devise-authy 1.7.0 → 2.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -13
- data/.github/workflows/build.yml +32 -0
- data/.gitignore +45 -0
- data/.rspec +1 -0
- data/Appraisals +22 -0
- data/CHANGELOG.md +152 -0
- data/Gemfile +2 -23
- data/LICENSE.txt +1 -1
- data/README.md +147 -36
- data/Rakefile +1 -14
- data/app/controllers/devise/devise_authy_controller.rb +90 -30
- data/app/controllers/devise_authy/passwords_controller.rb +18 -0
- data/app/views/devise/enable_authy.html.erb +2 -2
- data/app/views/devise/enable_authy.html.haml +2 -2
- data/app/views/devise/verify_authy.html.erb +23 -6
- data/app/views/devise/verify_authy.html.haml +21 -6
- data/app/views/devise/verify_authy_installation.html.erb +14 -6
- data/app/views/devise/verify_authy_installation.html.haml +12 -4
- data/config/locales/en.yml +8 -4
- data/config.ru +9 -0
- data/devise-authy.gemspec +44 -239
- data/gemfiles/.bundle/config +2 -0
- data/gemfiles/rails_5_2.gemfile +14 -0
- data/gemfiles/rails_6.gemfile +15 -0
- data/lib/devise-authy/controllers/helpers.rb +31 -12
- data/lib/devise-authy/controllers/view_helpers.rb +13 -7
- data/lib/devise-authy/mapping.rb +10 -7
- data/lib/devise-authy/models/authy_authenticatable.rb +2 -2
- data/lib/devise-authy/rails.rb +1 -1
- data/lib/devise-authy/routes.rb +3 -2
- data/lib/devise-authy/version.rb +5 -0
- data/lib/devise-authy.rb +8 -1
- data/lib/generators/active_record/devise_authy_generator.rb +11 -1
- data/lib/generators/active_record/templates/migration.rb +1 -1
- data/lib/generators/devise_authy/devise_authy_generator.rb +8 -8
- data/lib/generators/devise_authy/install_generator.rb +19 -5
- metadata +173 -205
- data/Gemfile.lock +0 -194
- data/VERSION +0 -1
- data/authy-devise-demo/.gitignore +0 -15
- data/authy-devise-demo/Gemfile +0 -40
- data/authy-devise-demo/Gemfile.lock +0 -141
- data/authy-devise-demo/README.md +0 -64
- data/authy-devise-demo/Rakefile +0 -7
- data/authy-devise-demo/app/assets/images/rails.png +0 -0
- data/authy-devise-demo/app/assets/javascripts/application.js +0 -15
- data/authy-devise-demo/app/assets/javascripts/devise_authy.js +0 -12
- data/authy-devise-demo/app/assets/javascripts/welcome.js.coffee +0 -3
- data/authy-devise-demo/app/assets/stylesheets/application.css +0 -13
- data/authy-devise-demo/app/assets/stylesheets/devise_authy.css +0 -26
- data/authy-devise-demo/app/assets/stylesheets/welcome.css.scss +0 -3
- data/authy-devise-demo/app/controllers/application_controller.rb +0 -3
- data/authy-devise-demo/app/controllers/welcome_controller.rb +0 -15
- data/authy-devise-demo/app/helpers/application_helper.rb +0 -2
- data/authy-devise-demo/app/helpers/welcome_helper.rb +0 -2
- data/authy-devise-demo/app/mailers/.gitkeep +0 -0
- data/authy-devise-demo/app/models/.gitkeep +0 -0
- data/authy-devise-demo/app/models/admin.rb +0 -10
- data/authy-devise-demo/app/models/user.rb +0 -10
- data/authy-devise-demo/app/views/devise/devise_authy/enable_authy.html.erb +0 -7
- data/authy-devise-demo/app/views/devise/devise_authy/verify_authy.html.erb +0 -22
- data/authy-devise-demo/app/views/devise/devise_authy/verify_authy_installation.html.erb +0 -10
- data/authy-devise-demo/app/views/layouts/application.html.erb +0 -28
- data/authy-devise-demo/app/views/welcome/admin_page.html.erb +0 -12
- data/authy-devise-demo/app/views/welcome/index.html.erb +0 -5
- data/authy-devise-demo/app/views/welcome/user_page.html.erb +0 -5
- data/authy-devise-demo/config/application.rb +0 -62
- data/authy-devise-demo/config/boot.rb +0 -6
- data/authy-devise-demo/config/database.yml +0 -25
- data/authy-devise-demo/config/environment.rb +0 -5
- data/authy-devise-demo/config/environments/development.rb +0 -39
- data/authy-devise-demo/config/environments/production.rb +0 -67
- data/authy-devise-demo/config/environments/test.rb +0 -37
- data/authy-devise-demo/config/initializers/authy.rb +0 -1
- data/authy-devise-demo/config/initializers/backtrace_silencers.rb +0 -7
- data/authy-devise-demo/config/initializers/devise.rb +0 -237
- data/authy-devise-demo/config/initializers/inflections.rb +0 -15
- data/authy-devise-demo/config/initializers/mime_types.rb +0 -5
- data/authy-devise-demo/config/initializers/secret_token.rb +0 -7
- data/authy-devise-demo/config/initializers/session_store.rb +0 -8
- data/authy-devise-demo/config/initializers/wrap_parameters.rb +0 -14
- data/authy-devise-demo/config/locales/devise.authy.en.yml +0 -24
- data/authy-devise-demo/config/locales/devise.en.yml +0 -58
- data/authy-devise-demo/config/locales/en.yml +0 -5
- data/authy-devise-demo/config/routes.rb +0 -65
- data/authy-devise-demo/config.ru +0 -4
- data/authy-devise-demo/db/migrate/20130409234357_devise_create_users.rb +0 -46
- data/authy-devise-demo/db/migrate/20141202000744_devise_create_admins.rb +0 -46
- data/authy-devise-demo/db/migrate/20141202004246_devise_authy_add_to_admins.rb +0 -21
- data/authy-devise-demo/db/schema.rb +0 -62
- data/authy-devise-demo/db/seeds.rb +0 -7
- data/authy-devise-demo/lib/assets/.gitkeep +0 -0
- data/authy-devise-demo/lib/tasks/.gitkeep +0 -0
- data/authy-devise-demo/log/.gitkeep +0 -0
- data/authy-devise-demo/public/404.html +0 -26
- data/authy-devise-demo/public/422.html +0 -26
- data/authy-devise-demo/public/500.html +0 -25
- data/authy-devise-demo/public/favicon.ico +0 -0
- data/authy-devise-demo/public/robots.txt +0 -5
- data/authy-devise-demo/script/rails +0 -6
- data/authy-devise-demo/test/fixtures/.gitkeep +0 -0
- data/authy-devise-demo/test/fixtures/users.yml +0 -11
- data/authy-devise-demo/test/functional/.gitkeep +0 -0
- data/authy-devise-demo/test/functional/welcome_controller_test.rb +0 -9
- data/authy-devise-demo/test/integration/.gitkeep +0 -0
- data/authy-devise-demo/test/performance/browsing_test.rb +0 -12
- data/authy-devise-demo/test/test_helper.rb +0 -13
- data/authy-devise-demo/test/unit/.gitkeep +0 -0
- data/authy-devise-demo/test/unit/helpers/welcome_helper_test.rb +0 -4
- data/authy-devise-demo/test/unit/user_test.rb +0 -7
- data/authy-devise-demo/vendor/assets/javascripts/.gitkeep +0 -0
- data/authy-devise-demo/vendor/assets/stylesheets/.gitkeep +0 -0
- data/authy-devise-demo/vendor/plugins/.gitkeep +0 -0
- data/spec/controllers/devise_authy_controller_spec.rb +0 -271
- data/spec/controllers/passwords_controller_spec.rb +0 -48
- data/spec/features/authy_authenticatable_spec.rb +0 -90
- data/spec/features/authy_lockable_spec.rb +0 -70
- data/spec/generators_spec.rb +0 -30
- data/spec/models/authy_authenticatable_spec.rb +0 -17
- data/spec/models/authy_lockable_spec.rb +0 -81
- data/spec/orm/active_record.rb +0 -4
- data/spec/rails-app/Gemfile +0 -9
- data/spec/rails-app/Gemfile.lock +0 -115
- data/spec/rails-app/Rakefile +0 -7
- data/spec/rails-app/app/assets/images/rails.png +0 -0
- data/spec/rails-app/app/assets/javascripts/application.js +0 -15
- data/spec/rails-app/app/assets/javascripts/devise_authy.js +0 -12
- data/spec/rails-app/app/assets/javascripts/welcome.js +0 -2
- data/spec/rails-app/app/assets/stylesheets/application.css +0 -13
- data/spec/rails-app/app/assets/stylesheets/devise_authy.css +0 -26
- data/spec/rails-app/app/assets/stylesheets/welcome.css.scss +0 -3
- data/spec/rails-app/app/controllers/application_controller.rb +0 -3
- data/spec/rails-app/app/controllers/welcome_controller.rb +0 -13
- data/spec/rails-app/app/helpers/application_helper.rb +0 -2
- data/spec/rails-app/app/helpers/welcome_helper.rb +0 -2
- data/spec/rails-app/app/mailers/.gitkeep +0 -0
- data/spec/rails-app/app/models/.gitkeep +0 -0
- data/spec/rails-app/app/models/lockable_user.rb +0 -7
- data/spec/rails-app/app/models/user.rb +0 -11
- data/spec/rails-app/app/views/devise/devise_authy/enable_authy.html.erb +0 -7
- data/spec/rails-app/app/views/devise/devise_authy/verify_authy.html.erb +0 -21
- data/spec/rails-app/app/views/devise/devise_authy/verify_authy_installation.html.erb +0 -10
- data/spec/rails-app/app/views/layouts/application.html.erb +0 -28
- data/spec/rails-app/app/views/welcome/index.html.erb +0 -5
- data/spec/rails-app/config/application.rb +0 -49
- data/spec/rails-app/config/boot.rb +0 -6
- data/spec/rails-app/config/database.yml +0 -25
- data/spec/rails-app/config/environment.rb +0 -5
- data/spec/rails-app/config/environments/development.rb +0 -39
- data/spec/rails-app/config/environments/production.rb +0 -67
- data/spec/rails-app/config/environments/test.rb +0 -39
- data/spec/rails-app/config/initializers/authy.rb +0 -2
- data/spec/rails-app/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails-app/config/initializers/devise.rb +0 -245
- data/spec/rails-app/config/initializers/inflections.rb +0 -15
- data/spec/rails-app/config/initializers/mime_types.rb +0 -5
- data/spec/rails-app/config/initializers/secret_token.rb +0 -7
- data/spec/rails-app/config/initializers/session_store.rb +0 -8
- data/spec/rails-app/config/initializers/wrap_parameters.rb +0 -14
- data/spec/rails-app/config/locales/devise.authy.en.yml +0 -24
- data/spec/rails-app/config/locales/devise.en.yml +0 -59
- data/spec/rails-app/config/locales/en.yml +0 -5
- data/spec/rails-app/config/routes.rb +0 -8
- data/spec/rails-app/config.ru +0 -4
- data/spec/rails-app/db/development.sqlite3 +0 -0
- data/spec/rails-app/db/migrate/20130419164907_devise_create_users.rb +0 -46
- data/spec/rails-app/db/migrate/20130419164936_devise_authy_add_to_users.rb +0 -18
- data/spec/rails-app/db/schema.rb +0 -41
- data/spec/rails-app/db/seeds.rb +0 -7
- data/spec/rails-app/lib/assets/.gitkeep +0 -0
- data/spec/rails-app/lib/tasks/.gitkeep +0 -0
- data/spec/rails-app/public/404.html +0 -26
- data/spec/rails-app/public/422.html +0 -26
- data/spec/rails-app/public/500.html +0 -25
- data/spec/rails-app/public/favicon.ico +0 -0
- data/spec/rails-app/public/robots.txt +0 -5
- data/spec/rails-app/script/rails +0 -6
- data/spec/routing/routes_spec.rb +0 -31
- data/spec/spec_helper.rb +0 -29
- data/spec/support/helpers.rb +0 -78
@@ -1,271 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe Devise::DeviseAuthyController do
|
4
|
-
include Devise::TestHelpers
|
5
|
-
|
6
|
-
before :each do
|
7
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
8
|
-
@user = create_user(:authy_id => 2)
|
9
|
-
end
|
10
|
-
|
11
|
-
describe "GET #verify_authy" do
|
12
|
-
it "Should render the second step of authentication" do
|
13
|
-
request.session["user_id"] = @user.id
|
14
|
-
request.session["user_password_checked"] = true
|
15
|
-
get :GET_verify_authy
|
16
|
-
response.should render_template('verify_authy')
|
17
|
-
end
|
18
|
-
|
19
|
-
it "Should no render the second step of authentication if first step is incomplete" do
|
20
|
-
request.session["user_id"] = @user.id
|
21
|
-
get :GET_verify_authy
|
22
|
-
response.should redirect_to(root_url)
|
23
|
-
end
|
24
|
-
|
25
|
-
it "should redirect to root_url" do
|
26
|
-
get :GET_verify_authy
|
27
|
-
response.should redirect_to(root_url)
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
describe "POST #verify_authy" do
|
32
|
-
it "Should login the user if token is ok" do
|
33
|
-
request.session["user_id"] = @user.id
|
34
|
-
request.session["user_password_checked"] = true
|
35
|
-
|
36
|
-
post :POST_verify_authy, :token => '0000000'
|
37
|
-
@user.reload
|
38
|
-
@user.last_sign_in_with_authy.should_not be_nil
|
39
|
-
|
40
|
-
response.cookies["remember_device"].should be_nil
|
41
|
-
response.should redirect_to(root_url)
|
42
|
-
flash.now[:notice].should_not be_nil
|
43
|
-
session["user_authy_token_checked"].should be_true
|
44
|
-
end
|
45
|
-
|
46
|
-
it "Should set remember_device if selected" do
|
47
|
-
request.session["user_id"] = @user.id
|
48
|
-
request.session["user_password_checked"] = true
|
49
|
-
|
50
|
-
post :POST_verify_authy, :token => '0000000', :remember_device => '1'
|
51
|
-
@user.reload
|
52
|
-
@user.last_sign_in_with_authy.should_not be_nil
|
53
|
-
|
54
|
-
response.cookies["remember_device"].should_not be_nil
|
55
|
-
response.should redirect_to(root_url)
|
56
|
-
flash.now[:notice].should_not be_nil
|
57
|
-
end
|
58
|
-
|
59
|
-
it "Shouldn't login the user if token is invalid" do
|
60
|
-
request.session["user_id"] = @user.id
|
61
|
-
request.session["user_password_checked"] = true
|
62
|
-
|
63
|
-
post :POST_verify_authy, :token => '5678900'
|
64
|
-
response.should render_template('verify_authy')
|
65
|
-
end
|
66
|
-
|
67
|
-
context 'User is lockable' do
|
68
|
-
|
69
|
-
let(:user) { create_lockable_user authy_id: 2 }
|
70
|
-
|
71
|
-
before do
|
72
|
-
controller.stub(:find_resource).and_return user
|
73
|
-
controller.instance_variable_set :@resource, user
|
74
|
-
end
|
75
|
-
|
76
|
-
it 'locks the account when failed_attempts exceeds maximum' do
|
77
|
-
request.session['user_id'] = user.id
|
78
|
-
request.session['user_password_checked'] = true
|
79
|
-
|
80
|
-
too_many_failed_attempts.times do
|
81
|
-
post :POST_verify_authy, token: invalid_authy_token
|
82
|
-
end
|
83
|
-
|
84
|
-
user.reload
|
85
|
-
expect(user.access_locked?).to be_true
|
86
|
-
end
|
87
|
-
|
88
|
-
end
|
89
|
-
|
90
|
-
context 'User is not lockable' do
|
91
|
-
|
92
|
-
it 'does not lock the account when failed_attempts exceeds maximum' do
|
93
|
-
request.session['user_id'] = @user.id
|
94
|
-
request.session['user_password_checked'] = true
|
95
|
-
|
96
|
-
too_many_failed_attempts.times do
|
97
|
-
post :POST_verify_authy, token: invalid_authy_token
|
98
|
-
end
|
99
|
-
|
100
|
-
@user.reload
|
101
|
-
expect(@user.locked_at).to be_nil
|
102
|
-
end
|
103
|
-
|
104
|
-
end
|
105
|
-
|
106
|
-
end
|
107
|
-
|
108
|
-
describe "GET #enable_authy" do
|
109
|
-
it "Should render enable authy view" do
|
110
|
-
user2 = create_user
|
111
|
-
sign_in user2
|
112
|
-
get :GET_enable_authy
|
113
|
-
response.should render_template('enable_authy')
|
114
|
-
end
|
115
|
-
|
116
|
-
it "Shouldn't render enable authy view" do
|
117
|
-
get :GET_enable_authy
|
118
|
-
response.should redirect_to(new_user_session_url)
|
119
|
-
end
|
120
|
-
|
121
|
-
it "should redirect if user has authy enabled" do
|
122
|
-
@user.update_attribute(:authy_enabled, true)
|
123
|
-
sign_in @user
|
124
|
-
get :GET_enable_authy
|
125
|
-
response.should redirect_to(root_url)
|
126
|
-
flash.now[:notice].should == "Two factor authentication is already enabled."
|
127
|
-
end
|
128
|
-
|
129
|
-
it "Should render enable authy view if authy enabled is false" do
|
130
|
-
sign_in @user
|
131
|
-
get :GET_enable_authy
|
132
|
-
response.should render_template('enable_authy')
|
133
|
-
end
|
134
|
-
end
|
135
|
-
|
136
|
-
describe "POST #enable_authy" do
|
137
|
-
it "Should create user in authy application" do
|
138
|
-
user2 = create_user
|
139
|
-
sign_in user2
|
140
|
-
|
141
|
-
post :POST_enable_authy, :cellphone => '2222227', :country_code => '57'
|
142
|
-
user2.reload
|
143
|
-
user2.authy_id.should_not be_nil
|
144
|
-
flash.now[:notice].should == "Two factor authentication was enabled"
|
145
|
-
response.should redirect_to(user_verify_authy_installation_url)
|
146
|
-
end
|
147
|
-
|
148
|
-
it "Should not create user register user failed" do
|
149
|
-
user2 = create_user
|
150
|
-
sign_in user2
|
151
|
-
|
152
|
-
post :POST_enable_authy, :cellphone => '22222', :country_code => "57"
|
153
|
-
response.should render_template('enable_authy')
|
154
|
-
flash[:error].should == "Something went wrong while enabling two factor authentication"
|
155
|
-
end
|
156
|
-
|
157
|
-
it "Should redirect if user isn't authenticated" do
|
158
|
-
post :POST_enable_authy, :cellphone => '3010008090', :country_code => '57'
|
159
|
-
response.should redirect_to(new_user_session_url)
|
160
|
-
end
|
161
|
-
end
|
162
|
-
|
163
|
-
describe "POST #disable_authy" do
|
164
|
-
it "Should disable 2FA" do
|
165
|
-
sign_in @user
|
166
|
-
@user.update_attribute(:authy_enabled, true)
|
167
|
-
|
168
|
-
post :POST_disable_authy
|
169
|
-
@user.reload
|
170
|
-
@user.authy_id.should be_nil
|
171
|
-
@user.authy_enabled.should be_false
|
172
|
-
flash.now[:notice].should == "Two factor authentication was disabled"
|
173
|
-
response.should redirect_to(root_url)
|
174
|
-
end
|
175
|
-
|
176
|
-
it "Should not disable 2FA" do
|
177
|
-
sign_in @user
|
178
|
-
@user.update_attribute(:authy_enabled, true)
|
179
|
-
|
180
|
-
authy_response = mock('authy_response')
|
181
|
-
authy_response.stub(:ok?).and_return(false)
|
182
|
-
Authy::API.should_receive(:delete_user).with(:id => @user.authy_id.to_s).and_return(authy_response)
|
183
|
-
|
184
|
-
post :POST_disable_authy
|
185
|
-
@user.reload
|
186
|
-
@user.authy_id.should_not be_nil
|
187
|
-
@user.authy_enabled.should be_true
|
188
|
-
flash[:error].should == "Something went wrong while disabling two factor authentication"
|
189
|
-
end
|
190
|
-
|
191
|
-
it "Should redirect if user isn't authenticated" do
|
192
|
-
post :POST_disable_authy
|
193
|
-
response.should redirect_to(new_user_session_url)
|
194
|
-
end
|
195
|
-
end
|
196
|
-
|
197
|
-
describe "GET #verify_authy_installation" do
|
198
|
-
it "Should render the authy installation page" do
|
199
|
-
sign_in @user
|
200
|
-
get :GET_verify_authy_installation
|
201
|
-
response.should render_template('verify_authy_installation')
|
202
|
-
end
|
203
|
-
|
204
|
-
it "Should redirect if user isn't authenticated" do
|
205
|
-
get :GET_verify_authy_installation
|
206
|
-
response.should redirect_to(new_user_session_url)
|
207
|
-
end
|
208
|
-
end
|
209
|
-
|
210
|
-
describe "POST #verify_authy_installation" do
|
211
|
-
it "Should enable authy for user" do
|
212
|
-
sign_in @user
|
213
|
-
post :POST_verify_authy_installation, :token => "0000000"
|
214
|
-
response.should redirect_to(root_url)
|
215
|
-
flash[:notice].should == 'Two factor authentication was enabled'
|
216
|
-
|
217
|
-
@user.reload
|
218
|
-
@user.authy_enabled.should be_true
|
219
|
-
end
|
220
|
-
|
221
|
-
it "should not enable authy for user" do
|
222
|
-
sign_in @user
|
223
|
-
post :POST_verify_authy_installation, :token => "0007777"
|
224
|
-
response.should render_template('verify_authy_installation')
|
225
|
-
flash[:error].should == 'Something went wrong while enabling two factor authentication'
|
226
|
-
end
|
227
|
-
|
228
|
-
it "Should redirect if user isn't authenticated" do
|
229
|
-
get :GET_verify_authy_installation
|
230
|
-
response.should redirect_to(new_user_session_url)
|
231
|
-
end
|
232
|
-
end
|
233
|
-
|
234
|
-
describe "POST #request_sms" do
|
235
|
-
it "Should send sms if user is logged" do
|
236
|
-
sign_in @user
|
237
|
-
post :request_sms
|
238
|
-
response.content_type.should == 'application/json'
|
239
|
-
body = JSON.parse(response.body)
|
240
|
-
body['sent'].should be_true
|
241
|
-
body['message'].should == "SMS token was sent"
|
242
|
-
end
|
243
|
-
|
244
|
-
it "Shoul not send sms if user couldn't be found" do
|
245
|
-
post :request_sms
|
246
|
-
response.content_type.should == 'application/json'
|
247
|
-
body = JSON.parse(response.body)
|
248
|
-
body['sent'].should be_false
|
249
|
-
body['message'].should == "User couldn't be found."
|
250
|
-
end
|
251
|
-
end
|
252
|
-
|
253
|
-
describe "POST #request_phone_call" do
|
254
|
-
it "Should send phone call if user is logged" do
|
255
|
-
sign_in @user
|
256
|
-
post :request_phone_call
|
257
|
-
response.content_type.should == 'application/json'
|
258
|
-
body = JSON.parse(response.body)
|
259
|
-
body['sent'].should be_true
|
260
|
-
body['message'].should == "Call started..."
|
261
|
-
end
|
262
|
-
|
263
|
-
it "Shoul not send phone call if user couldn't be found" do
|
264
|
-
post :request_phone_call
|
265
|
-
response.content_type.should == 'application/json'
|
266
|
-
body = JSON.parse(response.body)
|
267
|
-
body['sent'].should be_false
|
268
|
-
body['message'].should == "User couldn't be found."
|
269
|
-
end
|
270
|
-
end
|
271
|
-
end
|
@@ -1,48 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe DeviseAuthy::PasswordsController do
|
4
|
-
include Devise::TestHelpers
|
5
|
-
|
6
|
-
before :each do
|
7
|
-
request.env["devise.mapping"] = Devise.mappings[:user]
|
8
|
-
end
|
9
|
-
|
10
|
-
context "when the user has authy enabled" do
|
11
|
-
|
12
|
-
describe "Reset password" do
|
13
|
-
it "Should redirect to verify token view" do
|
14
|
-
user = create_user(:authy_id => 1)
|
15
|
-
user.reset_password_token = User.reset_password_token
|
16
|
-
user.reset_password_sent_at = Time.now.utc
|
17
|
-
user.authy_enabled = true
|
18
|
-
user.save
|
19
|
-
|
20
|
-
put :update, :user => { :reset_password_token => user.reset_password_token, :password => "password", :password_confirmation => "password" }
|
21
|
-
|
22
|
-
user.reload
|
23
|
-
user.last_sign_in_at.should be_nil
|
24
|
-
response.should redirect_to(root_url)
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
context "when the user don't have 2FA" do
|
30
|
-
describe "Reset password" do
|
31
|
-
it "Should sign in the user" do
|
32
|
-
user = create_user
|
33
|
-
user.reset_password_token = User.reset_password_token
|
34
|
-
user.reset_password_sent_at = Time.now.utc
|
35
|
-
user.save
|
36
|
-
|
37
|
-
last_sign_in_at = user.last_sign_in_at
|
38
|
-
|
39
|
-
put :update, :user => { :reset_password_token => user.reset_password_token, :password => "password", :password_confirmation => "password" }
|
40
|
-
response.should redirect_to(root_url)
|
41
|
-
|
42
|
-
user.reload
|
43
|
-
user.last_sign_in_at.should_not be_nil
|
44
|
-
flash[:notice].should == "Your password was changed successfully. You are now signed in."
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
@@ -1,90 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe "Authy Autnenticatable", :type => :request do
|
4
|
-
describe "If user don't have two factor authentication should login with email - password" do
|
5
|
-
before :each do
|
6
|
-
@user = create_user(:email => 'foo@bar.com')
|
7
|
-
end
|
8
|
-
|
9
|
-
it "Sign in should succeed" do
|
10
|
-
fill_sign_in_form('foo@bar.com', '12345678')
|
11
|
-
current_path.should == root_path
|
12
|
-
page.should have_content('Signed in successfully.')
|
13
|
-
end
|
14
|
-
|
15
|
-
it "Sign in shouldn't success" do
|
16
|
-
fill_sign_in_form('foo@bar.com', '14567823')
|
17
|
-
current_path.should == new_user_session_path
|
18
|
-
page.should_not have_content('Signed in successfully.')
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
describe "If user have two factor authentication" do
|
23
|
-
before :each do
|
24
|
-
@user = create_user(:authy_id => 1)
|
25
|
-
@user.update_attribute(:authy_enabled, true)
|
26
|
-
end
|
27
|
-
|
28
|
-
it "Sign in should succeed" do
|
29
|
-
fill_sign_in_form(@user.email, '12345678')
|
30
|
-
current_path.should == user_verify_authy_path
|
31
|
-
page.should have_content('Please enter your Authy token')
|
32
|
-
|
33
|
-
within('#devise_authy') do
|
34
|
-
fill_in 'authy-token', :with => '0000000'
|
35
|
-
end
|
36
|
-
click_on 'Check Token'
|
37
|
-
current_path.should == root_path
|
38
|
-
page.should have_content(I18n.t('devise.devise_authy.user.signed_in'))
|
39
|
-
@user.reload
|
40
|
-
@user.last_sign_in_with_authy.should_not be_nil
|
41
|
-
end
|
42
|
-
|
43
|
-
it "Sign in shouldn't succeed" do
|
44
|
-
fill_sign_in_form(@user.email, '12345678')
|
45
|
-
current_path.should == user_verify_authy_path
|
46
|
-
page.should have_content('Please enter your Authy token')
|
47
|
-
|
48
|
-
within('#devise_authy') do
|
49
|
-
fill_in 'authy-token', :with => '324567'
|
50
|
-
end
|
51
|
-
click_on 'Check Token'
|
52
|
-
current_path.should == user_verify_authy_path
|
53
|
-
@user.reload
|
54
|
-
@user.last_sign_in_with_authy.should be_nil
|
55
|
-
end
|
56
|
-
|
57
|
-
describe "With cookie['remember_device']" do
|
58
|
-
it "Should prompt for a token" do
|
59
|
-
cookie_val = sign_cookie("remember_device", Time.now.to_i - 2.month.to_i)
|
60
|
-
page.driver.browser.set_cookie("remember_device=#{cookie_val}")
|
61
|
-
fill_sign_in_form(@user.email, '12345678')
|
62
|
-
current_path.should == user_verify_authy_path
|
63
|
-
page.should have_content('Please enter your Authy token')
|
64
|
-
end
|
65
|
-
|
66
|
-
it "Shouldn't prompt for a token" do
|
67
|
-
cookie_val = sign_cookie("remember_device", Time.now.to_i)
|
68
|
-
page.driver.browser.set_cookie("remember_device=#{cookie_val}")
|
69
|
-
fill_sign_in_form(@user.email, '12345678')
|
70
|
-
current_path.should == root_path
|
71
|
-
page.should have_content("Signed in successfully.")
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
it "With cookie['current_user_id'] and cookie['user_password_checked']" do
|
76
|
-
page.driver.browser.set_cookie("current_user_id=#{@user.id}")
|
77
|
-
page.driver.browser.set_cookie('user_password_checked=true')
|
78
|
-
|
79
|
-
visit user_verify_authy_path
|
80
|
-
current_path.should == new_user_session_path
|
81
|
-
page.should have_content('Sign in')
|
82
|
-
end
|
83
|
-
|
84
|
-
it "Click link Request sms" do
|
85
|
-
fill_sign_in_form(@user.email, '12345678')
|
86
|
-
click_link 'Request SMS'
|
87
|
-
page.should have_content("SMS token was sent")
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
@@ -1,70 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
feature 'Authy Lockable' do
|
4
|
-
|
5
|
-
context 'during verify code when Authy enabled' do
|
6
|
-
|
7
|
-
let(:user) do
|
8
|
-
u = create_lockable_user authy_id: 20, email: 'foo@bar.com'
|
9
|
-
u.update_attribute :authy_enabled, true
|
10
|
-
u
|
11
|
-
end
|
12
|
-
|
13
|
-
before :each do
|
14
|
-
fill_sign_in_form user.email, '12345678', '#new_lockable_user', new_lockable_user_session_path
|
15
|
-
end
|
16
|
-
|
17
|
-
scenario 'account locked when user enters invalid code too many times' do
|
18
|
-
Devise.maximum_attempts.times do |i|
|
19
|
-
fill_verify_token_form invalid_authy_token
|
20
|
-
assert_at lockable_user_verify_authy_path
|
21
|
-
expect(page).to have_content('Please enter your Authy token')
|
22
|
-
user.reload
|
23
|
-
assert_account_locked_for user, nil
|
24
|
-
expect(user.failed_attempts).to eq(i + 1)
|
25
|
-
end
|
26
|
-
|
27
|
-
fill_verify_token_form invalid_authy_token
|
28
|
-
user.reload
|
29
|
-
assert_at new_user_session_path
|
30
|
-
assert_account_locked_for user
|
31
|
-
visit root_path
|
32
|
-
assert_at new_user_session_path
|
33
|
-
end
|
34
|
-
|
35
|
-
end
|
36
|
-
|
37
|
-
context 'during verify Authy installation' do
|
38
|
-
|
39
|
-
let(:user) { create_lockable_user email: 'foo@bar.com' }
|
40
|
-
|
41
|
-
before do
|
42
|
-
fill_sign_in_form user.email, '12345678', '#new_lockable_user', new_lockable_user_session_path
|
43
|
-
end
|
44
|
-
|
45
|
-
scenario 'account locked when user enters invalid code too many times' do
|
46
|
-
visit lockable_user_enable_authy_path
|
47
|
-
fill_in 'authy-countries', with: '1'
|
48
|
-
fill_in 'authy-cellphone', with: '8001234567'
|
49
|
-
click_on 'Enable'
|
50
|
-
|
51
|
-
Devise.maximum_attempts.times do |i|
|
52
|
-
fill_in_verify_authy_installation_form invalid_authy_token
|
53
|
-
assert_at lockable_user_verify_authy_installation_path
|
54
|
-
expect(page).to have_content('Verify your account')
|
55
|
-
user.reload
|
56
|
-
assert_account_locked_for user, nil
|
57
|
-
expect(user.failed_attempts).to eq(i + 1)
|
58
|
-
end
|
59
|
-
|
60
|
-
fill_in_verify_authy_installation_form invalid_authy_token
|
61
|
-
user.reload
|
62
|
-
assert_at new_user_session_path
|
63
|
-
assert_account_locked_for user
|
64
|
-
visit root_path
|
65
|
-
assert_at new_user_session_path
|
66
|
-
end
|
67
|
-
|
68
|
-
end
|
69
|
-
|
70
|
-
end
|
data/spec/generators_spec.rb
DELETED
@@ -1,30 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..'))
|
4
|
-
require 'rails/generators'
|
5
|
-
require 'generators/devise_authy/devise_authy_generator'
|
6
|
-
|
7
|
-
describe "generators for devise_authy" do
|
8
|
-
RAILS_APP_PATH = File.expand_path("../rails-app", __FILE__)
|
9
|
-
|
10
|
-
def rails_command(*args)
|
11
|
-
`cd #{RAILS_APP_PATH} && BUNDLE_GEMFILE=#{RAILS_APP_PATH}/Gemfile bundle exec rails #{args.join(" ")}`
|
12
|
-
end
|
13
|
-
|
14
|
-
it "rails g should include the generators" do
|
15
|
-
@output = rails_command("g")
|
16
|
-
@output.include?('devise_authy:install').should be_true
|
17
|
-
@output.include?('active_record:devise_authy').should be_true
|
18
|
-
end
|
19
|
-
|
20
|
-
it "rails g devise_authy:install" do
|
21
|
-
@output = rails_command("g", "devise_authy:install", "-s")
|
22
|
-
@output.include?('config/initializers/devise.rb').should be_true
|
23
|
-
@output.include?('config/locales/devise.authy.en.yml').should be_true
|
24
|
-
@output.include?('app/views/devise/devise_authy/enable_authy.html.erb').should be_true
|
25
|
-
@output.include?('app/views/devise/devise_authy/verify_authy.html.erb').should be_true
|
26
|
-
@output.include?('app/views/devise/devise_authy/verify_authy_installation.html.erb').should be_true
|
27
|
-
@output.include?('app/assets/stylesheets/devise_authy.css').should be_true
|
28
|
-
@output.include?('app/assets/javascripts/devise_authy.js').should be_true
|
29
|
-
end
|
30
|
-
end
|
@@ -1,17 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe Devise::Models::AuthyAuthenticatable do
|
4
|
-
before(:each) do
|
5
|
-
@user = create_user(:authy_id => '20')
|
6
|
-
end
|
7
|
-
|
8
|
-
describe "User#find_by_authy_id" do
|
9
|
-
it "Should find the user" do
|
10
|
-
User.find_by_authy_id('20').should_not be_nil
|
11
|
-
end
|
12
|
-
|
13
|
-
it "Shouldn't find the user" do
|
14
|
-
User.find_by_authy_id('80').should be_nil
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
@@ -1,81 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe Devise::Models::AuthyLockable do
|
4
|
-
|
5
|
-
context 'model includes Devise::Models::Lockable' do
|
6
|
-
|
7
|
-
let(:user) { create_lockable_user authy_id: '20' }
|
8
|
-
|
9
|
-
context '#lockable?' do
|
10
|
-
|
11
|
-
it 'returns true if lock_strategy is :failed_attempts' do
|
12
|
-
expect(user.lockable?).to be_true
|
13
|
-
end
|
14
|
-
|
15
|
-
it 'returns false if lock_strategy is anything other than :failed attempts' do
|
16
|
-
Devise.lock_strategy = :none
|
17
|
-
expect(user.lockable?).to be_false
|
18
|
-
Devise.lock_strategy = :failed_attempts
|
19
|
-
end
|
20
|
-
|
21
|
-
end
|
22
|
-
|
23
|
-
context '#invalid_authy_attempt!' do
|
24
|
-
|
25
|
-
it 'resets failed_attempts to 0 if nil' do
|
26
|
-
user.update_attribute :failed_attempts, nil
|
27
|
-
user.invalid_authy_attempt!
|
28
|
-
expect(user.failed_attempts).to eq(1)
|
29
|
-
end
|
30
|
-
|
31
|
-
it 'updates failed_attempts' do
|
32
|
-
10.times { user.invalid_authy_attempt! }
|
33
|
-
expect(user.failed_attempts).to eq(10)
|
34
|
-
end
|
35
|
-
|
36
|
-
it 'respects the maximum attempts configuration for Devise::Models::Lockable' do
|
37
|
-
4.times { user.invalid_authy_attempt! }
|
38
|
-
expect(user.send :attempts_exceeded?).to be_true # protected method
|
39
|
-
expect(user.access_locked?).to be_true
|
40
|
-
end
|
41
|
-
|
42
|
-
it 'returns true if the account is locked' do
|
43
|
-
3.times { user.invalid_authy_attempt! }
|
44
|
-
expect(user.invalid_authy_attempt!).to be_true
|
45
|
-
end
|
46
|
-
|
47
|
-
it 'returns false if the account is not locked' do
|
48
|
-
expect(user.invalid_authy_attempt!).to be_false
|
49
|
-
end
|
50
|
-
|
51
|
-
end
|
52
|
-
|
53
|
-
end
|
54
|
-
|
55
|
-
context 'model misconfigured, includes AuthyLockable w/out Lockable' do
|
56
|
-
|
57
|
-
let(:user) do
|
58
|
-
u = create_user authy_id: '20'
|
59
|
-
u.extend Devise::Models::AuthyLockable
|
60
|
-
u
|
61
|
-
end
|
62
|
-
|
63
|
-
context '#lockable?' do
|
64
|
-
|
65
|
-
it 'raises an error' do
|
66
|
-
expect { user.lockable? }.to raise_error 'Devise lockable extension required'
|
67
|
-
end
|
68
|
-
|
69
|
-
end
|
70
|
-
|
71
|
-
context '#invalid_authy_attempt!' do
|
72
|
-
|
73
|
-
it 'raises an error' do
|
74
|
-
expect { user.invalid_authy_attempt! }.to raise_error 'Devise lockable extension required'
|
75
|
-
end
|
76
|
-
|
77
|
-
end
|
78
|
-
|
79
|
-
end
|
80
|
-
|
81
|
-
end
|
data/spec/orm/active_record.rb
DELETED