devise-authy 1.8.3 → 1.9.0

data/spec/controllers/passwords_controller_spec.rb

@@ -1,48 +0,0 @@
-require 'spec_helper'
-
-describe DeviseAuthy::PasswordsController, type: :controller do
-  include Devise::Test::ControllerHelpers
-
-  before :each do
-    request.env["devise.mapping"] = Devise.mappings[:user]
-  end
-
-  context "when the user has authy enabled" do
-
-    describe "Reset password" do
-      it "Should redirect to verify token view" do
-        user = create_user(:authy_id => 1)
-        user.authy_enabled = true
-        user.save
-
-        token = user.send_reset_password_instructions
-
-        put :update, :user => { :reset_password_token => token, :password => "password", :password_confirmation => "password" }
-
-        user.reload
-        expect(user.last_sign_in_at).to be_nil
-        expect(response).to redirect_to(root_url)
-      end
-    end
-  end
-
-  context "when the user don't have 2FA" do
-    describe "Reset password" do
-      it "Should sign in the user" do
-        user = create_user(:authy_id => 1)
-        user.save
-
-        token = user.send_reset_password_instructions
-
-        last_sign_in_at = user.last_sign_in_at
-
-        put :update, :user => { :reset_password_token => token, :password => "password", :password_confirmation => "password" }
-        expect(response).to redirect_to(root_url)
-
-        user.reload
-        expect(user.last_sign_in_at).not_to be_nil
-        expect(flash[:notice]).to eq("Your password was changed successfully. You are now signed in.")
-      end
-    end
-  end
-end

data/spec/features/authy_authenticatable_spec.rb

@@ -1,108 +0,0 @@
-require 'spec_helper'
-
-describe "Authy Authenticatable", :type => :request do
-  describe "If user don't have two factor authentication should login with email - password" do
-    before :each do
-      @user = create_user(:email => 'foo@bar.com')
-    end
-
-    it "Sign in should succeed" do
-      fill_sign_in_form('foo@bar.com', '12345678')
-      expect(current_path).to eq(root_path)
-      expect(page).to have_content('Signed in successfully.')
-    end
-
-    it "Sign in shouldn't succeed" do
-      fill_sign_in_form('foo@bar.com', '14567823')
-      expect(current_path).to eq(new_user_session_path)
-      expect(page).not_to have_content('Signed in successfully.')
-    end
-  end
-
-  describe "If user has two factor authentication" do
-    before :each do
-      @user = create_user(:authy_id => 75)
-      @user.update_attribute(:authy_enabled, true)
-    end
-
-    it "Sign in should succeed" do
-      fill_sign_in_form(@user.email, '12345678')
-      expect(current_path).to eq(user_verify_authy_path)
-      expect(page).to have_content('Please enter your Authy token')
-
-      within('#devise_authy') do
-        fill_in 'authy-token', :with => '0000000'
-      end
-      click_on 'Check Token'
-      expect(current_path).to eq(root_path)
-      expect(page).to have_content(I18n.t('devise.devise_authy.user.signed_in'))
-      @user.reload
-      expect(@user.last_sign_in_with_authy).not_to be_nil
-    end
-
-    it "Sign in shouldn't succeed" do
-      fill_sign_in_form(@user.email, '12345678')
-      expect(current_path).to eq(user_verify_authy_path)
-      expect(page).to have_content('Please enter your Authy token')
-
-      within('#devise_authy') do
-        fill_in 'authy-token', :with => '324567'
-      end
-      click_on 'Check Token'
-      expect(current_path).to eq(user_verify_authy_path)
-      @user.reload
-      expect(@user.last_sign_in_with_authy).to be_nil
-    end
-
-    describe "With cookie['remember_device']" do
-      it "prompts for a token when cookie expired" do
-        expires = { expires: 2.months.ago.to_i, id: @user.id }.to_json
-        cookie_val = sign_cookie("remember_device", expires)
-        page.driver.browser.set_cookie("remember_device=#{cookie_val}")
-        fill_sign_in_form(@user.email, '12345678')
-        expect(current_path).to eq(user_verify_authy_path)
-        expect(page).to have_content('Please enter your Authy token')
-      end
-
-      it "no prompt for a token" do
-        expires = { expires: Time.now.to_i, id: @user.id }.to_json
-        cookie_val = sign_cookie("remember_device", expires)
-        page.driver.browser.set_cookie("remember_device=#{cookie_val}")
-        fill_sign_in_form(@user.email, '12345678')
-        expect(current_path).to eq(root_path)
-        expect(page).to have_content("Signed in successfully.")
-      end
-
-      it "prompts for a token when user has an old cookie" do
-        cookie_val = sign_cookie("remember_device", 2.months.ago.to_i)
-        page.driver.browser.set_cookie("remember_device=#{cookie_val}")
-        fill_sign_in_form(@user.email, '12345678')
-        expect(current_path).to eq(user_verify_authy_path)
-        expect(page).to have_content('Please enter your Authy token')
-      end
-
-      it "prompts for a token when cookie has an invalid json" do
-        cookie_val = sign_cookie("remember_device", "{")
-        page.driver.browser.set_cookie("remember_device=#{cookie_val}")
-        fill_sign_in_form(@user.email, '12345678')
-        expect(current_path).to eq(user_verify_authy_path)
-        expect(page).to have_content('Please enter your Authy token')
-      end
-    end
-
-    it "With cookie['current_user_id'] and cookie['user_password_checked']" do
-      page.driver.browser.set_cookie("current_user_id=#{@user.id}")
-      page.driver.browser.set_cookie('user_password_checked=true')
-
-      visit user_verify_authy_path
-      expect(current_path).to eq(new_user_session_path)
-      expect(page).to have_content('Log in')
-    end
-
-    it "Click link Request sms" do
-      fill_sign_in_form(@user.email, '12345678')
-      click_link 'Request SMS'
-      expect(page).to have_content("Token was sent.")
-    end
-  end
-end

data/spec/features/authy_lockable_spec.rb

@@ -1,70 +0,0 @@
-require 'spec_helper'
-
-feature 'Authy Lockable' do
-
-  context 'during verify code when Authy enabled' do
-
-    let(:user) do
-      u = create_lockable_user authy_id: 20, email: 'foo@bar.com'
-      u.update_attribute :authy_enabled, true
-      u
-    end
-
-    before :each do
-      fill_sign_in_form user.email, '12345678', '#new_lockable_user', new_lockable_user_session_path
-    end
-
-    scenario 'account locked when user enters invalid code too many times' do
-      (LockableUser.maximum_attempts - 1).times do |i|
-        fill_verify_token_form invalid_authy_token
-        assert_at lockable_user_verify_authy_path
-        expect(page).to have_content('Please enter your Authy token')
-        user.reload
-        assert_account_locked_for user, false
-        expect(user.failed_attempts).to eq(i + 1)
-      end
-
-      fill_verify_token_form invalid_authy_token
-      user.reload
-      assert_at new_user_session_path
-      assert_account_locked_for user, true
-      visit root_path
-      assert_at new_user_session_path
-    end
-
-  end
-
-  context 'during verify Authy installation' do
-
-    let(:user) { create_lockable_user email: 'foo@bar.com' }
-
-    before do
-      fill_sign_in_form user.email, '12345678', '#new_lockable_user', new_lockable_user_session_path
-    end
-
-    scenario 'account locked when user enters invalid code too many times' do
-      visit lockable_user_enable_authy_path
-      fill_in 'authy-countries', with: '1'
-      fill_in 'authy-cellphone', with: '8001234567'
-      click_on 'Enable'
-
-      (LockableUser.maximum_attempts - 1).times do |i|
-        fill_in_verify_authy_installation_form invalid_authy_token
-        assert_at lockable_user_verify_authy_installation_path
-        expect(page).to have_content('Verify your account')
-        user.reload
-        assert_account_locked_for user, false
-        expect(user.failed_attempts).to eq(i + 1)
-      end
-
-      fill_in_verify_authy_installation_form invalid_authy_token
-      user.reload
-      assert_at new_user_session_path
-      assert_account_locked_for user, true
-      visit root_path
-      assert_at new_user_session_path
-    end
-
-  end
-
-end

data/spec/generators_spec.rb

@@ -1,32 +0,0 @@
-require 'spec_helper'
-
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..'))
-require 'rails/generators'
-require 'generators/devise_authy/devise_authy_generator'
-
-describe "generators for devise_authy" do
-  RAILS_APP_PATH = File.expand_path("../rails-app", __FILE__)
-
-  def rails_command(*args)
-    `cd #{RAILS_APP_PATH} && BUNDLE_GEMFILE=#{RAILS_APP_PATH}/Gemfile bundle exec rails #{args.join(" ")}`
-  end
-
-  it "rails g should include the generators" do
-    @output = rails_command("g")
-    expect(@output.include?('devise_authy:install')).to be_truthy
-    expect(@output.include?('active_record:devise_authy')).to be_truthy
-  end
-
-  it "rails g devise_authy:install" do
-    @output = rails_command("g", "devise_authy:install", "-s")
-
-    expect(@output.include?('config/initializers/devise.rb')).to be_truthy
-    expect(@output.include?('authy.rb')).to be_truthy
-    expect(@output.include?('config/locales/devise.authy.en.yml')).to be_truthy
-    expect(@output.include?('app/views/devise/devise_authy/enable_authy.html.erb')).to be_truthy
-    expect(@output.include?('app/views/devise/devise_authy/verify_authy.html.erb')).to be_truthy
-    expect(@output.include?('app/views/devise/devise_authy/verify_authy_installation.html.erb')).to be_truthy
-    expect(@output.include?('app/assets/stylesheets/devise_authy.css')).to be_truthy
-    expect(@output.include?('app/assets/javascripts/devise_authy.js')).to be_truthy
-  end
-end

data/spec/models/authy_authenticatable_spec.rb

@@ -1,17 +0,0 @@
-require 'spec_helper'
-
-describe Devise::Models::AuthyAuthenticatable, type: :model do
-  before(:each) do
-    @user = create_user(:authy_id => '20')
-  end
-
-  describe "User#find_by_authy_id" do
-    it "Should find the user" do
-      expect(User.find_by_authy_id('20')).not_to be_nil
-    end
-
-    it "Shouldn't find the user" do
-      expect(User.find_by_authy_id('80')).to be_nil
-    end
-  end
-end

data/spec/models/authy_lockable_spec.rb

@@ -1,81 +0,0 @@
-require 'spec_helper'
-
-describe Devise::Models::AuthyLockable, type: :controller do
-
-  context 'model includes Devise::Models::Lockable' do
-
-    let(:user) { create_lockable_user authy_id: '20' }
-
-    context '#lockable?' do
-
-      it 'returns true if lock_strategy is :failed_attempts' do
-        expect(user.lockable?).to be_truthy
-      end
-
-      it 'returns false if lock_strategy is anything other than :failed attempts' do
-        Devise.lock_strategy = :none
-        expect(user.lockable?).to be_falsey
-        Devise.lock_strategy = :failed_attempts
-      end
-
-    end
-
-    context '#invalid_authy_attempt!' do
-
-      it 'resets failed_attempts to 0 if nil' do
-        user.update_attribute :failed_attempts, nil
-        user.invalid_authy_attempt!
-        expect(user.failed_attempts).to eq(1)
-      end
-
-      it 'updates failed_attempts' do
-        10.times { user.invalid_authy_attempt! }
-        expect(user.failed_attempts).to eq(10)
-      end
-
-      it 'respects the maximum attempts configuration for Devise::Models::Lockable' do
-        4.times { user.invalid_authy_attempt! }
-        expect(user.send :attempts_exceeded?).to be_truthy # protected method
-        expect(user.access_locked?).to be_truthy
-      end
-
-      it 'returns true if the account is locked' do
-        3.times { user.invalid_authy_attempt! }
-        expect(user.invalid_authy_attempt!).to be_truthy
-      end
-
-      it 'returns false if the account is not locked' do
-        expect(user.invalid_authy_attempt!).to be_falsey
-      end
-
-    end
-
-  end
-
-  context 'model misconfigured, includes AuthyLockable w/out Lockable' do
-
-    let(:user) do
-      u = create_user authy_id: '20'
-      u.extend Devise::Models::AuthyLockable
-      u
-    end
-
-    context '#lockable?' do
-
-      it 'raises an error' do
-        expect { user.lockable? }.to raise_error 'Devise lockable extension required'
-      end
-
-    end
-
-    context '#invalid_authy_attempt!' do
-
-      it 'raises an error' do
-        expect { user.invalid_authy_attempt! }.to raise_error 'Devise lockable extension required'
-      end
-
-    end
-
-  end
-
-end

data/spec/orm/active_record.rb

@@ -1,4 +0,0 @@
-ActiveRecord::Migration.verbose = false
-ActiveRecord::Base.logger = Logger.new(nil)
-
-ActiveRecord::Migrator.migrate(File.expand_path("../../rails-app/db/migrate/", __FILE__))

data/spec/rails-app/Gemfile

@@ -1,10 +0,0 @@
-source "https://rubygems.org"
-
-gem "rails", "~> 4.2.7"
-gem 'json', '>= 1.8.1'
-gem "sqlite3"
-gem "rake"
-gem "authy"
-gem "devise", '>= 3.0.0'
-gem "devise-authy", :path => "../.."
-gem 'launchy'

data/spec/rails-app/Gemfile.lock

@@ -1,141 +0,0 @@
-PATH
-  remote: ../..
-  specs:
-    devise-authy (1.8.2)
-      authy (>= 2.7.2)
-      devise (>= 3.0.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actionmailer (4.2.10)
-      actionpack (= 4.2.10)
-      actionview (= 4.2.10)
-      activejob (= 4.2.10)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.10)
-      actionview (= 4.2.10)
-      activesupport (= 4.2.10)
-      rack (~> 1.6)
-      rack-test (~> 0.6.2)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.10)
-      activesupport (= 4.2.10)
-      builder (~> 3.1)
-      erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (4.2.10)
-      activesupport (= 4.2.10)
-      globalid (>= 0.3.0)
-    activemodel (4.2.10)
-      activesupport (= 4.2.10)
-      builder (~> 3.1)
-    activerecord (4.2.10)
-      activemodel (= 4.2.10)
-      activesupport (= 4.2.10)
-      arel (~> 6.0)
-    activesupport (4.2.10)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
-      tzinfo (~> 1.1)
-    addressable (2.5.2)
-      public_suffix (>= 2.0.2, < 4.0)
-    arel (6.0.4)
-    authy (2.7.2)
-      httpclient (>= 2.5.3.3)
-    bcrypt (3.1.11)
-    builder (3.2.3)
-    concurrent-ruby (1.0.5)
-    crass (1.0.3)
-    devise (4.3.0)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.2)
-      responders
-      warden (~> 1.2.3)
-    erubis (2.7.0)
-    globalid (0.4.1)
-      activesupport (>= 4.2.0)
-    httpclient (2.8.3)
-    i18n (0.9.1)
-      concurrent-ruby (~> 1.0)
-    json (2.1.0)
-    launchy (2.4.3)
-      addressable (~> 2.3)
-    loofah (2.1.1)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    mail (2.7.0)
-      mini_mime (>= 0.1.1)
-    mini_mime (1.0.0)
-    mini_portile2 (2.3.0)
-    minitest (5.10.3)
-    nokogiri (1.8.1)
-      mini_portile2 (~> 2.3.0)
-    orm_adapter (0.5.0)
-    public_suffix (3.0.1)
-    rack (1.6.8)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rails (4.2.10)
-      actionmailer (= 4.2.10)
-      actionpack (= 4.2.10)
-      actionview (= 4.2.10)
-      activejob (= 4.2.10)
-      activemodel (= 4.2.10)
-      activerecord (= 4.2.10)
-      activesupport (= 4.2.10)
-      bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.10)
-      sprockets-rails
-    rails-deprecated_sanitizer (1.0.3)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.8)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6)
-      rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
-    railties (4.2.10)
-      actionpack (= 4.2.10)
-      activesupport (= 4.2.10)
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rake (12.3.0)
-    responders (2.4.0)
-      actionpack (>= 4.2.0, < 5.3)
-      railties (>= 4.2.0, < 5.3)
-    sprockets (3.7.1)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.2.1)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    sqlite3 (1.3.13)
-    thor (0.20.0)
-    thread_safe (0.3.6)
-    tzinfo (1.2.4)
-      thread_safe (~> 0.1)
-    warden (1.2.7)
-      rack (>= 1.0)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  authy
-  devise (>= 3.0.0)
-  devise-authy!
-  json (>= 1.8.1)
-  launchy
-  rails (~> 4.2.7)
-  rake
-  sqlite3
-
-BUNDLED WITH
-   1.16.0