RubyGems - devise-authy - Versions diffs - 1.10.0 → 1.11.0 - Mend

devise-authy 1.10.0 → 1.11.0

Files changed (12) hide show

checksums.yaml +4 -4
data/.travis.yml +7 -1
data/CHANGELOG.md +37 -2
data/README.md +55 -10
data/app/views/devise/verify_authy.html.erb +2 -2
data/app/views/devise/verify_authy.html.haml +1 -1
data/devise-authy.gemspec +2 -2
data/lib/devise-authy.rb +2 -0
data/lib/devise-authy/mapping.rb +7 -0
data/lib/devise-authy/routes.rb +2 -2
data/lib/devise-authy/version.rb +1 -1
metadata +7 -8

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c2944ca880949d1d99ba1116f87399c9be0043cc210d29c4d5c500b08b74a3ba
-  data.tar.gz: 400fe93a97c18c62904d7f3b2795193bdfe724b4022c677bf20a507f12881cab
+  metadata.gz: b4dcb41db3fa90c5055347a840927fe3480f2eb6622499775dac3996f9d3683a
+  data.tar.gz: e7d144883aa6ac75efb34ef13f1a9145529604d6dc9fc648a2427f9749e8f719
 SHA512:
-  metadata.gz: 394a6c85daf4d32bd9a7f8be985cdb81dbc6aad4578b317bfbf2cd0514226bbef466fe0f3831b85034d7de6d99d7be2f4c461243705bb1936491e9454d595360
-  data.tar.gz: a5defe4716260f048cf8080bd40fa47d4fb13da62ed42a75461b62c46c0b4b7eba25d6d8896064666e8252364d6da159b4375111019174591dc1f2b046f370ed
+  metadata.gz: 89a291d8930edb905bae19949b253b645f7aaa319ff631fe0ec19da5133a363d0fcbbaa54e706e1f1495d8a219f8c4e2925309f9f22cfba94a531fb9413e3425
+  data.tar.gz: a89caa9abd9fbbcc088175b66949f945602a7758dc120b12a274bd0967ea41d9a42fc13b86561e51dfd269c33bb4174b6b024b499c2d98b93d0e7746b64f6dca

data/.travis.yml CHANGED

@@ -1,7 +1,12 @@
 language: ruby
-before_install: cd spec/rails-app && bundle install
+before_install:
+  - "find /home/travis/.rvm/rubies -wholename '*default/bundler-*.gemspec' -delete"
+  - rvm @global do gem uninstall bundler -a -x
+  - rvm @global do yes | gem install bundler -v '< 2.0.0'
+  - cd spec/rails-app && BUNDLE_GEMFILE=$TRAVIS_BUILD_DIR/spec/rails-app/Gemfile bundle install && cd ../..
 script: bundle exec rspec
 rvm:
+  - 2.6
   - 2.5
   - 2.4
   - 2.3
@@ -10,3 +15,4 @@ rvm:
 matrix:
   allow_failures:
     - rvm: ruby-head
+    - rvm: 2.2

data/CHANGELOG.md CHANGED

@@ -9,49 +9,84 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ...
+## [1.11.0] - 2019-02-01
+### Fixed
+- Corrects for label in verify_authy view (#103 thanks @mstruebing)
+- Corrects heading in verify_authy view (#104 thanks @mstruebing)
+### Changed
+- Allows you to define paths for request_sms and request_phone_call (#108 thanks @dedene)
+### Added
+- Now sets a distinct user agent through the Authy gem (#110)
 ## [1.10.0] - 2018-09-26
 ### Changed
 - Moves OneTouch approval request copy to locale file.
 ### Removed
 - Demo app now lives in its own repo
 ## [1.9.0] - 2018-09-04
 ### Fixed
 - Generated migration now includes version number for Rails 5
 ### Changed
 - Removes Jeweler in favour of administering the gemspec by hand
 - Removes demo app files from gem package
 ## [1.8.3] - 2018-07-05
 ### Fixed
 - Fixes Ruby interpolation in HAML for onetouch (thanks @muan)
 - Records Authy authentication after install verification (thanks @nukturnal)
 - Forgets remember device cookie when disabling Authy (thanks @senekis)
 ### Changed
 - Updated testing Rubies in CI
 ## Older releases
-__*The following releases happened before the changelog was started. Some history will be added for clarity.*__
+**_The following releases happened before the changelog was started. Some history will be added for clarity._**
 ## [1.8.2] - 2017-12-22
 ## [1.8.1] - 2016-12-06
 ## [1.8.0] - 2016-10-25
 ## [1.7.0] - 2015-12-22
 ## [1.6.0] - 2015-01-07
 ## [1.5.3] - 2014-06-11
 ## [1.5.2] - 2014-06-11
 ## [1.5.1] - 2014-04-24
 ## [1.5.0] - 2014-01-07
 ## [1.4.0] - 2013-12-17
 ## [1.3.0] - 2013-11-16
 ## [1.2.2] - 2013-09-04
 ## [1.2.1] - 2013-04-22
 ## [1.2.0] - 2013-04-22 [YANKED]
-## [1.0.0] - 2013-04-10
+## [1.0.0] - 2013-04-10

data/README.md CHANGED

@@ -38,17 +38,55 @@ Add `Devise Authy` to your App:
 ### Configuring Models
-Configure your Devise user model:
+You can add devise_authy to your user model in two ways.
-    rails g devise_authy [MODEL_NAME]
+#### With the generator
-or add the following line to your `User` model
+This is the easiest way and is recommended. Run the following command:
+```bash
+rails g devise_authy [MODEL_NAME]
+```
+#### Manually
+Add `:authy_authenticatable` to the `devise` options in your Devise user model:
 ```ruby
 devise :authy_authenticatable, :database_authenticatable
 ```
-Update the default routes to point to something like:
+Also add a new migration. For example, if you are adding to the `User` model, use this migration:
+```ruby
+class DeviseAuthyAddToUsers < ActiveRecord::Migration[5.2]
+  def self.up
+    change_table :users do |t|
+      t.string    :authy_id
+      t.datetime  :last_sign_in_with_authy
+      t.boolean   :authy_enabled, :default => false
+    end
+    add_index :users, :authy_id
+  end
+  def self.down
+    change_table :users do |t|
+      t.remove :authy_id, :last_sign_in_with_authy, :authy_enabled
+    end
+  end
+end
+```
+#### Final steps
+For either method above, run the migrations:
+```bash
+rake db:migrate
+```
+**[Optional]** Update the default routes to point to something like:
 ```ruby
 devise_for :users, :path_names => {
@@ -59,10 +97,6 @@ devise_for :users, :path_names => {
 }
 ```
-Then run the migrations:
-    rake db:migrate
 Now whenever a user wants to enable two-factor authentication they can go to:
     http://your-app/users/enable-two-factor
@@ -71,7 +105,6 @@ And when the user logs in they will be redirected to:
     http://your-app/users/verify-token
 ## Custom Views
 If you want to customise your views, you can modify the files that are located at:
@@ -118,7 +151,6 @@ And tell the router to use this controller
 devise_for :users, controllers: {devise_authy: 'my_custom_module/devise_authy'}
 ```
 ## I18n
 The install generator also copies a `Devise Authy` i18n file which you can find at:
@@ -145,10 +177,22 @@ To enable [Authy push authentication](https://www.twilio.com/authy/features/push
 config.authy_enable_onetouch = true
 ```
+## Rails 5 CSRF protection
+In Rails 5 `protect_from_forgery` is no longer prepended to the `before_action` chain. If you call `authenticate_user` before `protect_from_forgery` your request will result in a "Can't verify CSRF token authenticity" error.
+To remedy this, add `prepend: true` to your `protect_from_forgery` call, like in this example from the [Authy Devise demo app](https://github.com/twilio/authy-devise-demo):
+```ruby
+class ApplicationController < ActionController::Base
+  protect_from_forgery with: :exception, prepend: true
+end
+```
 ## Running Tests
 To prepare the tests run the following commands:
 ```bash
 $ cd spec/rails-app
 $ bundle install
@@ -156,6 +200,7 @@ $ RAILS_ENV=test bundle exec rake db:migrate
 ```
 Now on the project root run the following commands:
 ```bash
 $ bundle exec rspec spec/
 ```

data/app/views/devise/verify_authy.html.erb CHANGED

@@ -1,10 +1,10 @@
 <h2>
-  <%= I18n.t('authy_register_title', {:scope => 'devise'}) %>
+  <%= I18n.t('submit_token_title', {:scope => 'devise'}) %>
 </h2>
 <%= verify_authy_form do %>
   <legend><%= I18n.t('submit_token_title', {:scope => 'devise'}) %></legend>
-  <%= label_tag :token %>
+  <%= label_tag 'authy-token' %>
   <%= text_field_tag :token, "", :autocomplete => :off, :id => 'authy-token' %>
   <label>
     <%= check_box_tag :remember_device %>

data/app/views/devise/verify_authy.html.haml CHANGED

@@ -3,7 +3,7 @@
 = verify_authy_form do
   %legend= I18n.t('submit_token_title', {:scope => 'devise'})
   = hidden_field_tag :"#{resource_name}_id", @resource.id
-  = label_tag :token
+  = label_tag 'authy-token'
   = text_field_tag :token, "", :autocomplete => :off, :id => 'authy-token'
   %label
     = check_box_tag :remember_device

data/devise-authy.gemspec CHANGED

@@ -29,9 +29,9 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
   spec.add_dependency "devise", ">= 3.0.0"
-  spec.add_dependency "authy", ">= 2.7.2"
+  spec.add_dependency "authy", ">= 2.7.5"
-  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "bundler", ">= 1.16"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "yard", "~> 0.9.11"

data/lib/devise-authy.rb CHANGED

@@ -3,6 +3,8 @@ require 'active_support/core_ext/integer/time'
 require 'devise'
 require 'authy'
+Authy.user_agent = "DeviseAuthy/#{DeviseAuthy::VERSION} - #{Authy.user_agent}"
 module Devise
   mattr_accessor :authy_remember_device, :authy_enable_onetouch
   @@authy_remember_device = 1.month

data/lib/devise-authy/mapping.rb CHANGED

@@ -6,5 +6,12 @@ module DeviseAuthy
       options[:controllers][:passwords] ||= "devise_authy/passwords"
       super
     end
+    def default_path_names(options)
+      options[:path_names] ||= {}
+      options[:path_names][:request_sms] ||= 'request-sms'
+      options[:path_names][:request_phone_call] ||= 'request-phone-call'
+      super
+    end
   end
 end

data/lib/devise-authy/routes.rb CHANGED

@@ -16,8 +16,8 @@ module ActionDispatch::Routing
       match "/#{mapping.path_names[:authy_onetouch_status]}", :controller => controllers[:devise_authy], :action => :GET_authy_onetouch_status, as: :authy_onetouch_status, via: :get
-      match "/request-sms", :controller => controllers[:devise_authy], :action => :request_sms, :as => :request_sms, :via => :post
-      match "/request-phone-call", :controller => controllers[:devise_authy], :action => :request_phone_call, :as => :request_phone_call, :via => :post
+      match "/#{mapping.path_names[:request_sms]}", :controller => controllers[:devise_authy], :action => :request_sms, :as => :request_sms, :via => :post
+      match "/#{mapping.path_names[:request_phone_call]}", :controller => controllers[:devise_authy], :action => :request_phone_call, :as => :request_phone_call, :via => :post
     end
   end
 end

data/lib/devise-authy/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module DeviseAuthy
-  VERSION = '1.10.0'
+  VERSION = '1.11.0'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-authy
 version: !ruby/object:Gem::Version
-  version: 1.10.0
+  version: 1.11.0
 platform: ruby
 authors:
 - Authy Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-09-26 00:00:00.000000000 Z
+date: 2019-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -30,26 +30,26 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.7.2
+        version: 2.7.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.7.2
+        version: 2.7.5
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.16'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.16'
 - !ruby/object:Gem::Dependency
@@ -189,8 +189,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 3.0.1
 signing_key:
 specification_version: 4
 summary: Authy plugin for Devise.