/lib/devise-authy/version.rb +5 -0
- data/lib/devise-authy.rb +8 -1
- data/lib/generators/active_record/devise_authy_generator.rb +11 -1
- data/lib/generators/active_record/templates/migration.rb +1 -1
- data/lib/generators/devise_authy/devise_authy_generator.rb +8 -8
- data/lib/generators/devise_authy/install_generator.rb +19 -5
- metadata +173 -205
- data/Gemfile.lock +0 -194
- data/VERSION +0 -1
- data/authy-devise-demo/.gitignore +0 -15
- data/authy-devise-demo/Gemfile +0 -40
- data/authy-devise-demo/Gemfile.lock +0 -141
- data/authy-devise-demo/README.md +0 -64
- data/authy-devise-demo/Rakefile +0 -7
- data/authy-devise-demo/app/assets/images/rails.png +0 -0
- data/authy-devise-demo/app/assets/javascripts/application.js +0 -15
- data/authy-devise-demo/app/assets/javascripts/devise_authy.js +0 -12
- data/authy-devise-demo/app/assets/javascripts/welcome.js.coffee +0 -3
- data/authy-devise-demo/app/assets/stylesheets/application.css +0 -13
- data/authy-devise-demo/app/assets/stylesheets/devise_authy.css +0 -26
- data/authy-devise-demo/app/assets/stylesheets/welcome.css.scss +0 -3
- data/authy-devise-demo/app/controllers/application_controller.rb +0 -3
- data/authy-devise-demo/app/controllers/welcome_controller.rb +0 -15
- data/authy-devise-demo/app/helpers/application_helper.rb +0 -2
- data/authy-devise-demo/app/helpers/welcome_helper.rb +0 -2
- data/authy-devise-demo/app/mailers/.gitkeep +0 -0
- data/authy-devise-demo/app/models/.gitkeep +0 -0
- data/authy-devise-demo/app/models/admin.rb +0 -10
- data/authy-devise-demo/app/models/user.rb +0 -10
- data/authy-devise-demo/app/views/devise/devise_authy/enable_authy.html.erb +0 -7
- data/authy-devise-demo/app/views/devise/devise_authy/verify_authy.html.erb +0 -22
- data/authy-devise-demo/app/views/devise/devise_authy/verify_authy_installation.html.erb +0 -10
- data/authy-devise-demo/app/views/layouts/application.html.erb +0 -28
- data/authy-devise-demo/app/views/welcome/admin_page.html.erb +0 -12
- data/authy-devise-demo/app/views/welcome/index.html.erb +0 -5
- data/authy-devise-demo/app/views/welcome/user_page.html.erb +0 -5
- data/authy-devise-demo/config/application.rb +0 -62
- data/authy-devise-demo/config/boot.rb +0 -6
- data/authy-devise-demo/config/database.yml +0 -25
- data/authy-devise-demo/config/environment.rb +0 -5
- data/authy-devise-demo/config/environments/development.rb +0 -39
- data/authy-devise-demo/config/environments/production.rb +0 -67
- data/authy-devise-demo/config/environments/test.rb +0 -37
- data/authy-devise-demo/config/initializers/authy.rb +0 -1
- data/authy-devise-demo/config/initializers/backtrace_silencers.rb +0 -7
- data/authy-devise-demo/config/initializers/devise.rb +0 -237
- data/authy-devise-demo/config/initializers/inflections.rb +0 -15
- data/authy-devise-demo/config/initializers/mime_types.rb +0 -5
- data/authy-devise-demo/config/initializers/secret_token.rb +0 -7
- data/authy-devise-demo/config/initializers/session_store.rb +0 -8
- data/authy-devise-demo/config/initializers/wrap_parameters.rb +0 -14
- data/authy-devise-demo/config/locales/devise.authy.en.yml +0 -24
- data/authy-devise-demo/config/locales/devise.en.yml +0 -58
- data/authy-devise-demo/config/locales/en.yml +0 -5
- data/authy-devise-demo/config/routes.rb +0 -65
- data/authy-devise-demo/config.ru +0 -4
- data/authy-devise-demo/db/migrate/20130409234357_devise_create_users.rb +0 -46
- data/authy-devise-demo/db/migrate/20141202000744_devise_create_admins.rb +0 -46
- data/authy-devise-demo/db/migrate/20141202004246_devise_authy_add_to_admins.rb +0 -21
- data/authy-devise-demo/db/schema.rb +0 -62
- data/authy-devise-demo/db/seeds.rb +0 -7
- data/authy-devise-demo/lib/assets/.gitkeep +0 -0
- data/authy-devise-demo/lib/tasks/.gitkeep +0 -0
- data/authy-devise-demo/log/.gitkeep +0 -0
- data/authy-devise-demo/public/404.html +0 -26
- data/authy-devise-demo/public/422.html +0 -26
- data/authy-devise-demo/public/500.html +0 -25
- data/authy-devise-demo/public/favicon.ico +0 -0
- data/authy-devise-demo/public/robots.txt +0 -5
- data/authy-devise-demo/script/rails +0 -6
- data/authy-devise-demo/test/fixtures/.gitkeep +0 -0
- data/authy-devise-demo/test/fixtures/users.yml +0 -11
- data/authy-devise-demo/test/functional/.gitkeep +0 -0
- data/authy-devise-demo/test/functional/welcome_controller_test.rb +0 -9
- data/authy-devise-demo/test/integration/.gitkeep +0 -0
- data/authy-devise-demo/test/performance/browsing_test.rb +0 -12
- data/authy-devise-demo/test/test_helper.rb +0 -13
- data/authy-devise-demo/test/unit/.gitkeep +0 -0
- data/authy-devise-demo/test/unit/helpers/welcome_helper_test.rb +0 -4
- data/authy-devise-demo/test/unit/user_test.rb +0 -7
- data/authy-devise-demo/vendor/assets/javascripts/.gitkeep +0 -0
- data/authy-devise-demo/vendor/assets/stylesheets/.gitkeep +0 -0
- data/authy-devise-demo/vendor/plugins/.gitkeep +0 -0
- data/spec/controllers/devise_authy_controller_spec.rb +0 -271
- data/spec/controllers/passwords_controller_spec.rb +0 -48
- data/spec/features/authy_authenticatable_spec.rb +0 -90
- data/spec/features/authy_lockable_spec.rb +0 -70
- data/spec/generators_spec.rb +0 -30
- data/spec/models/authy_authenticatable_spec.rb +0 -17
- data/spec/models/authy_lockable_spec.rb +0 -81
- data/spec/orm/active_record.rb +0 -4
- data/spec/rails-app/Gemfile +0 -9
- data/spec/rails-app/Gemfile.lock +0 -115
- data/spec/rails-app/Rakefile +0 -7
- data/spec/rails-app/app/assets/images/rails.png +0 -0
- data/spec/rails-app/app/assets/javascripts/application.js +0 -15
- data/spec/rails-app/app/assets/javascripts/devise_authy.js +0 -12
- data/spec/rails-app/app/assets/javascripts/welcome.js +0 -2
- data/spec/rails-app/app/assets/stylesheets/application.css +0 -13
- data/spec/rails-app/app/assets/stylesheets/devise_authy.css +0 -26
- data/spec/rails-app/app/assets/stylesheets/welcome.css.scss +0 -3
- data/spec/rails-app/app/controllers/application_controller.rb +0 -3
- data/spec/rails-app/app/controllers/welcome_controller.rb +0 -13
- data/spec/rails-app/app/helpers/application_helper.rb +0 -2
- data/spec/rails-app/app/helpers/welcome_helper.rb +0 -2
- data/spec/rails-app/app/mailers/.gitkeep +0 -0
- data/spec/rails-app/app/models/.gitkeep +0 -0
- data/spec/rails-app/app/models/lockable_user.rb +0 -7
- data/spec/rails-app/app/models/user.rb +0 -11
- data/spec/rails-app/app/views/devise/devise_authy/enable_authy.html.erb +0 -7
- data/spec/rails-app/app/views/devise/devise_authy/verify_authy.html.erb +0 -21
- data/spec/rails-app/app/views/devise/devise_authy/verify_authy_installation.html.erb +0 -10
- data/spec/rails-app/app/views/layouts/application.html.erb +0 -28
- data/spec/rails-app/app/views/welcome/index.html.erb +0 -5
- data/spec/rails-app/config/application.rb +0 -49
- data/spec/rails-app/config/boot.rb +0 -6
- data/spec/rails-app/config/database.yml +0 -25
- data/spec/rails-app/config/environment.rb +0 -5
- data/spec/rails-app/config/environments/development.rb +0 -39
- data/spec/rails-app/config/environments/production.rb +0 -67
- data/spec/rails-app/config/environments/test.rb +0 -39
- data/spec/rails-app/config/initializers/authy.rb +0 -2
- data/spec/rails-app/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails-app/config/initializers/devise.rb +0 -245
- data/spec/rails-app/config/initializers/inflections.rb +0 -15
- data/spec/rails-app/config/initializers/mime_types.rb +0 -5
- data/spec/rails-app/config/initializers/secret_token.rb +0 -7
- data/spec/rails-app/config/initializers/session_store.rb +0 -8
- data/spec/rails-app/config/initializers/wrap_parameters.rb +0 -14
- data/spec/rails-app/config/locales/devise.authy.en.yml +0 -24
- data/spec/rails-app/config/locales/devise.en.yml +0 -59
- data/spec/rails-app/config/locales/en.yml +0 -5
- data/spec/rails-app/config/routes.rb +0 -8
- data/spec/rails-app/config.ru +0 -4
- data/spec/rails-app/db/development.sqlite3 +0 -0
- data/spec/rails-app/db/migrate/20130419164907_devise_create_users.rb +0 -46
- data/spec/rails-app/db/migrate/20130419164936_devise_authy_add_to_users.rb +0 -18
- data/spec/rails-app/db/schema.rb +0 -41
- data/spec/rails-app/db/seeds.rb +0 -7
- data/spec/rails-app/lib/assets/.gitkeep +0 -0
- data/spec/rails-app/lib/tasks/.gitkeep +0 -0
- data/spec/rails-app/public/404.html +0 -26
- data/spec/rails-app/public/422.html +0 -26
- data/spec/rails-app/public/500.html +0 -25
- data/spec/rails-app/public/favicon.ico +0 -0
- data/spec/rails-app/public/robots.txt +0 -5
- data/spec/rails-app/script/rails +0 -6
- data/spec/routing/routes_spec.rb +0 -31
- data/spec/spec_helper.rb +0 -29
- data/spec/support/helpers.rb +0 -78
checksums.yaml
CHANGED
@@ -1,15 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
|
5
|
-
data.tar.gz: !binary |-
|
6
|
-
ODNmNmI0Yjc1ZjgzNTRjYmM3MDE2MDNkNmZiNTFhMTg0ZjFhYTI3ZQ==
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 259b34a666d62e180d4ae64b3e2100c0bd21f9ee4c8b9346064551b3178cfb54
|
4
|
+
data.tar.gz: f83cb9da5873b5e811cba37b2150cbce44ce725d28244d8258f40f68983518ed
|
7
5
|
SHA512:
|
8
|
-
metadata.gz:
|
9
|
-
|
10
|
-
Y2M4ZTYxZDZhOWM1MmE2NTM0ZmYwMTcwNGUzYjhmOTI3ZWE1MDZkZmUwODRl
|
11
|
-
Y2MxNWQ3ZGM0MDBkZWYwNDNhYzA5NmVhODk1MzlhODdlMzBjNWE=
|
12
|
-
data.tar.gz: !binary |-
|
13
|
-
OTg1MWYxMTMyYTI0YmZkYjJkNjU0NWY2YmZmMTJmNjFmZmUwYTlmOGZhZmYy
|
14
|
-
NDBjNmI2ZDI4MzIwNWIyMTA1ODU0NmQyYmQ2NGE0MDc5ZDg5ZDFjOWZiOTk2
|
15
|
-
ZDdiZGYxN2RiODJhMGJjMmUxMTc2OTc2M2UyOWI2NDhiZTNlMmE=
|
6
|
+
metadata.gz: 869414ee49e8c36570335144e2bf02781811301c2c6fed0142dd27bbf028f5e08b8c16832afe515ed9703eee99f5e664b00b5598e1c6a26db0b63b3451e81b46
|
7
|
+
data.tar.gz: d066492cbf36871ec392a940f7927be61c7fee1c0b4a7db2b2279c608c2dcbbd3c054ea70d9543586542dc3f256b06eb9221431c1a812ad27c285fe17d1411ee
|
@@ -0,0 +1,32 @@
|
|
1
|
+
name: build
|
2
|
+
|
3
|
+
on: [push, pull_request]
|
4
|
+
|
5
|
+
jobs:
|
6
|
+
test:
|
7
|
+
runs-on: ubuntu-latest
|
8
|
+
strategy:
|
9
|
+
fail-fast: false
|
10
|
+
matrix:
|
11
|
+
ruby: [2.5, 2.6, 2.7, "3.0", 3.1, head]
|
12
|
+
gemfile: [rails_5_2, rails_6]
|
13
|
+
exclude:
|
14
|
+
- ruby: "3.0"
|
15
|
+
gemfile: rails_5_2
|
16
|
+
- ruby: 3.1
|
17
|
+
gemfile: rails_5_2
|
18
|
+
- ruby: head
|
19
|
+
gemfile: rails_5_2
|
20
|
+
continue-on-error: ${{ endsWith(matrix.ruby, 'head') }}
|
21
|
+
env:
|
22
|
+
BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
|
23
|
+
steps:
|
24
|
+
- uses: actions/checkout@v2
|
25
|
+
- name: Set up Ruby ${{ matrix.ruby }}
|
26
|
+
uses: ruby/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
ruby-version: ${{ matrix.ruby }}
|
29
|
+
- name: Install dependencies
|
30
|
+
run: bundle install
|
31
|
+
- name: Run tests
|
32
|
+
run: bundle exec rspec
|
data/.gitignore
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
*.gem
|
2
|
+
*.rbc
|
3
|
+
/.config
|
4
|
+
/coverage/
|
5
|
+
/InstalledFiles
|
6
|
+
/pkg/
|
7
|
+
/spec/reports/
|
8
|
+
/spec/examples.txt
|
9
|
+
/test/tmp/
|
10
|
+
/test/version_tmp/
|
11
|
+
/tmp/
|
12
|
+
|
13
|
+
## Specific to RubyMotion:
|
14
|
+
.dat*
|
15
|
+
.repl_history
|
16
|
+
build/
|
17
|
+
|
18
|
+
## Documentation cache and generated files:
|
19
|
+
/.yardoc/
|
20
|
+
/_yardoc/
|
21
|
+
/doc/
|
22
|
+
/rdoc/
|
23
|
+
|
24
|
+
## Environment normalization:
|
25
|
+
/.bundle/
|
26
|
+
/vendor/bundle
|
27
|
+
/lib/bundler/man/
|
28
|
+
|
29
|
+
# for a library or gem, you might want to ignore these files since the code is
|
30
|
+
# intended to run in multiple environments; otherwise, check them in:
|
31
|
+
Gemfile.lock
|
32
|
+
.ruby-version
|
33
|
+
.ruby-gemset
|
34
|
+
gemfiles/*.lock
|
35
|
+
|
36
|
+
# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
|
37
|
+
.rvmrc
|
38
|
+
|
39
|
+
**/*.sqlite
|
40
|
+
**/*.log
|
41
|
+
|
42
|
+
initializers/authy.rb
|
43
|
+
.byebug_history
|
44
|
+
|
45
|
+
.rspec_status
|
data/.rspec
CHANGED
data/Appraisals
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
appraise "rails-5-2" do
|
2
|
+
gem "rails", "~> 5.2.0"
|
3
|
+
gem "sqlite3", "~> 1.3.13"
|
4
|
+
|
5
|
+
group :development, :test do
|
6
|
+
gem 'factory_girl_rails', :require => false
|
7
|
+
gem 'rspec-rails', "~>4.0.0.beta3", :require => false
|
8
|
+
gem 'database_cleaner', :require => false
|
9
|
+
end
|
10
|
+
end if RUBY_VERSION.to_f < 3.0
|
11
|
+
|
12
|
+
appraise "rails-6" do
|
13
|
+
gem "rails", "~> 6.0.0"
|
14
|
+
gem "sqlite3", "~> 1.4"
|
15
|
+
gem "net-smtp"
|
16
|
+
|
17
|
+
group :development, :test do
|
18
|
+
gem 'factory_girl_rails', :require => false
|
19
|
+
gem 'rspec-rails', "~>4.0.0.beta3", :require => false
|
20
|
+
gem 'database_cleaner', :require => false
|
21
|
+
end
|
22
|
+
end if RUBY_VERSION.to_f >= 2.5
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,152 @@
|
|
1
|
+
# Changelog
|
2
|
+
|
3
|
+
All notable changes to this project will be documented in this file.
|
4
|
+
|
5
|
+
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
6
|
+
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
7
|
+
|
8
|
+
## [2.3.1] - 2022-05-30 Final release
|
9
|
+
|
10
|
+
### Changed
|
11
|
+
|
12
|
+
- Added deprecation notices to README and Gemspec
|
13
|
+
|
14
|
+
## [2.3.0] - 2021-01-07
|
15
|
+
|
16
|
+
### Fixed
|
17
|
+
|
18
|
+
- Fixes calls to `I18n.t` with keyword arguments to support Ruby 3.0
|
19
|
+
- Replaces Travis CI with GitHub Actions
|
20
|
+
- Updates webmock development dependency
|
21
|
+
- Removes sdoc from Gemfile
|
22
|
+
|
23
|
+
## [2.2.1] - 2020-10-13
|
24
|
+
|
25
|
+
### Fixed
|
26
|
+
|
27
|
+
- If the app offers a QR code scan and user fails to verify authy installation, the QR code wasn't shown again. Fixed in (#149)
|
28
|
+
|
29
|
+
## [2.2.0] - 2020-06-04
|
30
|
+
|
31
|
+
### Fixed
|
32
|
+
|
33
|
+
- Don't delete user in Authy if another user has the same authy_id (#144)
|
34
|
+
|
35
|
+
## [2.1.0] - 2020-05-05
|
36
|
+
|
37
|
+
### Added
|
38
|
+
|
39
|
+
- Support for generic authenticator tokens (#141)
|
40
|
+
|
41
|
+
### Fixed
|
42
|
+
|
43
|
+
- Can remember device when enabling 2FA for the first time (#139)
|
44
|
+
|
45
|
+
## [2.0.0] - 2020-04-28
|
46
|
+
|
47
|
+
Releasing this as version 2 because there is a significant change in dependencies. Minimum version of Rails is now 5 and of Devise is now 4. Otherwise the gem should work as before.
|
48
|
+
|
49
|
+
### Added
|
50
|
+
|
51
|
+
- HTTP Only flag to remember_device cookie (#116 thanks @agronv)
|
52
|
+
- Remembers device when user logs in with One Touch (#128 thanks @cplopez4)
|
53
|
+
- Autocomplete attributes for HTML form (#130)
|
54
|
+
|
55
|
+
### Changed
|
56
|
+
|
57
|
+
- Mocked API calls in test suite (#123)
|
58
|
+
- Full test suite refactor (#124)
|
59
|
+
- Increased required version for Devise and Rails (#125)
|
60
|
+
- Stopped calling `signed_in?` before it is needed (#126)
|
61
|
+
|
62
|
+
### Fixes
|
63
|
+
|
64
|
+
- Remembers user correctly when logging in with One Touch (#129)
|
65
|
+
|
66
|
+
## [1.11.1] - 2019-02-02
|
67
|
+
|
68
|
+
### Fixed
|
69
|
+
|
70
|
+
- Using the version before loading it broke everything. :facepalm:
|
71
|
+
|
72
|
+
## [1.11.0] - 2019-02-01
|
73
|
+
|
74
|
+
### Fixed
|
75
|
+
|
76
|
+
- Corrects for label in verify_authy view (#103 thanks @mstruebing)
|
77
|
+
- Corrects heading in verify_authy view (#104 thanks @mstruebing)
|
78
|
+
|
79
|
+
### Changed
|
80
|
+
|
81
|
+
- Allows you to define paths for request_sms and request_phone_call (#108 thanks @dedene)
|
82
|
+
|
83
|
+
### Added
|
84
|
+
|
85
|
+
- Now sets a distinct user agent through the Authy gem (#110)
|
86
|
+
|
87
|
+
## [1.10.0] - 2018-09-26
|
88
|
+
|
89
|
+
### Changed
|
90
|
+
|
91
|
+
- Moves OneTouch approval request copy to locale file.
|
92
|
+
|
93
|
+
### Removed
|
94
|
+
|
95
|
+
- Demo app now lives in its own repo
|
96
|
+
|
97
|
+
## [1.9.0] - 2018-09-04
|
98
|
+
|
99
|
+
### Fixed
|
100
|
+
|
101
|
+
- Generated migration now includes version number for Rails 5
|
102
|
+
|
103
|
+
### Changed
|
104
|
+
|
105
|
+
- Removes Jeweler in favour of administering the gemspec by hand
|
106
|
+
- Removes demo app files from gem package
|
107
|
+
|
108
|
+
## [1.8.3] - 2018-07-05
|
109
|
+
|
110
|
+
### Fixed
|
111
|
+
|
112
|
+
- Fixes Ruby interpolation in HAML for onetouch (thanks @muan)
|
113
|
+
- Records Authy authentication after install verification (thanks @nukturnal)
|
114
|
+
- Forgets remember device cookie when disabling Authy (thanks @senekis)
|
115
|
+
|
116
|
+
### Changed
|
117
|
+
|
118
|
+
- Updated testing Rubies in CI
|
119
|
+
|
120
|
+
## Older releases
|
121
|
+
|
122
|
+
**_The following releases happened before the changelog was started. Some history will be added for clarity._**
|
123
|
+
|
124
|
+
## [1.8.2] - 2017-12-22
|
125
|
+
|
126
|
+
## [1.8.1] - 2016-12-06
|
127
|
+
|
128
|
+
## [1.8.0] - 2016-10-25
|
129
|
+
|
130
|
+
## [1.7.0] - 2015-12-22
|
131
|
+
|
132
|
+
## [1.6.0] - 2015-01-07
|
133
|
+
|
134
|
+
## [1.5.3] - 2014-06-11
|
135
|
+
|
136
|
+
## [1.5.2] - 2014-06-11
|
137
|
+
|
138
|
+
## [1.5.1] - 2014-04-24
|
139
|
+
|
140
|
+
## [1.5.0] - 2014-01-07
|
141
|
+
|
142
|
+
## [1.4.0] - 2013-12-17
|
143
|
+
|
144
|
+
## [1.3.0] - 2013-11-16
|
145
|
+
|
146
|
+
## [1.2.2] - 2013-09-04
|
147
|
+
|
148
|
+
## [1.2.1] - 2013-04-22
|
149
|
+
|
150
|
+
## [1.2.0] - 2013-04-22 [YANKED]
|
151
|
+
|
152
|
+
## [1.0.0] - 2013-04-10
|
data/Gemfile
CHANGED
@@ -1,24 +1,3 @@
|
|
1
|
-
source
|
1
|
+
source 'https://rubygems.org'
|
2
2
|
|
3
|
-
|
4
|
-
gem 'authy'
|
5
|
-
|
6
|
-
group :development do
|
7
|
-
gem "rspec"
|
8
|
-
gem "yard"
|
9
|
-
gem "rdoc"
|
10
|
-
gem "bundler"
|
11
|
-
gem "jeweler", ">= 2.0.1"
|
12
|
-
gem "simplecov"
|
13
|
-
gem "sass-rails"
|
14
|
-
gem "jquery-rails"
|
15
|
-
gem "pry"
|
16
|
-
end
|
17
|
-
|
18
|
-
group :test do
|
19
|
-
gem "rails"
|
20
|
-
gem "sqlite3"
|
21
|
-
gem 'rspec-rails'
|
22
|
-
gem 'database_cleaner'
|
23
|
-
gem 'capybara'
|
24
|
-
end
|
3
|
+
gemspec
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -1,27 +1,62 @@
|
|
1
|
-
|
1
|
+
🚨🚨🚨
|
2
2
|
|
3
|
-
This is
|
3
|
+
**This library is no longer actively maintained.** The Authy API has been replaced with the [Twilio Verify API](https://www.twilio.com/docs/verify). Twilio will support the Authy API through November 1, 2022 for SMS/Voice. After this date, we’ll start to deprecate the service for SMS/Voice. Any requests sent to the API after May 1, 2023, will automatically receive an error. Push and TOTP will continue to be supported through July 2023.
|
4
4
|
|
5
|
+
[Learn more about migrating from Authy to Verify.](https://www.twilio.com/blog/migrate-authy-to-verify)
|
6
|
+
|
7
|
+
Please visit the Twilio Docs for:
|
8
|
+
* [Verify + Ruby (Rails) quickstart](https://www.twilio.com/docs/verify/quickstarts/ruby-rails)
|
9
|
+
* [Twilio Ruby helper library](https://www.twilio.com/docs/libraries/ruby)
|
10
|
+
* [Verify API reference](https://www.twilio.com/docs/verify/api)
|
11
|
+
* **Coming soon**: Look out for a new Devise plugin to use Twilio Verify with Devise
|
12
|
+
|
13
|
+
Please direct any questions to [Twilio Support](https://support.twilio.com/hc/en-us). Thank you!
|
14
|
+
|
15
|
+
🚨🚨🚨
|
16
|
+
|
17
|
+
---
|
18
|
+
|
19
|
+
# Authy Devise [![Build Status](https://github.com/twilio/authy-devise/workflows/build/badge.svg)](https://github.com/twilio/authy-devise/actions)
|
20
|
+
|
21
|
+
This is a [Devise](https://github.com/plataformatec/devise) extension to add [Two-Factor Authentication with Authy](https://www.twilio.com/docs/authy) to your Rails application.
|
22
|
+
|
23
|
+
* [Pre-requisites](#pre-requisites)
|
24
|
+
* [Demo](#demo)
|
25
|
+
* [Getting started](#getting-started)
|
26
|
+
* [Configuring Models](#configuring-models)
|
27
|
+
* [With the generator](#with-the-generator)
|
28
|
+
* [Manually](#manually)
|
29
|
+
* [Final steps](#final-steps)
|
30
|
+
* [Custom Views](#custom-views)
|
31
|
+
* [Request a phone call](#request-a-phone-call)
|
32
|
+
* [Custom Redirect Paths (eg. using modules)](#custom-redirect-paths-eg-using-modules)
|
33
|
+
* [I18n](#i18n)
|
34
|
+
* [Session variables](#session-variables)
|
35
|
+
* [OneTouch support](#onetouch-support)
|
36
|
+
* [Generic authenticator token support](#generic-authenticator-token-support)
|
37
|
+
* [Rails 5 CSRF protection](#rails-5-csrf-protection)
|
38
|
+
* [Running Tests](#running-tests)
|
39
|
+
* [Notice: Twilio Authy API’s Sandbox feature will stop working on Sep 30, 2021](#notice-twilio-authy-apis-sandbox-feature-will-stop-working-on-sep-30-2021)
|
40
|
+
* [Copyright](#copyright)
|
5
41
|
|
6
42
|
## Pre-requisites
|
7
43
|
|
8
|
-
|
44
|
+
To use the Authy API you will need a Twilio Account, [sign up for a free Twilio account here](https://www.twilio.com/try-twilio).
|
45
|
+
|
46
|
+
Create an [Authy Application in the Twilio console](https://www.twilio.com/console/authy/applications) and take note of the API key.
|
9
47
|
|
10
48
|
## Demo
|
11
49
|
|
12
|
-
See [
|
50
|
+
See [this repo for a full demo of using `authy-devise`](https://github.com/twilio/authy-devise-demo).
|
13
51
|
|
14
52
|
## Getting started
|
15
53
|
|
16
|
-
First
|
54
|
+
First get your Authy API key from [the Twilio console](https://www.twilio.com/console/authy/applications). We recommend you store your API key as an environment variable.
|
17
55
|
|
18
|
-
```
|
19
|
-
|
20
|
-
Authy.api_uri = 'https://api.authy.com/'
|
56
|
+
```bash
|
57
|
+
$ export AUTHY_API_KEY=YOUR_AUTHY_API_KEY
|
21
58
|
```
|
22
59
|
|
23
|
-
You can get the `AUTHY_API_KEY` at [https://www.authy.com/signup](https://www.authy.com/signup)
|
24
|
-
|
25
60
|
Next add the gem to your Gemfile:
|
26
61
|
|
27
62
|
```ruby
|
@@ -40,40 +75,77 @@ Add `Devise Authy` to your App:
|
|
40
75
|
|
41
76
|
### Configuring Models
|
42
77
|
|
43
|
-
|
78
|
+
You can add devise_authy to your user model in two ways.
|
79
|
+
|
80
|
+
#### With the generator
|
81
|
+
|
82
|
+
Run the following command:
|
83
|
+
|
84
|
+
```bash
|
85
|
+
rails g devise_authy [MODEL_NAME]
|
86
|
+
```
|
87
|
+
|
88
|
+
To support account locking (recommended), you must add `:authy_lockable` to the `devise :authy_authenticatable, ...` configuration in your model as this is not yet supported by the generator.
|
89
|
+
|
90
|
+
#### Manually
|
91
|
+
|
92
|
+
Add `:authy_authenticatable` and `:authy_lockable` to the `devise` options in your Devise user model:
|
93
|
+
|
94
|
+
```ruby
|
95
|
+
devise :authy_authenticatable, :authy_lockable, :database_authenticatable, :lockable
|
96
|
+
```
|
44
97
|
|
45
|
-
|
98
|
+
(Note, `:authy_lockable` is optional but recommended. It should be used with Devise's own `:lockable` module).
|
46
99
|
|
47
|
-
|
100
|
+
Also add a new migration. For example, if you are adding to the `User` model, use this migration:
|
48
101
|
|
49
102
|
```ruby
|
50
|
-
|
103
|
+
class DeviseAuthyAddToUsers < ActiveRecord::Migration[6.0]
|
104
|
+
def self.up
|
105
|
+
change_table :users do |t|
|
106
|
+
t.string :authy_id
|
107
|
+
t.datetime :last_sign_in_with_authy
|
108
|
+
t.boolean :authy_enabled, :default => false
|
109
|
+
end
|
110
|
+
|
111
|
+
add_index :users, :authy_id
|
112
|
+
end
|
113
|
+
|
114
|
+
def self.down
|
115
|
+
change_table :users do |t|
|
116
|
+
t.remove :authy_id, :last_sign_in_with_authy, :authy_enabled
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
120
|
+
```
|
121
|
+
|
122
|
+
#### Final steps
|
123
|
+
|
124
|
+
For either method above, run the migrations:
|
125
|
+
|
126
|
+
```bash
|
127
|
+
rake db:migrate
|
51
128
|
```
|
52
129
|
|
53
|
-
|
130
|
+
**[Optional]** Update the default routes to point to something like:
|
54
131
|
|
55
132
|
```ruby
|
56
133
|
devise_for :users, :path_names => {
|
57
134
|
:verify_authy => "/verify-token",
|
58
135
|
:enable_authy => "/enable-two-factor",
|
59
|
-
:verify_authy_installation => "/verify-installation"
|
136
|
+
:verify_authy_installation => "/verify-installation",
|
137
|
+
:authy_onetouch_status => "/onetouch-status"
|
60
138
|
}
|
61
139
|
```
|
62
140
|
|
63
|
-
|
64
|
-
|
65
|
-
rake db:migrate
|
66
|
-
|
67
|
-
Now whenever a user wants to enable two-factor authentication they can go
|
68
|
-
to:
|
141
|
+
Now whenever a user wants to enable two-factor authentication they can go to:
|
69
142
|
|
70
143
|
http://your-app/users/enable-two-factor
|
71
144
|
|
72
|
-
And when the user
|
145
|
+
And when the user logs in they will be redirected to:
|
73
146
|
|
74
147
|
http://your-app/users/verify-token
|
75
148
|
|
76
|
-
|
77
149
|
## Custom Views
|
78
150
|
|
79
151
|
If you want to customise your views, you can modify the files that are located at:
|
@@ -82,6 +154,11 @@ If you want to customise your views, you can modify the files that are located a
|
|
82
154
|
app/views/devise/devise_authy/verify_authy.html.erb
|
83
155
|
app/views/devise/devise_authy/verify_authy_installation.html.erb
|
84
156
|
|
157
|
+
### Request a phone call
|
158
|
+
|
159
|
+
The default views come with a button to force a request for an SMS message. You can also add a button that will request a phone call instead. Simply add the helper method to your view:
|
160
|
+
|
161
|
+
<%= authy_request_phone_call_link %>
|
85
162
|
|
86
163
|
## Custom Redirect Paths (eg. using modules)
|
87
164
|
|
@@ -115,10 +192,9 @@ And tell the router to use this controller
|
|
115
192
|
devise_for :users, controllers: {devise_authy: 'my_custom_module/devise_authy'}
|
116
193
|
```
|
117
194
|
|
118
|
-
|
119
195
|
## I18n
|
120
196
|
|
121
|
-
The install generator also
|
197
|
+
The install generator also copies a `Devise Authy` i18n file which you can find at:
|
122
198
|
|
123
199
|
config/locales/devise.authy.en.yml
|
124
200
|
|
@@ -134,22 +210,57 @@ session["#{resource_name}_authy_token_checked"]
|
|
134
210
|
session["user_authy_token_checked"]
|
135
211
|
```
|
136
212
|
|
213
|
+
## OneTouch support
|
137
214
|
|
138
|
-
|
215
|
+
To enable [Authy push authentication](https://www.twilio.com/authy/features/push), you need to modify the Devise config file `config/initializers/devise.rb` and add configuration:
|
139
216
|
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
217
|
+
```
|
218
|
+
config.authy_enable_onetouch = true
|
219
|
+
```
|
220
|
+
|
221
|
+
## Generic authenticator token support
|
222
|
+
|
223
|
+
Authy supports other authenticator apps by providing a QR code that your users can scan.
|
224
|
+
|
225
|
+
> **To use this feature, you need to enable it in your [Twilio Console](https://www.twilio.com/console/authy/applications)**
|
226
|
+
|
227
|
+
Once you have enabled generic authenticator tokens, you can enable this in devise-authy by modifying the Devise config file `config/initializers/devise.rb` and adding the configuration:
|
228
|
+
|
229
|
+
```
|
230
|
+
config.authy_enable_qr_code = true
|
145
231
|
```
|
146
232
|
|
147
|
-
|
233
|
+
This will display a QR code on the verification screen (you still need to take a user's phone number and country code). If you have implemented your own views, the QR code URL is available on the verification page as `@authy_qr_code`.
|
234
|
+
|
235
|
+
## Rails 5 CSRF protection
|
236
|
+
|
237
|
+
In Rails 5 `protect_from_forgery` is no longer prepended to the `before_action` chain. If you call `authenticate_user` before `protect_from_forgery` your request will result in a "Can't verify CSRF token authenticity" error.
|
238
|
+
|
239
|
+
To remedy this, add `prepend: true` to your `protect_from_forgery` call, like in this example from the [Authy Devise demo app](https://github.com/twilio/authy-devise-demo):
|
240
|
+
|
241
|
+
```ruby
|
242
|
+
class ApplicationController < ActionController::Base
|
243
|
+
protect_from_forgery with: :exception, prepend: true
|
244
|
+
end
|
245
|
+
```
|
246
|
+
|
247
|
+
## Running Tests
|
248
|
+
|
249
|
+
Run the following command:
|
250
|
+
|
148
251
|
```bash
|
149
|
-
$ bundle exec rspec
|
252
|
+
$ bundle exec rspec
|
150
253
|
```
|
151
254
|
|
255
|
+
## Notice: Twilio Authy API’s Sandbox feature will stop working on Sep 30, 2021
|
256
|
+
Twilio is discontinuing the Authy API’s Sandbox, a feature that allows customers to run continuous integration tests against a mock Authy API for free. The Sandbox is no longer being maintained, so we will be taking the final deprecation step of shutting it down on September 30, 2021. The rest of the Authy API product will continue working as-is.
|
257
|
+
|
258
|
+
This repo previously used the sandbox API as part of the test suite, but that has been since removed.
|
259
|
+
|
260
|
+
You will only be affected if you are using the sandbox API in your own application or test suite.
|
261
|
+
|
262
|
+
For more information please read this article on [how we are discontinuing the Twilio Authy sandbox API](https://support.authy.com/hc/en-us/articles/1260803396889-Notice-Twilio-Authy-API-s-Sandbox-feature-will-stop-working-on-Sep-30-2021).
|
263
|
+
|
152
264
|
## Copyright
|
153
265
|
|
154
|
-
Copyright (c) 2012-
|
155
|
-
further details.
|
266
|
+
Copyright (c) 2012-2021 Authy Inc. See LICENSE.txt for further details.
|
data/Rakefile
CHANGED
@@ -2,6 +2,7 @@
|
|
2
2
|
|
3
3
|
require 'rubygems'
|
4
4
|
require 'bundler'
|
5
|
+
require 'bundler/gem_tasks'
|
5
6
|
begin
|
6
7
|
Bundler.setup(:default, :development)
|
7
8
|
rescue Bundler::BundlerError => e
|
@@ -11,20 +12,6 @@ rescue Bundler::BundlerError => e
|
|
11
12
|
end
|
12
13
|
require 'rake'
|
13
14
|
|
14
|
-
require 'jeweler'
|
15
|
-
Jeweler::Tasks.new do |gem|
|
16
|
-
# gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
|
17
|
-
gem.name = "devise-authy"
|
18
|
-
gem.homepage = "https://github.com/authy/authy-devise"
|
19
|
-
gem.license = "MIT"
|
20
|
-
gem.summary = %Q{Authy plugin for Devise}
|
21
|
-
gem.description = %Q{Authy plugin for Devise}
|
22
|
-
gem.email = "support@authy.com"
|
23
|
-
gem.authors = ["Authy Inc."]
|
24
|
-
# dependencies defined in Gemfile
|
25
|
-
end
|
26
|
-
Jeweler::RubygemsDotOrgTasks.new
|
27
|
-
|
28
15
|
require 'rspec/core'
|
29
16
|
require 'rspec/core/rake_task'
|
30
17
|
RSpec::Core::RakeTask.new(:spec) do |spec|
|