devise-authy 1.0.0

data/.document

@@ -0,0 +1,5 @@
+lib/**/*.rb
+bin/*
+- 
+features/**/*.feature
+LICENSE.txt

data/.rspec

@@ -0,0 +1 @@
+--color

data/Gemfile

@@ -0,0 +1,22 @@
+source "http://rubygems.org"
+
+gem "devise"
+gem 'authy'
+
+group :development do
+  gem "rspec"
+  gem "yard"
+  gem "rdoc"
+  gem "bundler"
+  gem "jeweler"
+  gem "simplecov"
+  gem "sass-rails"
+  gem "jquery-rails"
+end
+
+group :test do
+  gem "sqlite3"
+  gem 'rspec-rails'
+  gem 'database_cleaner'
+  gem 'capybara'
+end

data/Gemfile.lock

@@ -0,0 +1,138 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      journey (~> 1.0.4)
+      rack (~> 1.4.0)
+      rack-cache (~> 1.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.1.3)
+    activemodel (3.2.8)
+      activesupport (= 3.2.8)
+      builder (~> 3.0.0)
+    activesupport (3.2.8)
+      i18n (~> 0.6)
+      multi_json (~> 1.0)
+    addressable (2.3.2)
+    authy (1.1.0)
+      httpclient
+    bcrypt-ruby (3.0.1)
+    builder (3.0.4)
+    capybara (1.1.2)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      selenium-webdriver (~> 2.0)
+      xpath (~> 0.1.4)
+    childprocess (0.3.6)
+      ffi (~> 1.0, >= 1.0.6)
+    database_cleaner (0.9.1)
+    devise (2.1.2)
+      bcrypt-ruby (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (~> 3.1)
+      warden (~> 1.2.1)
+    diff-lcs (1.1.3)
+    erubis (2.7.0)
+    ffi (1.1.5)
+    git (1.2.5)
+    hike (1.2.1)
+    httpclient (2.3.3)
+    i18n (0.6.1)
+    jeweler (1.8.4)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+      rdoc
+    journey (1.0.4)
+    jquery-rails (2.1.3)
+      railties (>= 3.1.0, < 5.0)
+      thor (~> 0.14)
+    json (1.7.5)
+    libwebsocket (0.1.5)
+      addressable
+    mime-types (1.19)
+    multi_json (1.3.6)
+    nokogiri (1.5.5)
+    orm_adapter (0.4.0)
+    rack (1.4.1)
+    rack-cache (1.2)
+      rack (>= 0.4)
+    rack-ssl (1.3.2)
+      rack
+    rack-test (0.6.2)
+      rack (>= 1.0)
+    railties (3.2.8)
+      actionpack (= 3.2.8)
+      activesupport (= 3.2.8)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (>= 0.14.6, < 2.0)
+    rake (0.9.2.2)
+    rdoc (3.12)
+      json (~> 1.4)
+    rspec (2.11.0)
+      rspec-core (~> 2.11.0)
+      rspec-expectations (~> 2.11.0)
+      rspec-mocks (~> 2.11.0)
+    rspec-core (2.11.1)
+    rspec-expectations (2.11.3)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.11.3)
+    rspec-rails (2.11.0)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec (~> 2.11.0)
+    rubyzip (0.9.9)
+    sass (3.2.1)
+    sass-rails (3.2.5)
+      railties (~> 3.2.0)
+      sass (>= 3.1.10)
+      tilt (~> 1.3)
+    selenium-webdriver (2.25.0)
+      childprocess (>= 0.2.5)
+      libwebsocket (~> 0.1.3)
+      multi_json (~> 1.0)
+      rubyzip
+    simplecov (0.7.1)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.7.1)
+    simplecov-html (0.7.1)
+    sprockets (2.1.3)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    sqlite3 (1.3.6)
+    thor (0.16.0)
+    tilt (1.3.3)
+    warden (1.2.1)
+      rack (>= 1.0)
+    xpath (0.1.4)
+      nokogiri (~> 1.3)
+    yard (0.8.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  authy
+  bundler
+  capybara
+  database_cleaner
+  devise
+  jeweler
+  jquery-rails
+  rdoc
+  rspec
+  rspec-rails
+  sass-rails
+  simplecov
+  sqlite3
+  yard

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Johanna Mantilla Duque
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,86 @@
+# Authy Devise
+
+This is a [Devise](https://github.com/plataformatec/devise) extension to add Two-Factor Authentication with Authy to your rails application.
+
+
+## Pre-requisites
+
+Get an Authy API Key: [https://www.authy.com/signup](https://www.authy.com/signup)
+
+## Demo
+
+See [https://github.com/authy/authy-devise/tree/master/authy-devise-demo](https://github.com/authy/authy-devise/tree/master/authy-devise-demo)
+
+## Getting started
+
+First create an initializer in `config/initializer/authy.rb`
+
+    Authy.api_key = ENV['AUTHY_API_KEY'] || 'your_authy_api_key'
+    Authy.api_uri = 'https://api.authy.com/'
+
+You can get the `AUTHY_API_KEY` at [https://www.authy.com/signup](https://www.authy.com/signup)
+
+Next add the gem to your Gemfile:
+
+    gem 'devise'
+    gem 'devise-authy'
+
+And then run `bundle install`
+
+Add `Devise Authy` to your App:
+
+    rails g devise_authy:install
+
+    --haml: Generate the views in Haml
+    --sass: Generate the stylesheets in Sass
+
+### Configuring Models
+
+Configure your Devise user model:
+
+    rails g devise_authy [MODEL_NAME]
+
+or add the following line to your `User` model
+
+    devise :authy_authenticatable, :database_authenticatable
+
+Change the default routes to point to something sane like:
+
+	devise_for :users, :path_names => {
+		:verify_authy => "/verify-token",
+		:enable_authy => "/enable-two-factor",
+		:verify_authy_installation => "/verify-installation"
+	}
+
+Then run the migrations:
+
+    rake db:migrate
+
+Now whenever a user wants to enable two-factor authentication he can go
+to:
+
+    http://your-app/users/enable-two-factor
+
+And when the user log's in he will be redirected to:
+
+    http://your-app/users/verify-token
+
+
+## Custom Views
+
+If you want to customise your views, you can modify the files that are located at:
+
+    app/views/devise/devise_authy/enable_authy.html.erb
+    app/views/devise/devise_authy/verify_authy.html.erb
+    app/views/devise/devise_authy/verify_authy_installation.html.erb
+
+## I18n
+
+The install generator also copy a `Devise Authy` i18n file which you can find at:
+
+    config/locales/devise.authy.en.yml
+
+## Copyright
+
+Copyright (c) 2013 Authy Inc. See LICENSE.txt for
+further details.

data/Rakefile

@@ -0,0 +1,42 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name = "devise-authy"
+  gem.homepage = "http://github.com/senekis/devise-authy"
+  gem.license = "MIT"
+  gem.summary = %Q{Authy plugin for Devise}
+  gem.description = %Q{Authy plugin for Devise}
+  gem.email = "support@authy.com"
+  gem.authors = ["Authy Inc."]
+  # dependencies defined in Gemfile
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = FileList['spec/**/*_spec.rb']
+end
+
+RSpec::Core::RakeTask.new(:rcov) do |spec|
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rcov = true
+end
+
+task :default => :spec
+
+require 'yard'
+YARD::Rake::YardocTask.new

data/VERSION

@@ -0,0 +1 @@
+1.0.0

data/app/assets/javascripts/devise_authy.js

@@ -0,0 +1,7 @@
+$(document).ready(function() {
+  $('a#authy-request-sms-link').unbind('ajax:success');
+  $('a#authy-request-sms-link').bind('ajax:success', function(evt, data, status, xhr) {
+    alert(data.message);
+  });
+});
+

data/app/assets/stylesheets/devise_authy.css

@@ -0,0 +1,26 @@
+.devise_authy {
+  margin-left: auto;
+  margin-right: auto;
+  width: 350px;
+}
+
+legend {
+  display: block;
+  width: 100%;
+  padding: 0;
+  margin-bottom: 20px;
+  font-size: 21px;
+  line-height: 40px;
+  color: #333;
+  border-bottom: 1px solid #E5E5E5;
+}
+
+label,
+input,
+button {
+  font-size: 14px;
+  font-weight: normal;
+  line-height: 20px;
+  padding: 8px;
+  margin: 8px;
+}

data/app/assets/stylesheets/devise_authy.sass

@@ -0,0 +1,23 @@
+.devise_authy
+  margin-left: auto
+  margin-right: auto
+  width: 350px
+
+legend
+  display: block
+  width: 100%
+  padding: 0
+  margin-bottom: 20px
+  font-size: 21px
+  line-height: 40px
+  color: #333
+  border-bottom: 1px solid #E5E5E5
+
+label,
+input,
+button
+  font-size: 14px
+  font-weight: normal
+  line-height: 20px
+  padding: 8px
+  margin: 8px

data/app/controllers/devise/devise_authy_controller.rb

@@ -0,0 +1,109 @@
+class Devise::DeviseAuthyController < DeviseController
+  prepend_before_filter :find_resource_and_require_password_checked, :only => [
+    :GET_verify_authy, :POST_verify_authy
+  ]
+  prepend_before_filter :authenticate_scope!, :only => [
+    :GET_enable_authy, :POST_enable_authy, 
+    :GET_verify_authy_installation, :POST_verify_authy_installation
+  ]
+  include Devise::Controllers::Helpers
+
+  def GET_verify_authy
+    @authy_id = @resource.authy_id
+    render :verify_authy
+  end
+
+  # verify 2fa
+  def POST_verify_authy
+    token = Authy::API.verify({
+      :id => @resource.authy_id,
+      :token => params[:token],
+      :force => true
+    })
+
+    if token.ok?
+      @resource.update_attribute(:last_sign_in_with_authy, DateTime.now)
+
+      set_flash_message(:notice, :signed_in) if is_navigational_format?
+      sign_in(resource_name, @resource)
+      respond_with resource, :location => after_sign_in_path_for(@resource)
+    else
+      render :verify_authy
+    end
+  end
+
+  # enable 2fa
+  def GET_enable_authy
+    render :enable_authy
+  end
+
+  def POST_enable_authy
+    @authy_user = Authy::API.register_user(
+      :email => resource.email,
+      :cellphone => params[:cellphone],
+      :country_code => params[:country_code]
+    )
+
+    if @authy_user.ok?
+      resource.authy_id = @authy_user.id
+      if resource.save
+        set_flash_message(:notice, :enabled)
+      else
+        set_flash_message(:error, :not_enabled)
+        redirect_to :root and return
+      end
+
+      redirect_to [resource_name, :verify_authy_installation]
+    else
+      set_flash_message(:error, :not_enabled)
+      render :enable_authy
+    end
+  end
+
+  def GET_verify_authy_installation
+    render :verify_authy_installation
+  end
+
+  def POST_verify_authy_installation
+    token = Authy::API.verify({
+      :id => self.resource.authy_id,
+      :token => params[:token],
+      :force => true
+    })
+
+    self.resource.authy_enabled = token.ok?
+    if !token.ok? || !self.resource.save
+      set_flash_message(:error, :not_enabled)
+      render :verify_authy_installation
+    else
+      set_flash_message(:notice, :enabled)
+      redirect_to :root
+    end
+  end
+
+  def request_sms
+    @resource = resource_class.find_by_id(session["#{resource_name}_id"])
+    if !@resource
+      render :json => {:sent => false, :message => "User couldn't be found."}
+      return
+    end
+
+    response = Authy::API.request_sms(:id => @resource.id, :force => true)
+    render :json => {:sent => response.ok?, :message => response.message}
+  end
+
+  private
+
+  def authenticate_scope!
+    send(:"authenticate_#{resource_name}!", :force => true)
+    self.resource = send("current_#{resource_name}")
+  end
+
+  def find_resource_and_require_password_checked
+    @resource = resource_class.find_by_id(session["#{resource_name}_id"])
+
+    if @resource.nil? || session[:"#{resource_name}_password_checked"].to_s != "true"
+      redirect_to :root
+    end
+  end
+end