devise-authy 1.8.2 → 1.8.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b4a21e73c3efd8c4368a9685a1034a6dd43028949d6427309ee0ebd646d5c147
-  data.tar.gz: a3eaac986e7eb6620333bd9a6ea21d5aaa4ec58983a92cd1bc3650f2e02c3fe5
+  metadata.gz: dfe2b507c6ec983ff3cf4cc7d3410eaacb77dc89ec35ae819047155629ce5807
+  data.tar.gz: c1d8b34ecf10a707e492c06782fa5bd8b75a620d9524f601d9ba7e0baf7e291b
 SHA512:
-  metadata.gz: 100a286438cc5befc4c02249aff14c68fde76ad20a05f8ec740241e54b92c797abce24d3aacb449fca1c2de31c5320d4d5914b47be8de39b5a23cab5520b836b
-  data.tar.gz: 8c958b9a2d7b852917df7a130f25b62325783f5e31e2a800a7755428dddf2a3ec573d82d89e164011ac3f99e3a1b1fa76a701e66e8d9f94a1dd5bf4ee77bfb31
+  metadata.gz: b81fc8c513a5ffe555baa28535a227ad4e1428ea15e5b5a9bcea461b7c18eb8cd05a8a27d3ee5c30ee04a06f0c5a08c9483e660199ed6123e9f369a16b277bb5
+  data.tar.gz: a91cb3e6d2c093d9884de68394d1101e036d3a76ab8d54d340037882ab23ae278c8e0dbd2ff773be84ce47299db0629f190eb248e333e6c921f5001274d9f022

data/.travis.yml

@@ -1,4 +1,12 @@
 language: ruby
+before_install: cd spec/rails-app && bundle install
+script: bundle exec rspec
 rvm:
-  - 2.3.0
-  - 2.2.3
+  - 2.5
+  - 2.4
+  - 2.3
+  - 2.2
+  - ruby-head
+matrix:
+  allow_failures:
+    - rvm: ruby-head

data/CHANGELOG.md

@@ -0,0 +1,38 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [1.8.3] - 2018-07-05
+### Fixed
+- Fixes Ruby interpolation in HAML for onetouch (thanks @muan)
+- Records Authy authentication after install verification (thanks @nukturnal)
+- Forgets remember device cookie when disabling Authy (thanks @senekis)
+
+### Changed
+- Updated testing Rubies in CI
+
+## Older releases
+
+__*The following releases happened before the changelog was started. Some history will be added for clarity.*__
+
+## [1.8.2] - 2017-12-22
+## [1.8.1] - 2016-12-06
+## [1.8.0] - 2016-10-25
+## [1.7.0] - 2015-12-22
+## [1.6.0] - 2015-01-07
+## [1.5.3] - 2014-06-11
+## [1.5.2] - 2014-06-11
+## [1.5.1] - 2014-04-24
+## [1.5.0] - 2014-01-07
+## [1.4.0] - 2013-12-17
+## [1.3.0] - 2013-11-16
+## [1.2.2] - 2013-09-04
+## [1.2.1] - 2013-04-22
+## [1.2.0] - 2013-04-22 [YANKED]
+## [1.0.0] - 2013-04-10
+

data/README.md

@@ -1,4 +1,4 @@
-# Authy Devise
+# Authy Devise [![Build Status](https://travis-ci.org/authy/authy-devise.svg?branch=master)](https://travis-ci.org/authy/authy-devise)
 
 This is a [Devise](https://github.com/plataformatec/devise) extension to add Two-Factor Authentication with Authy to your rails application.
 

data/VERSION

@@ -1 +1 @@
-1.8.2
+1.8.3

data/app/controllers/devise/devise_authy_controller.rb

@@ -81,6 +81,7 @@ class Devise::DeviseAuthyController < DeviseController
     if response.ok?
       resource.update_attribute(:authy_enabled, false)
       resource.update_attribute(:authy_id, nil)
+      forget_device
 
       set_flash_message(:notice, :disabled)
     else
@@ -104,13 +105,14 @@ class Devise::DeviseAuthyController < DeviseController
     self.resource.authy_enabled = token.ok?
 
     if token.ok? && self.resource.save
+      record_authy_authentication
       set_flash_message(:notice, :enabled)
       redirect_to after_authy_verified_path_for(resource)
     else
       handle_invalid_token :verify_authy_installation, :not_enabled
     end
   end
-  
+
   def GET_authy_onetouch_status
     status = Authy::API.get_request("onetouch/json/approval_requests/#{params[:onetouch_uuid]}")['approval_request']['status']
     case status

data/app/views/devise/verify_authy.html.haml

@@ -26,7 +26,7 @@
           if(this.status != 202) clearInterval(onetouchInterval);
           if(this.status == 200) window.location = JSON.parse(this.responseText).redirect;
         });
-        onetouchRequest.open("GET", "<%= polymorphic_path [resource_name, :authy_onetouch_status] %>?onetouch_uuid=<%= @onetouch_uuid %>");
+        onetouchRequest.open("GET", "#{polymorphic_path [resource_name, :authy_onetouch_status]}?onetouch_uuid=#{@onetouch_uuid}");
         onetouchRequest.send();
       }, 3000);
     })();

data/devise-authy.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: devise-authy 1.8.2 ruby lib
+# stub: devise-authy 1.8.3 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "devise-authy".freeze
-  s.version = "1.8.2"
+  s.version = "1.8.3"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Authy Inc.".freeze]
-  s.date = "2017-12-22"
+  s.date = "2018-07-05"
   s.description = "Authy plugin for Devise".freeze
   s.email = "support@authy.com".freeze
   s.extra_rdoc_files = [
@@ -22,6 +22,7 @@ Gem::Specification.new do |s|
     ".document",
     ".rspec",
     ".travis.yml",
+    "CHANGELOG.md",
     "Gemfile",
     "LICENSE.txt",
     "README.md",
@@ -200,7 +201,7 @@ Gem::Specification.new do |s|
   ]
   s.homepage = "https://github.com/authy/authy-devise".freeze
   s.licenses = ["MIT".freeze]
-  s.rubygems_version = "2.7.3".freeze
+  s.rubygems_version = "2.7.6".freeze
   s.summary = "Authy plugin for Devise".freeze
 
   if s.respond_to? :specification_version then

data/lib/devise-authy/controllers/helpers.rb

@@ -8,6 +8,7 @@ module DeviseAuthy
       end
 
       private
+
       def remember_device
         id = @resource.id
         cookies.signed[:remember_device] = {
@@ -17,6 +18,10 @@ module DeviseAuthy
         }
       end
 
+      def forget_device
+        cookies.delete :remember_device
+      end
+
       def require_token?
         id = warden.session(resource_name)[:id]
         cookie = cookies.signed[:remember_device]

data/spec/controllers/devise_authy_controller_spec.rb

@@ -193,7 +193,15 @@ describe Devise::DeviseAuthyController, type: :controller do
       sign_in @user
       @user.update_attribute(:authy_enabled, true)
 
+      request.cookies["remember_device"] = {
+        :value => {expires: Time.now.to_i, id: @user.id}.to_json,
+        :secure => false,
+        :expires => User.authy_remember_device.from_now
+      }
+
       post :POST_disable_authy
+
+      expect(response.cookies["remember_device"]).to be_nil
       @user.reload
       expect(@user.authy_id).to be_nil
       expect(@user.authy_enabled).to be_falsey
@@ -239,6 +247,7 @@ describe Devise::DeviseAuthyController, type: :controller do
     it "Should enable authy for user" do
       sign_in @user
       post :POST_verify_authy_installation, :token => "0000000"
+      expect(session["user_authy_token_checked"]).to be_truthy
       expect(response).to redirect_to(root_url)
       expect(flash[:notice]).to eq('Two factor authentication was enabled')
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-authy
 version: !ruby/object:Gem::Version
-  version: 1.8.2
+  version: 1.8.3
 platform: ruby
 authors:
 - Authy Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-12-22 00:00:00.000000000 Z
+date: 2018-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -147,6 +147,7 @@ files:
 - ".document"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -342,7 +343,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.7.3
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: Authy plugin for Devise