devise-otp 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/workflows/ci.yml +36 -0
- data/.gitignore +0 -0
- data/Gemfile +1 -22
- data/LICENSE.txt +0 -0
- data/README.md +43 -66
- data/Rakefile +0 -0
- data/app/assets/javascripts/devise-otp.js +1 -0
- data/app/assets/javascripts/qrcode.js +609 -0
- data/app/controllers/devise_otp/devise/credentials_controller.rb +102 -0
- data/app/controllers/devise_otp/devise/tokens_controller.rb +112 -0
- data/app/views/devise/credentials/refresh.html.erb +19 -0
- data/app/views/devise/credentials/show.html.erb +31 -0
- data/app/views/devise/tokens/_token_secret.html.erb +23 -0
- data/app/views/devise/tokens/_trusted_devices.html.erb +12 -0
- data/app/views/devise/tokens/recovery.html.erb +21 -0
- data/app/views/devise/tokens/recovery_codes.text.erb +3 -0
- data/app/views/devise/tokens/show.html.erb +21 -0
- data/config/locales/en.yml +10 -10
- data/devise-otp.gemspec +14 -9
- data/docs/QR_CODES.md +48 -0
- data/lib/devise-otp/version.rb +1 -1
- data/lib/devise-otp.rb +22 -14
- data/lib/devise_otp_authenticatable/controllers/helpers.rb +29 -16
- data/lib/devise_otp_authenticatable/controllers/url_helpers.rb +6 -9
- data/lib/devise_otp_authenticatable/engine.rb +22 -13
- data/lib/devise_otp_authenticatable/hooks/sessions.rb +8 -7
- data/lib/devise_otp_authenticatable/hooks.rb +1 -1
- data/lib/devise_otp_authenticatable/models/otp_authenticatable.rb +28 -28
- data/lib/devise_otp_authenticatable/routes.rb +9 -10
- data/lib/generators/active_record/devise_otp_generator.rb +1 -1
- data/lib/generators/active_record/templates/migration.rb +1 -2
- data/lib/generators/devise_otp/devise_otp_generator.rb +0 -0
- data/lib/generators/devise_otp/install_generator.rb +30 -5
- data/lib/generators/devise_otp/views_generator.rb +2 -3
- data/test/dummy/README.rdoc +0 -0
- data/test/dummy/Rakefile +0 -0
- data/test/dummy/app/assets/config/manifest.js +2 -0
- data/test/dummy/app/assets/javascripts/application.js +1 -0
- data/test/dummy/app/assets/stylesheets/application.css +0 -0
- data/test/dummy/app/controllers/application_controller.rb +1 -1
- data/test/dummy/app/controllers/posts_controller.rb +2 -0
- data/test/dummy/app/helpers/application_helper.rb +0 -0
- data/test/dummy/app/helpers/posts_helper.rb +0 -0
- data/test/dummy/app/mailers/.gitkeep +0 -0
- data/test/dummy/app/models/post.rb +0 -0
- data/test/dummy/app/models/user.rb +1 -1
- data/test/dummy/app/views/layouts/application.html.erb +0 -0
- data/test/dummy/app/views/posts/_form.html.erb +0 -0
- data/test/dummy/app/views/posts/edit.html.erb +0 -0
- data/test/dummy/app/views/posts/index.html.erb +0 -0
- data/test/dummy/app/views/posts/new.html.erb +0 -0
- data/test/dummy/app/views/posts/show.html.erb +0 -0
- data/test/dummy/config/application.rb +2 -1
- data/test/dummy/config/boot.rb +0 -0
- data/test/dummy/config/database.yml +1 -1
- data/test/dummy/config/environment.rb +0 -0
- data/test/dummy/config/environments/development.rb +0 -7
- data/test/dummy/config/environments/production.rb +0 -4
- data/test/dummy/config/environments/test.rb +0 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +0 -0
- data/test/dummy/config/initializers/devise.rb +0 -0
- data/test/dummy/config/initializers/inflections.rb +0 -0
- data/test/dummy/config/initializers/mime_types.rb +0 -0
- data/test/dummy/config/initializers/secret_token.rb +0 -0
- data/test/dummy/config/initializers/session_store.rb +0 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +0 -0
- data/test/dummy/config/locales/en.yml +0 -0
- data/test/dummy/config/routes.rb +0 -0
- data/test/dummy/config.ru +0 -0
- data/test/dummy/db/migrate/20130125101430_create_users.rb +1 -1
- data/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb +1 -1
- data/test/dummy/db/migrate/20130131142320_create_posts.rb +1 -1
- data/test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb +2 -2
- data/test/dummy/db/test.sqlite3-journal +0 -0
- data/test/dummy/lib/assets/.gitkeep +0 -0
- data/test/dummy/public/404.html +0 -0
- data/test/dummy/public/422.html +0 -0
- data/test/dummy/public/500.html +0 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/integration/persistence_test.rb +81 -0
- data/test/integration/refresh_test.rb +2 -18
- data/test/integration/sign_in_test.rb +14 -4
- data/test/integration/token_test.rb +31 -0
- data/test/integration_tests_helper.rb +19 -2
- data/test/model_tests_helper.rb +0 -0
- data/test/models/otp_authenticatable_test.rb +14 -9
- data/test/orm/active_record.rb +3 -1
- data/test/test_helper.rb +71 -2
- metadata +135 -24
- data/.travis.yml +0 -11
- data/app/controllers/devise_otp/credentials_controller.rb +0 -106
- data/app/controllers/devise_otp/tokens_controller.rb +0 -105
- data/app/views/devise_otp/credentials/refresh.html.erb +0 -20
- data/app/views/devise_otp/credentials/show.html.erb +0 -23
- data/app/views/devise_otp/tokens/_token_secret.html.erb +0 -17
- data/app/views/devise_otp/tokens/recovery.html.erb +0 -21
- data/app/views/devise_otp/tokens/show.html.erb +0 -31
- data/lib/devise_otp_authenticatable/mapping.rb +0 -19
metadata
CHANGED
|
@@ -1,14 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-otp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lele Forzani
|
|
8
|
-
|
|
8
|
+
- Josef Strzibny
|
|
9
|
+
autorequire:
|
|
9
10
|
bindir: bin
|
|
10
11
|
cert_chain: []
|
|
11
|
-
date:
|
|
12
|
+
date: 2022-03-19 00:00:00.000000000 Z
|
|
12
13
|
dependencies:
|
|
13
14
|
- !ruby/object:Gem::Dependency
|
|
14
15
|
name: rails
|
|
@@ -16,40 +17,40 @@ dependencies:
|
|
|
16
17
|
requirements:
|
|
17
18
|
- - ">="
|
|
18
19
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
20
|
+
version: '7.0'
|
|
20
21
|
- - "<"
|
|
21
22
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '
|
|
23
|
+
version: '7.1'
|
|
23
24
|
type: :runtime
|
|
24
25
|
prerelease: false
|
|
25
26
|
version_requirements: !ruby/object:Gem::Requirement
|
|
26
27
|
requirements:
|
|
27
28
|
- - ">="
|
|
28
29
|
- !ruby/object:Gem::Version
|
|
29
|
-
version:
|
|
30
|
+
version: '7.0'
|
|
30
31
|
- - "<"
|
|
31
32
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '
|
|
33
|
+
version: '7.1'
|
|
33
34
|
- !ruby/object:Gem::Dependency
|
|
34
35
|
name: devise
|
|
35
36
|
requirement: !ruby/object:Gem::Requirement
|
|
36
37
|
requirements:
|
|
37
38
|
- - ">="
|
|
38
39
|
- !ruby/object:Gem::Version
|
|
39
|
-
version:
|
|
40
|
+
version: 4.8.0
|
|
40
41
|
- - "<"
|
|
41
42
|
- !ruby/object:Gem::Version
|
|
42
|
-
version: 4.
|
|
43
|
+
version: 4.9.0
|
|
43
44
|
type: :runtime
|
|
44
45
|
prerelease: false
|
|
45
46
|
version_requirements: !ruby/object:Gem::Requirement
|
|
46
47
|
requirements:
|
|
47
48
|
- - ">="
|
|
48
49
|
- !ruby/object:Gem::Version
|
|
49
|
-
version:
|
|
50
|
+
version: 4.8.0
|
|
50
51
|
- - "<"
|
|
51
52
|
- !ruby/object:Gem::Version
|
|
52
|
-
version: 4.
|
|
53
|
+
version: 4.9.0
|
|
53
54
|
- !ruby/object:Gem::Dependency
|
|
54
55
|
name: rotp
|
|
55
56
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -64,6 +65,104 @@ dependencies:
|
|
|
64
65
|
- - ">="
|
|
65
66
|
- !ruby/object:Gem::Version
|
|
66
67
|
version: 2.0.0
|
|
68
|
+
- !ruby/object:Gem::Dependency
|
|
69
|
+
name: capybara
|
|
70
|
+
requirement: !ruby/object:Gem::Requirement
|
|
71
|
+
requirements:
|
|
72
|
+
- - ">="
|
|
73
|
+
- !ruby/object:Gem::Version
|
|
74
|
+
version: '0'
|
|
75
|
+
type: :development
|
|
76
|
+
prerelease: false
|
|
77
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
78
|
+
requirements:
|
|
79
|
+
- - ">="
|
|
80
|
+
- !ruby/object:Gem::Version
|
|
81
|
+
version: '0'
|
|
82
|
+
- !ruby/object:Gem::Dependency
|
|
83
|
+
name: cuprite
|
|
84
|
+
requirement: !ruby/object:Gem::Requirement
|
|
85
|
+
requirements:
|
|
86
|
+
- - ">="
|
|
87
|
+
- !ruby/object:Gem::Version
|
|
88
|
+
version: '0'
|
|
89
|
+
type: :development
|
|
90
|
+
prerelease: false
|
|
91
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
92
|
+
requirements:
|
|
93
|
+
- - ">="
|
|
94
|
+
- !ruby/object:Gem::Version
|
|
95
|
+
version: '0'
|
|
96
|
+
- !ruby/object:Gem::Dependency
|
|
97
|
+
name: minitest-reporters
|
|
98
|
+
requirement: !ruby/object:Gem::Requirement
|
|
99
|
+
requirements:
|
|
100
|
+
- - ">="
|
|
101
|
+
- !ruby/object:Gem::Version
|
|
102
|
+
version: 0.5.0
|
|
103
|
+
type: :development
|
|
104
|
+
prerelease: false
|
|
105
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
106
|
+
requirements:
|
|
107
|
+
- - ">="
|
|
108
|
+
- !ruby/object:Gem::Version
|
|
109
|
+
version: 0.5.0
|
|
110
|
+
- !ruby/object:Gem::Dependency
|
|
111
|
+
name: puma
|
|
112
|
+
requirement: !ruby/object:Gem::Requirement
|
|
113
|
+
requirements:
|
|
114
|
+
- - ">="
|
|
115
|
+
- !ruby/object:Gem::Version
|
|
116
|
+
version: '0'
|
|
117
|
+
type: :development
|
|
118
|
+
prerelease: false
|
|
119
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
120
|
+
requirements:
|
|
121
|
+
- - ">="
|
|
122
|
+
- !ruby/object:Gem::Version
|
|
123
|
+
version: '0'
|
|
124
|
+
- !ruby/object:Gem::Dependency
|
|
125
|
+
name: rdoc
|
|
126
|
+
requirement: !ruby/object:Gem::Requirement
|
|
127
|
+
requirements:
|
|
128
|
+
- - ">="
|
|
129
|
+
- !ruby/object:Gem::Version
|
|
130
|
+
version: '0'
|
|
131
|
+
type: :development
|
|
132
|
+
prerelease: false
|
|
133
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
134
|
+
requirements:
|
|
135
|
+
- - ">="
|
|
136
|
+
- !ruby/object:Gem::Version
|
|
137
|
+
version: '0'
|
|
138
|
+
- !ruby/object:Gem::Dependency
|
|
139
|
+
name: shoulda
|
|
140
|
+
requirement: !ruby/object:Gem::Requirement
|
|
141
|
+
requirements:
|
|
142
|
+
- - ">="
|
|
143
|
+
- !ruby/object:Gem::Version
|
|
144
|
+
version: '0'
|
|
145
|
+
type: :development
|
|
146
|
+
prerelease: false
|
|
147
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
148
|
+
requirements:
|
|
149
|
+
- - ">="
|
|
150
|
+
- !ruby/object:Gem::Version
|
|
151
|
+
version: '0'
|
|
152
|
+
- !ruby/object:Gem::Dependency
|
|
153
|
+
name: sprockets-rails
|
|
154
|
+
requirement: !ruby/object:Gem::Requirement
|
|
155
|
+
requirements:
|
|
156
|
+
- - ">="
|
|
157
|
+
- !ruby/object:Gem::Version
|
|
158
|
+
version: '0'
|
|
159
|
+
type: :development
|
|
160
|
+
prerelease: false
|
|
161
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
162
|
+
requirements:
|
|
163
|
+
- - ">="
|
|
164
|
+
- !ruby/object:Gem::Version
|
|
165
|
+
version: '0'
|
|
67
166
|
- !ruby/object:Gem::Dependency
|
|
68
167
|
name: sqlite3
|
|
69
168
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -81,25 +180,31 @@ dependencies:
|
|
|
81
180
|
description: Time Based OTP/rfc6238 compatible authentication for Devise
|
|
82
181
|
email:
|
|
83
182
|
- lele@windmill.it
|
|
183
|
+
- strzibny@strzibny.name
|
|
84
184
|
executables: []
|
|
85
185
|
extensions: []
|
|
86
186
|
extra_rdoc_files: []
|
|
87
187
|
files:
|
|
188
|
+
- ".github/workflows/ci.yml"
|
|
88
189
|
- ".gitignore"
|
|
89
|
-
- ".travis.yml"
|
|
90
190
|
- Gemfile
|
|
91
191
|
- LICENSE.txt
|
|
92
192
|
- README.md
|
|
93
193
|
- Rakefile
|
|
94
|
-
- app/
|
|
95
|
-
- app/
|
|
96
|
-
- app/
|
|
97
|
-
- app/
|
|
98
|
-
- app/views/
|
|
99
|
-
- app/views/
|
|
100
|
-
- app/views/
|
|
194
|
+
- app/assets/javascripts/devise-otp.js
|
|
195
|
+
- app/assets/javascripts/qrcode.js
|
|
196
|
+
- app/controllers/devise_otp/devise/credentials_controller.rb
|
|
197
|
+
- app/controllers/devise_otp/devise/tokens_controller.rb
|
|
198
|
+
- app/views/devise/credentials/refresh.html.erb
|
|
199
|
+
- app/views/devise/credentials/show.html.erb
|
|
200
|
+
- app/views/devise/tokens/_token_secret.html.erb
|
|
201
|
+
- app/views/devise/tokens/_trusted_devices.html.erb
|
|
202
|
+
- app/views/devise/tokens/recovery.html.erb
|
|
203
|
+
- app/views/devise/tokens/recovery_codes.text.erb
|
|
204
|
+
- app/views/devise/tokens/show.html.erb
|
|
101
205
|
- config/locales/en.yml
|
|
102
206
|
- devise-otp.gemspec
|
|
207
|
+
- docs/QR_CODES.md
|
|
103
208
|
- lib/devise-otp.rb
|
|
104
209
|
- lib/devise-otp/version.rb
|
|
105
210
|
- lib/devise_otp_authenticatable/controllers/helpers.rb
|
|
@@ -107,7 +212,6 @@ files:
|
|
|
107
212
|
- lib/devise_otp_authenticatable/engine.rb
|
|
108
213
|
- lib/devise_otp_authenticatable/hooks.rb
|
|
109
214
|
- lib/devise_otp_authenticatable/hooks/sessions.rb
|
|
110
|
-
- lib/devise_otp_authenticatable/mapping.rb
|
|
111
215
|
- lib/devise_otp_authenticatable/models/otp_authenticatable.rb
|
|
112
216
|
- lib/devise_otp_authenticatable/routes.rb
|
|
113
217
|
- lib/generators/active_record/devise_otp_generator.rb
|
|
@@ -117,6 +221,7 @@ files:
|
|
|
117
221
|
- lib/generators/devise_otp/views_generator.rb
|
|
118
222
|
- test/dummy/README.rdoc
|
|
119
223
|
- test/dummy/Rakefile
|
|
224
|
+
- test/dummy/app/assets/config/manifest.js
|
|
120
225
|
- test/dummy/app/assets/javascripts/application.js
|
|
121
226
|
- test/dummy/app/assets/stylesheets/application.css
|
|
122
227
|
- test/dummy/app/controllers/application_controller.rb
|
|
@@ -153,14 +258,17 @@ files:
|
|
|
153
258
|
- test/dummy/db/migrate/20130131092406_add_devise_to_users.rb
|
|
154
259
|
- test/dummy/db/migrate/20130131142320_create_posts.rb
|
|
155
260
|
- test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb
|
|
261
|
+
- test/dummy/db/test.sqlite3-journal
|
|
156
262
|
- test/dummy/lib/assets/.gitkeep
|
|
157
263
|
- test/dummy/public/404.html
|
|
158
264
|
- test/dummy/public/422.html
|
|
159
265
|
- test/dummy/public/500.html
|
|
160
266
|
- test/dummy/public/favicon.ico
|
|
161
267
|
- test/dummy/script/rails
|
|
268
|
+
- test/integration/persistence_test.rb
|
|
162
269
|
- test/integration/refresh_test.rb
|
|
163
270
|
- test/integration/sign_in_test.rb
|
|
271
|
+
- test/integration/token_test.rb
|
|
164
272
|
- test/integration_tests_helper.rb
|
|
165
273
|
- test/model_tests_helper.rb
|
|
166
274
|
- test/models/otp_authenticatable_test.rb
|
|
@@ -169,7 +277,7 @@ files:
|
|
|
169
277
|
homepage: http://git.windmill.it/wm/devise-otp
|
|
170
278
|
licenses: []
|
|
171
279
|
metadata: {}
|
|
172
|
-
post_install_message:
|
|
280
|
+
post_install_message:
|
|
173
281
|
rdoc_options: []
|
|
174
282
|
require_paths:
|
|
175
283
|
- lib
|
|
@@ -184,14 +292,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
184
292
|
- !ruby/object:Gem::Version
|
|
185
293
|
version: '0'
|
|
186
294
|
requirements: []
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
signing_key:
|
|
295
|
+
rubygems_version: 3.2.32
|
|
296
|
+
signing_key:
|
|
190
297
|
specification_version: 4
|
|
191
298
|
summary: Time Based OTP/rfc6238 compatible authentication for Devise
|
|
192
299
|
test_files:
|
|
193
300
|
- test/dummy/README.rdoc
|
|
194
301
|
- test/dummy/Rakefile
|
|
302
|
+
- test/dummy/app/assets/config/manifest.js
|
|
195
303
|
- test/dummy/app/assets/javascripts/application.js
|
|
196
304
|
- test/dummy/app/assets/stylesheets/application.css
|
|
197
305
|
- test/dummy/app/controllers/application_controller.rb
|
|
@@ -228,14 +336,17 @@ test_files:
|
|
|
228
336
|
- test/dummy/db/migrate/20130131092406_add_devise_to_users.rb
|
|
229
337
|
- test/dummy/db/migrate/20130131142320_create_posts.rb
|
|
230
338
|
- test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb
|
|
339
|
+
- test/dummy/db/test.sqlite3-journal
|
|
231
340
|
- test/dummy/lib/assets/.gitkeep
|
|
232
341
|
- test/dummy/public/404.html
|
|
233
342
|
- test/dummy/public/422.html
|
|
234
343
|
- test/dummy/public/500.html
|
|
235
344
|
- test/dummy/public/favicon.ico
|
|
236
345
|
- test/dummy/script/rails
|
|
346
|
+
- test/integration/persistence_test.rb
|
|
237
347
|
- test/integration/refresh_test.rb
|
|
238
348
|
- test/integration/sign_in_test.rb
|
|
349
|
+
- test/integration/token_test.rb
|
|
239
350
|
- test/integration_tests_helper.rb
|
|
240
351
|
- test/model_tests_helper.rb
|
|
241
352
|
- test/models/otp_authenticatable_test.rb
|
data/.travis.yml
DELETED
|
@@ -1,106 +0,0 @@
|
|
|
1
|
-
class DeviseOtp::CredentialsController < DeviseController
|
|
2
|
-
helper_method :new_session_path
|
|
3
|
-
|
|
4
|
-
prepend_before_filter :authenticate_scope!, :only => [:get_refresh, :set_refresh]
|
|
5
|
-
prepend_before_filter :require_no_authentication, :only => [ :show, :update ]
|
|
6
|
-
|
|
7
|
-
#
|
|
8
|
-
# show a request for the OTP token
|
|
9
|
-
#
|
|
10
|
-
def show
|
|
11
|
-
@challenge = params[:challenge]
|
|
12
|
-
@recovery = (params[:recovery] == 'true') && recovery_enabled?
|
|
13
|
-
|
|
14
|
-
if @challenge.nil?
|
|
15
|
-
redirect_to :root
|
|
16
|
-
|
|
17
|
-
else
|
|
18
|
-
self.resource = resource_class.find_valid_otp_challenge(@challenge)
|
|
19
|
-
if resource.nil?
|
|
20
|
-
redirect_to :root
|
|
21
|
-
elsif @recovery
|
|
22
|
-
@recovery_count = resource.otp_recovery_counter
|
|
23
|
-
render :show
|
|
24
|
-
else
|
|
25
|
-
render :show
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
#
|
|
31
|
-
# signs the resource in, if the OTP token is valid and the user has a valid challenge
|
|
32
|
-
#
|
|
33
|
-
def update
|
|
34
|
-
|
|
35
|
-
resource = resource_class.find_valid_otp_challenge(params[resource_name][:challenge])
|
|
36
|
-
recovery = (params[resource_name][:recovery] == 'true') && recovery_enabled?
|
|
37
|
-
token = params[resource_name][:token]
|
|
38
|
-
|
|
39
|
-
if token.blank?
|
|
40
|
-
otp_set_flash_message(:alert, :token_blank)
|
|
41
|
-
redirect_to otp_credential_path_for(resource_name, :challenge => params[resource_name][:challenge],
|
|
42
|
-
:recovery => recovery)
|
|
43
|
-
elsif resource.nil?
|
|
44
|
-
otp_set_flash_message(:alert, :otp_session_invalid)
|
|
45
|
-
redirect_to new_session_path(resource_name)
|
|
46
|
-
else
|
|
47
|
-
if resource.otp_challenge_valid? && resource.validate_otp_token(params[resource_name][:token], recovery)
|
|
48
|
-
set_flash_message(:success, :signed_in) if is_navigational_format?
|
|
49
|
-
sign_in(resource_name, resource)
|
|
50
|
-
|
|
51
|
-
otp_refresh_credentials_for(resource)
|
|
52
|
-
respond_with resource, :location => after_sign_in_path_for(resource)
|
|
53
|
-
else
|
|
54
|
-
otp_set_flash_message :alert, :token_invalid
|
|
55
|
-
redirect_to new_session_path(resource_name)
|
|
56
|
-
end
|
|
57
|
-
end
|
|
58
|
-
end
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
#
|
|
62
|
-
# displays the request for a credentials refresh
|
|
63
|
-
#
|
|
64
|
-
def get_refresh
|
|
65
|
-
ensure_resource!
|
|
66
|
-
render :refresh
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
#
|
|
70
|
-
# lets the user through is the refresh is valid
|
|
71
|
-
#
|
|
72
|
-
def set_refresh
|
|
73
|
-
|
|
74
|
-
ensure_resource!
|
|
75
|
-
# I am sure there's a much better way
|
|
76
|
-
if resource.valid_password?(params[resource_name][:refresh_password])
|
|
77
|
-
if resource.otp_enabled?
|
|
78
|
-
if resource.validate_otp_token(params[resource_name][:token])
|
|
79
|
-
done_valid_refresh
|
|
80
|
-
else
|
|
81
|
-
failed_refresh
|
|
82
|
-
end
|
|
83
|
-
else
|
|
84
|
-
done_valid_refresh
|
|
85
|
-
end
|
|
86
|
-
else
|
|
87
|
-
failed_refresh
|
|
88
|
-
end
|
|
89
|
-
end
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
private
|
|
93
|
-
|
|
94
|
-
def done_valid_refresh
|
|
95
|
-
otp_refresh_credentials_for(resource)
|
|
96
|
-
otp_set_flash_message :success, :valid_refresh if is_navigational_format?
|
|
97
|
-
|
|
98
|
-
respond_with resource, :location => otp_fetch_refresh_return_url
|
|
99
|
-
end
|
|
100
|
-
|
|
101
|
-
def failed_refresh
|
|
102
|
-
otp_set_flash_message :alert, :invalid_refresh
|
|
103
|
-
render :refresh
|
|
104
|
-
end
|
|
105
|
-
|
|
106
|
-
end
|
|
@@ -1,105 +0,0 @@
|
|
|
1
|
-
class DeviseOtp::TokensController < DeviseController
|
|
2
|
-
include Devise::Controllers::Helpers
|
|
3
|
-
|
|
4
|
-
prepend_before_filter :ensure_credentials_refresh
|
|
5
|
-
prepend_before_filter :authenticate_scope!
|
|
6
|
-
|
|
7
|
-
#protect_from_forgery :except => [:clear_persistence, :delete_persistence]
|
|
8
|
-
|
|
9
|
-
#
|
|
10
|
-
# Displays the status of OTP authentication
|
|
11
|
-
#
|
|
12
|
-
def show
|
|
13
|
-
if resource.nil?
|
|
14
|
-
redirect_to stored_location_for(scope) || :root
|
|
15
|
-
else
|
|
16
|
-
render :show
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
#
|
|
21
|
-
# Updates the status of OTP authentication
|
|
22
|
-
#
|
|
23
|
-
def update
|
|
24
|
-
#if resource.update_without_password(params[resource_name])
|
|
25
|
-
if resource.update_attribute(:otp_enabled, params[resource_name][:otp_enabled])
|
|
26
|
-
|
|
27
|
-
otp_set_flash_message :success, :successfully_updated
|
|
28
|
-
render :show
|
|
29
|
-
else
|
|
30
|
-
render :show
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
#
|
|
35
|
-
# Resets OTP authentication, generates new credentials, sets it to off
|
|
36
|
-
#
|
|
37
|
-
def destroy
|
|
38
|
-
|
|
39
|
-
if resource.reset_otp_credentials!
|
|
40
|
-
otp_set_flash_message :success, :successfully_reset_creds
|
|
41
|
-
end
|
|
42
|
-
render :show
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
#
|
|
47
|
-
# makes the current browser persistent
|
|
48
|
-
#
|
|
49
|
-
def get_persistence
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
if otp_set_trusted_device_for(resource)
|
|
53
|
-
otp_set_flash_message :success, :successfully_set_persistence
|
|
54
|
-
end
|
|
55
|
-
redirect_to :action => :show
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
#
|
|
60
|
-
# clears persistence for the current browser
|
|
61
|
-
#
|
|
62
|
-
def clear_persistence
|
|
63
|
-
if otp_clear_trusted_device_for(resource)
|
|
64
|
-
otp_set_flash_message :success, :successfully_cleared_persistence
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
redirect_to :action => :show
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
#
|
|
72
|
-
# rehash the persistence secret, thus, making all the persistence cookies invalid
|
|
73
|
-
#
|
|
74
|
-
def delete_persistence
|
|
75
|
-
if otp_reset_persistence_for(resource)
|
|
76
|
-
otp_set_flash_message :notice, :successfully_reset_persistence
|
|
77
|
-
end
|
|
78
|
-
|
|
79
|
-
redirect_to :action => :show
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
#
|
|
83
|
-
#
|
|
84
|
-
#
|
|
85
|
-
def recovery
|
|
86
|
-
render :recovery
|
|
87
|
-
end
|
|
88
|
-
|
|
89
|
-
private
|
|
90
|
-
|
|
91
|
-
def ensure_credentials_refresh
|
|
92
|
-
|
|
93
|
-
ensure_resource!
|
|
94
|
-
if needs_credentials_refresh?(resource)
|
|
95
|
-
otp_set_flash_message :notice, :need_to_refresh_credentials
|
|
96
|
-
redirect_to refresh_otp_credential_path_for(resource)
|
|
97
|
-
end
|
|
98
|
-
end
|
|
99
|
-
|
|
100
|
-
def scope
|
|
101
|
-
resource_name.to_sym
|
|
102
|
-
end
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
end
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
<h2><%= I18n.t('title', {:scope => 'devise.otp.credentials_refresh'}) %></h2>
|
|
2
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.credentials_refresh'}) %></p>
|
|
3
|
-
|
|
4
|
-
<%= form_for(resource, :as => resource_name, :url => [:refresh, resource_name, :otp_credential], :html => { :method => :put }) do |f| %>
|
|
5
|
-
|
|
6
|
-
<%= devise_error_messages! %>
|
|
7
|
-
|
|
8
|
-
<div><%= f.label :email %><br />
|
|
9
|
-
<%= f.text_field :email, :disabled => :true%></div>
|
|
10
|
-
|
|
11
|
-
<div><%= f.label :password %><br />
|
|
12
|
-
<%= f.password_field :refresh_password, :autocomplete => :off, :autofocus => true %></div>
|
|
13
|
-
|
|
14
|
-
<%- if resource.otp_enabled? %>
|
|
15
|
-
<div><%= f.label :token, I18n.t(:token, {:scope => 'devise.otp.credentials_refresh'}) %></p><br />
|
|
16
|
-
<%= f.password_field :token, :autocomplete => :off%></div>
|
|
17
|
-
<% end %>
|
|
18
|
-
|
|
19
|
-
<div><%= f.submit I18n.t(:go_on, {:scope => 'devise.otp.credentials_refresh'}) %></div>
|
|
20
|
-
<% end %>
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
<h2><%= I18n.t('title', {:scope => 'devise.otp.submit_token'}) %></h2>
|
|
2
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.submit_token'}) %></p>
|
|
3
|
-
|
|
4
|
-
<%= form_for(resource, :as => resource_name, :url => [resource_name, :otp_credential], :html => { :method => :put }) do |f| %>
|
|
5
|
-
|
|
6
|
-
<%= f.hidden_field :challenge, {:value => @challenge} %>
|
|
7
|
-
<%= f.hidden_field :recovery, {:value => @recovery} %>
|
|
8
|
-
|
|
9
|
-
<%- if @recovery %>
|
|
10
|
-
<p><%= f.label :token, I18n.t('recovery_prompt', {:scope => 'devise.otp.submit_token'}) %><br />
|
|
11
|
-
<%= f.text_field :otp_recovery_counter, :autocomplete => :off, :disabled => true, :size => 4 %>
|
|
12
|
-
<% else %>
|
|
13
|
-
<p><%= f.label :token, I18n.t('prompt', {:scope => 'devise.otp.submit_token'}) %><br />
|
|
14
|
-
<% end %>
|
|
15
|
-
|
|
16
|
-
<%= f.text_field :token, :autocomplete => :off, :autofocus => true, :size => 6, :value => '' %>
|
|
17
|
-
</p>
|
|
18
|
-
|
|
19
|
-
<p><%= f.submit I18n.t('submit', {:scope => 'devise.otp.submit_token'}) %></p>
|
|
20
|
-
<%- if !@recovery && resource_class.recovery_tokens %>
|
|
21
|
-
<p><%= link_to I18n.t('recovery_link', {:scope => 'devise.otp.submit_token'}), otp_credential_path_for(resource_name, :challenge => @challenge, :recovery => true) %></p>
|
|
22
|
-
<% end %>
|
|
23
|
-
<% end %>
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
<h3><%= I18n.t('title', {:scope => 'devise.otp.token_secret'}) %></h3>
|
|
2
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.token_secret'}) %></p>
|
|
3
|
-
|
|
4
|
-
<%= otp_authenticator_token_image(resource) %>
|
|
5
|
-
|
|
6
|
-
<p><strong><%= I18n.t('manual_provisioning', {:scope => 'devise.otp.token_secret'}) %>:</strong>
|
|
7
|
-
<code><%= resource.otp_auth_secret %></code></p>
|
|
8
|
-
|
|
9
|
-
<p><%= link_to I18n.t('reset_otp', {:scope => 'devise.otp.token_secret'}), @resource, :method => :delete %></p>
|
|
10
|
-
<p><%= I18n.t('reset_explain', {:scope => 'devise.otp.token_secret'}) %>
|
|
11
|
-
<strong><%= I18n.t('reset_explain_warn', {:scope => 'devise.otp.token_secret'}) %></strong></p>
|
|
12
|
-
|
|
13
|
-
<%- if recovery_enabled? %>
|
|
14
|
-
<h3><%= I18n.t('title', {:scope => 'devise.otp.tokens.recovery'}) %></h3>
|
|
15
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.tokens.recovery'}) %></p>
|
|
16
|
-
<p><%= link_to I18n.t('codes_list', {:scope => 'devise.otp.tokens.recovery'}), recovery_otp_token_for(resource_name) %></p>
|
|
17
|
-
<% end %>
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
<h2><%= I18n.t('title', {:scope => 'devise.otp.tokens.recovery'}) %></h2>
|
|
2
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.tokens.recovery'}) %></p>
|
|
3
|
-
|
|
4
|
-
<table>
|
|
5
|
-
<caption>
|
|
6
|
-
<thead>
|
|
7
|
-
<tr>
|
|
8
|
-
<th><%= I18n.t('sequence', {:scope => 'devise.otp.tokens.recovery'}) %></th>
|
|
9
|
-
<th><%= I18n.t('code', {:scope => 'devise.otp.tokens.recovery'}) %></th>
|
|
10
|
-
</tr>
|
|
11
|
-
</thead>
|
|
12
|
-
<tbody>
|
|
13
|
-
<%- resource.next_otp_recovery_tokens.each do |seq, code| %>
|
|
14
|
-
<tr>
|
|
15
|
-
<td><%= seq %></td>
|
|
16
|
-
<td><%= code %></td>
|
|
17
|
-
</tr>
|
|
18
|
-
<% end %>
|
|
19
|
-
</tbody>
|
|
20
|
-
</caption>
|
|
21
|
-
</table>
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
<h2><%= I18n.t('title', {:scope => 'devise.otp.tokens'}) %></h2>
|
|
2
|
-
<p><%= I18n.t('caption', {:scope => 'devise.otp.tokens'}) %></p>
|
|
3
|
-
|
|
4
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.tokens'}) %></p>
|
|
5
|
-
|
|
6
|
-
<%= form_for(resource, :as => resource_name, :url => [resource_name, :otp_token], :html => { :method => :put }) do |f| %>
|
|
7
|
-
|
|
8
|
-
<%= devise_error_messages! %>
|
|
9
|
-
|
|
10
|
-
<h3><%= I18n.t('enable_request', {:scope => 'devise.otp.tokens'}) %></h3>
|
|
11
|
-
|
|
12
|
-
<p><%= f.label :otp_enabled, I18n.t('status', {:scope => 'devise.otp.tokens'}) %><br />
|
|
13
|
-
<%= f.check_box :otp_enabled %></p>
|
|
14
|
-
|
|
15
|
-
<p><%= f.submit I18n.t('submit', {:scope => 'devise.otp.tokens'}) %></p>
|
|
16
|
-
<% end %>
|
|
17
|
-
|
|
18
|
-
<%- if resource.otp_enabled? %>
|
|
19
|
-
<%= render :partial => 'token_secret' if resource.otp_enabled? %>
|
|
20
|
-
|
|
21
|
-
<h3><%= I18n.t('title', {:scope => 'devise.otp.trusted_devices'}) %></h3>
|
|
22
|
-
<p><%= I18n.t('explain', {:scope => 'devise.otp.trusted_devices'}) %></p>
|
|
23
|
-
<%- if is_otp_trusted_device_for? resource %>
|
|
24
|
-
<p><em><%= I18n.t('device_trusted', {:scope => 'devise.otp.trusted_devices'}) %></em></p>
|
|
25
|
-
<p><%= link_to I18n.t('trust_remove', {:scope => 'devise.otp.trusted_devices'}), persistence_otp_token_path_for(resource_name), :method => :post %></p>
|
|
26
|
-
<% else %>
|
|
27
|
-
<p><%= I18n.t('device_not_trusted', {:scope => 'devise.otp.trusted_devices'}) %></p>
|
|
28
|
-
<p><%= link_to I18n.t('trust_add', {:scope => 'devise.otp.trusted_devices'}), persistence_otp_token_path_for(resource_name) %></p>
|
|
29
|
-
<% end %>
|
|
30
|
-
<p><%= link_to I18n.t('trust_clear', {:scope => 'devise.otp.trusted_devices'}), persistence_otp_token_path_for(resource_name), :method => :delete %></p>
|
|
31
|
-
<% end %>
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
module DeviseOtpAuthenticatable
|
|
2
|
-
|
|
3
|
-
module Mapping
|
|
4
|
-
|
|
5
|
-
def self.included(base)
|
|
6
|
-
base.alias_method_chain :default_controllers, :otp
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
private
|
|
10
|
-
def default_controllers_with_otp(options)
|
|
11
|
-
options[:controllers] ||= {}
|
|
12
|
-
|
|
13
|
-
options[:controllers][:otp_tokens] ||= "tokens"
|
|
14
|
-
options[:controllers][:otp_credentials] ||= "credentials"
|
|
15
|
-
|
|
16
|
-
default_controllers_without_otp(options)
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
end
|