RubyGems - devise-authy - Versions diffs - 2.0.0 → 2.1.0 - Mend

devise-authy 2.0.0 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/README.md +32 -0
data/app/controllers/devise/devise_authy_controller.rb +25 -4
data/app/views/devise/verify_authy_installation.html.erb +10 -2
data/app/views/devise/verify_authy_installation.html.haml +8 -0
data/config/locales/en.yml +3 -0
data/lib/devise-authy.rb +2 -1
data/lib/devise-authy/models/authy_authenticatable.rb +1 -1
data/lib/devise-authy/version.rb +1 -1
data/lib/generators/devise_authy/install_generator.rb +4 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2e4605d43bd76b7bc628abeb1ad46fae6c335241c041a11449433464c1b7f5c9
-  data.tar.gz: b1a97ed334eee3ffa144ddae1dbcf5e27252323d6a664724f9af18f5b6c86d72
+  metadata.gz: d4f3037c59b58a0f6ea5fc01507fbb2d51507e3789d63091d6bd423b519f5c90
+  data.tar.gz: 6179f363940646a8999c41e7d79ee9d0312ad8f92a8f27dff847671592209768
 SHA512:
-  metadata.gz: d7f7b748fbce51edb4872f8ad5963db2733d6f5d64852d6d1f2bd08971f2efc745045bc913f7c4d209b21a8ea98c65171d75faac9be83b30357454dfe7a31dee
-  data.tar.gz: 45eb0893def214fbd29e1df818c59415336d725ac1f62359d9e55c99cc480ea2dcf94564f602aa4922b95eb1a5e0a08a339407552e79c40effa062846ba7e469
+  metadata.gz: 419576acca17cdd33d539058f575c1755b36ff9aa43e1f116c7ce4249697beb19d067e1d07d3bae0ebe49755a7fe9e1adc0ee65c37c416d8fbbf4c3bc4c311ae
+  data.tar.gz: 50dbbacafb7f53a7d3993eb9272de6a6ff275115d07272356ec814501657a896341358eb797513869f7407d8490c599278eda25736ecc6d629a745ad4233699d

data/CHANGELOG.md CHANGED

@@ -9,6 +9,16 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ...
+## [2.1.0] - 2020-05-05
+### Added
+- Support for generic authenticator tokens (#141)
+### Fixed
+- Can remember device when enabling 2FA for the first time (#139)
 ## [2.0.0] - 2020-04-28
 Releasing this as version 2 because there is a significant change in dependencies. Minimum version of Rails is now 5 and of Devise is now 4. Otherwise the gem should work as before.

data/README.md CHANGED

@@ -2,6 +2,24 @@
 This is a [Devise](https://github.com/plataformatec/devise) extension to add [Two-Factor Authentication with Authy](https://www.twilio.com/docs/authy) to your Rails application.
+* [Pre-requisites](#pre-requisites)
+* [Demo](#demo)
+* [Getting started](#getting-started)
+  * [Configuring Models](#configuring-models)
+    * [With the generator](#with-the-generator)
+    * [Manually](#manually)
+    * [Final steps](#final-steps)
+* [Custom Views](#custom-views)
+  * [Request a phone call](#request-a-phone-call)
+* [Custom Redirect Paths (eg. using modules)](#custom-redirect-paths-eg-using-modules)
+* [I18n](#i18n)
+* [Session variables](#session-variables)
+* [OneTouch support](#onetouch-support)
+* [Generic authenticator token support](#generic-authenticator-token-support)
+* [Rails 5 CSRF protection](#rails-5-csrf-protection)
+* [Running Tests](#running-tests)
+* [Copyright](#copyright)
 ## Pre-requisites
 To use the Authy API you will need a Twilio Account, [sign up for a free Twilio account here](https://www.twilio.com/try-twilio).
@@ -177,6 +195,20 @@ To enable [Authy push authentication](https://www.twilio.com/authy/features/push
 config.authy_enable_onetouch = true
 ```
+## Generic authenticator token support
+Authy supports other authenticator apps by providing a QR code that your users can scan.
+> **To use this feature, you need to enable it in your [Twilio Console](https://www.twilio.com/console/authy/applications)**
+Once you have enabled generic authenticator tokens, you can enable this in devise-authy by modifying the Devise config file `config/initializers/devise.rb` and adding the configuration:
+```
+config.authy_enable_qr_code = true
+```
+This will display a QR code on the verification screen (you still need to take a user's phone number and country code). If you have implemented your own views, the QR code URL is available on the verification page as `@authy_qr_code`.
 ## Rails 5 CSRF protection
 In Rails 5 `protect_from_forgery` is no longer prepended to the `before_action` chain. If you call `authenticate_user` before `protect_from_forgery` your request will result in a "Can't verify CSRF token authenticity" error.

data/app/controllers/devise/devise_authy_controller.rb CHANGED

@@ -6,6 +6,14 @@ class Devise::DeviseAuthyController < DeviseController
     :GET_verify_authy, :POST_verify_authy, :GET_authy_onetouch_status
   ]
+  prepend_before_action :check_resource_has_authy_id, :only => [
+    :GET_verify_authy_installation, :POST_verify_authy_installation
+  ]
+  prepend_before_action :check_resource_not_authy_enabled, :only => [
+    :GET_verify_authy_installation, :POST_verify_authy_installation
+  ]
   prepend_before_action :authenticate_scope!, :only => [
     :GET_enable_authy, :POST_enable_authy, :GET_verify_authy_installation,
     :POST_verify_authy_installation, :POST_disable_authy
@@ -59,13 +67,11 @@ class Devise::DeviseAuthyController < DeviseController
     if @authy_user.ok?
       resource.authy_id = @authy_user.id
       if resource.save
-        set_flash_message(:notice, :enabled)
+        redirect_to [resource_name, :verify_authy_installation] and return
       else
         set_flash_message(:error, :not_enabled)
         redirect_to after_authy_enabled_path_for(resource) and return
       end
-      redirect_to [resource_name, :verify_authy_installation]
     else
       set_flash_message(:error, :not_enabled)
       render :enable_authy
@@ -90,6 +96,10 @@ class Devise::DeviseAuthyController < DeviseController
   end
   def GET_verify_authy_installation
+    if resource_class.authy_enable_qr_code
+      response = Authy::API.request_qr_code(id: resource.authy_id)
+      @authy_qr_code = response.qr_code
+    end
     render :verify_authy_installation
   end
@@ -103,6 +113,7 @@ class Devise::DeviseAuthyController < DeviseController
     self.resource.authy_enabled = token.ok?
     if token.ok? && self.resource.save
+      remember_device(@resource.id) if params[:remember_device].to_i == 1
       record_authy_authentication
       set_flash_message(:notice, :enabled)
       redirect_to after_authy_verified_path_for(resource)
@@ -112,7 +123,7 @@ class Devise::DeviseAuthyController < DeviseController
   end
   def GET_authy_onetouch_status
-    response =  Authy::API.get_request("onetouch/json/approval_requests/#{params[:onetouch_uuid]}")
+    response = Authy::OneTouch.approval_request_status(:uuid => params[:onetouch_uuid])
     status = response.dig('approval_request', 'status')
     case status
     when 'pending'
@@ -173,6 +184,16 @@ class Devise::DeviseAuthyController < DeviseController
     end
   end
+  def check_resource_has_authy_id
+    redirect_to [resource_name, :enable_authy] if !resource.authy_id
+  end
+  def check_resource_not_authy_enabled
+    if resource.authy_id && resource.authy_enabled
+      redirect_to after_authy_verified_path_for(resource)
+    end
+  end
   protected
   def after_authy_enabled_path_for(resource)

data/app/views/devise/verify_authy_installation.html.erb CHANGED

@@ -1,10 +1,18 @@
 <h2><%= I18n.t('authy_verify_installation_title', {:scope => 'devise'}) %></h2>
+<% if @authy_qr_code %>
+  <%= image_tag @authy_qr_code, :size => '256x256', :alt => I18n.t('authy_qr_code_alt', {:scope => 'devise'}) %>
+  <p><%= I18n.t('authy_qr_code_instructions', {:scope => 'devise'}) %></p>
+<% end %>
 <%= verify_authy_installation_form do %>
   <legend><%= I18n.t('submit_token_title', {:scope => 'devise'}) %></legend>
   <%= label_tag :token %>
   <%= text_field_tag :token, "", :autocomplete => "one-time-code", :inputmode => "numeric", :pattern => "[0-9]*", :id => 'authy-token' %>
+  <label>
+    <%= check_box_tag :remember_device %>
+    <span><%= I18n.t('remember_device', {:scope => 'devise'}) %></span>
+  </label>
   <%= authy_request_sms_link %>
   <%= submit_tag I18n.t('enable_my_account', {:scope => 'devise'}), :class => 'btn' %>
-<% end %>
+<% end %>

data/app/views/devise/verify_authy_installation.html.haml CHANGED

@@ -1,8 +1,16 @@
 %h2= I18n.t('authy_verify_installation_title', {:scope => 'devise'})
+- if @authy_qr_code
+  = image_tag @authy_qr_code, :size => '256x256', :alt => I18n.t('authy_qr_code_alt', {:scope => 'devise'})
+  %p= I18n.t('authy_qr_code_instructions', {:scope => 'devise'})
 = verify_authy_installation_form do
   %legend= I18n.t('submit_token_title', {:scope => 'devise'})
   = label_tag :token
   = text_field_tag :token, "", :autocomplete => "one-time-code", :inputmode => "numeric", :pattern => "[0-9]*", :id => 'authy-token'
+  %label
+    = check_box_tag :remember_device
+    %span= I18n.t('remember_device', {:scope => 'devise'})
   = authy_request_sms_link
   = submit_tag I18n.t('enable_my_account', {:scope => 'devise'}), :class => 'btn'

data/config/locales/en.yml CHANGED

@@ -14,6 +14,9 @@ en:
     authy_verify_installation_title: 'Verify your account'
     enable_my_account: 'Enable my account'
+    authy_qr_code_alt: 'QR code for scanning with your authenticator app.'
+    authy_qr_code_instructions: 'Scan this QR code with your authenticator application and enter the code below.'
     devise_authy:
       user:
         enabled: 'Two factor authentication was enabled'

data/lib/devise-authy.rb CHANGED

@@ -4,9 +4,10 @@ require 'devise'
 require 'authy'
 module Devise
-  mattr_accessor :authy_remember_device, :authy_enable_onetouch
+  mattr_accessor :authy_remember_device, :authy_enable_onetouch, :authy_enable_qr_code
   @@authy_remember_device = 1.month
   @@authy_enable_onetouch = false
+  @@authy_enable_qr_code = false
 end
 module DeviseAuthy

data/lib/devise-authy/models/authy_authenticatable.rb CHANGED

@@ -17,7 +17,7 @@ module Devise
           where(authy_id: authy_id).first
         end
-        Devise::Models.config(self, :authy_remember_device, :authy_enable_onetouch)
+        Devise::Models.config(self, :authy_remember_device, :authy_enable_onetouch, :authy_enable_qr_code)
       end
     end
   end

data/lib/devise-authy/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module DeviseAuthy
-  VERSION = '2.0.0'
+  VERSION = '2.1.0'
 end

data/lib/generators/devise_authy/install_generator.rb CHANGED

@@ -17,7 +17,10 @@ module DeviseAuthy
         "  # How long should the user's device be remembered for.\n" +
         "  # config.authy_remember_device = 1.month\n\n" +
         "  # Should Authy OneTouch be enabled?\n" +
-        "  # config.authy_enable_onetouch = false\n\n", :after => "Devise.setup do |config|\n"
+        "  # config.authy_enable_onetouch = false\n\n" +
+        "  # Should generating QR codes for other authenticator apps be enabled?\n" +
+        "  # Note: you need to enable this in your Twilio console.\n" +
+        "  # config.authy_enable_qr_code = false\n\n", :after => "Devise.setup do |config|\n"
       end
       def add_initializer

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-authy
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Authy Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-28 00:00:00.000000000 Z
+date: 2020-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise