devise-authy 2.1.0 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/app/controllers/devise/devise_authy_controller.rb +21 -8
- data/lib/devise-authy/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e9332df09a8a1b3e1a71ff775f2cccc75c573123eccb8a6830454cdc3ef3834d
|
|
4
|
+
data.tar.gz: a0e4f00b59ece3eefe9fee9c04c51227216e13f241ac24afe94c4ec361416443
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3d00cb1eb54d0169277b2e514431bb121f8c5e2dc6a565e07786a4866a29904b301a3730cdbff201f48d1ba5afb4c8b10249b75e9c8ab45da8a0022b9b1f64f9
|
|
7
|
+
data.tar.gz: 54596845d7b20034aa433497281d74135886f59828e9ae8026ae9fc43f0cfe2b4874cd90c4d69f8295ff76bc02ac7eaadb077fd53d1281354f7a3aa113dac65e
|
data/CHANGELOG.md
CHANGED
|
@@ -9,6 +9,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
|
9
9
|
|
|
10
10
|
...
|
|
11
11
|
|
|
12
|
+
## [2.2.0] - 2020-06-04
|
|
13
|
+
|
|
14
|
+
### Fixed
|
|
15
|
+
|
|
16
|
+
- Don't delete user in Authy if another user has the same authy_id (#144)
|
|
17
|
+
|
|
12
18
|
## [2.1.0] - 2020-05-05
|
|
13
19
|
|
|
14
20
|
### Added
|
|
@@ -80,18 +80,31 @@ class Devise::DeviseAuthyController < DeviseController
|
|
|
80
80
|
|
|
81
81
|
# Disable 2FA
|
|
82
82
|
def POST_disable_authy
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
83
|
+
authy_id = resource.authy_id
|
|
84
|
+
resource.assign_attributes(:authy_enabled => false, :authy_id => nil)
|
|
85
|
+
resource.save(:validate => false)
|
|
86
|
+
|
|
87
|
+
other_resource = resource.class.find_by(:authy_id => authy_id)
|
|
88
|
+
if other_resource
|
|
89
|
+
# If another resource has the same authy_id, do not delete the user from
|
|
90
|
+
# the API.
|
|
88
91
|
forget_device
|
|
89
|
-
|
|
90
92
|
set_flash_message(:notice, :disabled)
|
|
91
93
|
else
|
|
92
|
-
|
|
94
|
+
response = Authy::API.delete_user(:id => authy_id)
|
|
95
|
+
if response.ok?
|
|
96
|
+
forget_device
|
|
97
|
+
set_flash_message(:notice, :disabled)
|
|
98
|
+
else
|
|
99
|
+
# If deleting the user from the API fails, set everything back to what
|
|
100
|
+
# it was before.
|
|
101
|
+
# I'm not sure this is a good idea, but it was existing behaviour.
|
|
102
|
+
# Could be changed in a major version bump.
|
|
103
|
+
resource.assign_attributes(:authy_enabled => true, :authy_id => authy_id)
|
|
104
|
+
resource.save(:validate => false)
|
|
105
|
+
set_flash_message(:error, :not_disabled)
|
|
106
|
+
end
|
|
93
107
|
end
|
|
94
|
-
|
|
95
108
|
redirect_to after_authy_disabled_path_for(resource)
|
|
96
109
|
end
|
|
97
110
|
|
data/lib/devise-authy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-authy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Authy Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-06-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -334,7 +334,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
334
334
|
- !ruby/object:Gem::Version
|
|
335
335
|
version: '0'
|
|
336
336
|
requirements: []
|
|
337
|
-
rubygems_version: 3.1
|
|
337
|
+
rubygems_version: 3.0.1
|
|
338
338
|
signing_key:
|
|
339
339
|
specification_version: 4
|
|
340
340
|
summary: Authy plugin for Devise.
|