devise-otp 0.4.0 → 0.6.0

data/test/dummy/script/rails

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 # This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
 
-APP_PATH = File.expand_path('../../config/application',  __FILE__)
-require File.expand_path('../../config/boot',  __FILE__)
-require 'rails/commands'
+APP_PATH = File.expand_path("../../config/application", __FILE__)
+require File.expand_path("../../config/boot", __FILE__)
+require "rails/commands"

data/test/integration/persistence_test.rb

@@ -1,8 +1,7 @@
-require 'test_helper'
-require 'integration_tests_helper'
+require "test_helper"
+require "integration_tests_helper"
 
 class PersistenceTest < ActionDispatch::IntegrationTest
-
   def setup
     @old_persistence = User.otp_trust_persistence
     User.otp_trust_persistence = 3.seconds
@@ -13,7 +12,7 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     Capybara.reset_sessions!
   end
 
-  test 'a user should be requested the otp challenge every log in' do
+  test "a user should be requested the otp challenge every log in" do
     # log in 1fa
     user = enable_otp_and_sign_in
     otp_challenge_for user
@@ -27,7 +26,7 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     assert_equal user_otp_credential_path, current_path
   end
 
-  test 'a user should be able to set their browser as trusted' do
+  test "a user should be able to set their browser as trusted" do
     # log in 1fa
     user = enable_otp_and_sign_in
     otp_challenge_for user
@@ -35,8 +34,8 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
 
-    click_link('Trust this browser')
-    assert_text 'Your browser is trusted.'
+    click_link("Trust this browser")
+    assert_text "Your browser is trusted."
     sign_out
 
     sign_user_in
@@ -44,7 +43,7 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     assert_equal root_path, current_path
   end
 
-  test 'a user should be able to download its recovery codes' do
+  test "a user should be able to download its recovery codes" do
     # log in 1fa
     user = enable_otp_and_sign_in
     otp_challenge_for user
@@ -55,13 +54,13 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     enable_chrome_headless_downloads(page, "/tmp/devise-otp")
 
     DownloadHelper.wait_for_download(count: 1) do
-      click_link('Download recovery codes')
+      click_link("Download recovery codes")
     end
 
     assert_equal 1, DownloadHelper.downloads.size
   end
 
-  test 'trusted status should expire' do
+  test "trusted status should expire" do
     # log in 1fa
     user = enable_otp_and_sign_in
     otp_challenge_for user
@@ -69,8 +68,8 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
 
-    click_link('Trust this browser')
-    assert_text 'Your browser is trusted.'
+    click_link("Trust this browser")
+    assert_text "Your browser is trusted."
     sign_out
 
     sleep User.otp_trust_persistence.to_i + 1

data/test/integration/refresh_test.rb

@@ -1,8 +1,7 @@
-require 'test_helper'
-require 'integration_tests_helper'
+require "test_helper"
+require "integration_tests_helper"
 
 class RefreshTest < ActionDispatch::IntegrationTest
-
   def setup
     @old_refresh = User.otp_credentials_refresh
     User.otp_credentials_refresh = 1.second
@@ -13,14 +12,14 @@ class RefreshTest < ActionDispatch::IntegrationTest
     Capybara.reset_sessions!
   end
 
-  test 'a user that just signed in should be able to access their OTP settings without refreshing' do
+  test "a user that just signed in should be able to access their OTP settings without refreshing" do
     sign_user_in
 
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
   end
 
-  test 'a user should be prompted for credentials when the credentials_refresh time is expired' do
+  test "a user should be prompted for credentials when the credentials_refresh time is expired" do
     sign_user_in
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
@@ -31,7 +30,7 @@ class RefreshTest < ActionDispatch::IntegrationTest
     assert_equal refresh_user_otp_credential_path, current_path
   end
 
-  test 'a user should be able to access their OTP settings after refreshing' do
+  test "a user should be able to access their OTP settings after refreshing" do
     sign_user_in
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
@@ -41,12 +40,12 @@ class RefreshTest < ActionDispatch::IntegrationTest
     visit user_otp_token_path
     assert_equal refresh_user_otp_credential_path, current_path
 
-    fill_in 'user_refresh_password', :with => '12345678'
-    click_button 'Continue...'
+    fill_in "user_refresh_password", with: "12345678"
+    click_button "Continue..."
     assert_equal user_otp_token_path, current_path
   end
 
-  test 'a user should NOT be able to access their OTP settings unless refreshing' do
+  test "a user should NOT be able to access their OTP settings unless refreshing" do
     sign_user_in
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
@@ -56,20 +55,20 @@ class RefreshTest < ActionDispatch::IntegrationTest
     visit user_otp_token_path
     assert_equal refresh_user_otp_credential_path, current_path
 
-    fill_in 'user_refresh_password', :with => '12345670'
-    click_button 'Continue...'
+    fill_in "user_refresh_password", with: "12345670"
+    click_button "Continue..."
     assert_equal refresh_user_otp_credential_path, current_path
   end
 
-  test 'user should be finally be able to access their settings, and just password is enough' do
+  test "user should be finally be able to access their settings, and just password is enough" do
     user = enable_otp_and_sign_in_with_otp
 
     sleep(2)
     visit user_otp_token_path
     assert_equal refresh_user_otp_credential_path, current_path
 
-    fill_in 'user_refresh_password', :with => '12345678'
-    click_button 'Continue...'
+    fill_in "user_refresh_password", with: "12345678"
+    click_button "Continue..."
 
     assert_equal user_otp_token_path, current_path
   end

data/test/integration/sign_in_test.rb

@@ -1,76 +1,74 @@
-require 'test_helper'
-require 'integration_tests_helper'
+require "test_helper"
+require "integration_tests_helper"
 
 class SignInTest < ActionDispatch::IntegrationTest
-
   def teardown
     Capybara.reset_sessions!
   end
 
-  test 'a new user should be able to sign in without using their token' do
+  test "a new user should be able to sign in without using their token" do
     create_full_user
 
     visit posts_path
-    fill_in 'user_email', :with => 'user@email.invalid'
-    fill_in 'user_password', :with => '12345678'
-    page.has_content?('Log in') ? click_button('Log in') : click_button('Sign in')
+    fill_in "user_email", with: "user@email.invalid"
+    fill_in "user_password", with: "12345678"
+    page.has_content?("Log in") ? click_button("Log in") : click_button("Sign in")
 
     assert_equal posts_path, current_path
   end
 
-  test 'a new user, just signed in, should be able to sign in and enable their OTP authentication' do
+  test "a new user, just signed in, should be able to sign in and enable their OTP authentication" do
     user = sign_user_in
 
     visit user_otp_token_path
-    assert !page.has_content?('Your token secret')
+    assert !page.has_content?("Your token secret")
 
-    check 'user_otp_enabled'
-    click_button 'Continue...'
+    check "user_otp_enabled"
+    click_button "Continue..."
 
     assert_equal user_otp_token_path, current_path
 
-    assert page.has_content?('Your token secret')
+    assert page.has_content?("Your token secret")
     assert !user.otp_auth_secret.nil?
     assert !user.otp_persistence_seed.nil?
   end
 
-  test 'a new user should be able to sign in enable OTP and be prompted for their token' do
+  test "a new user should be able to sign in enable OTP and be prompted for their token" do
     enable_otp_and_sign_in
 
     assert_equal user_otp_credential_path, current_path
   end
 
-  test 'fail token authentication' do
+  test "fail token authentication" do
     enable_otp_and_sign_in
     assert_equal user_otp_credential_path, current_path
 
-    fill_in 'user_token', :with => '123456'
-    click_button 'Submit Token'
+    fill_in "user_token", with: "123456"
+    click_button "Submit Token"
 
     assert_equal new_user_session_path, current_path
   end
 
-  test 'fail blank token authentication' do
+  test "fail blank token authentication" do
     enable_otp_and_sign_in
     assert_equal user_otp_credential_path, current_path
 
-    fill_in 'user_token', :with => ''
-    click_button 'Submit Token'
+    fill_in "user_token", with: ""
+    click_button "Submit Token"
 
     assert_equal user_otp_credential_path, current_path
   end
 
-  test 'successful token authentication' do
+  test "successful token authentication" do
     user = enable_otp_and_sign_in
 
-    fill_in 'user_token', :with => ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
-    click_button 'Submit Token'
+    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
 
     assert_equal root_path, current_path
   end
 
-
-  test 'should fail if the the challenge times out' do
+  test "should fail if the the challenge times out" do
     old_timeout = User.otp_authentication_timeout
     User.otp_authentication_timeout = 1.second
 
@@ -78,8 +76,8 @@ class SignInTest < ActionDispatch::IntegrationTest
 
     sleep(2)
 
-    fill_in 'user_token', :with => ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
-    click_button 'Submit Token'
+    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
 
     User.otp_authentication_timeout = old_timeout
     assert_equal new_user_session_path, current_path

data/test/integration/token_test.rb

@@ -1,20 +1,19 @@
-require 'test_helper'
-require 'integration_tests_helper'
+require "test_helper"
+require "integration_tests_helper"
 
 class TokenTest < ActionDispatch::IntegrationTest
-
   def teardown
     Capybara.reset_sessions!
   end
 
-  test 'disabling OTP after successfully enabling' do
+  test "disabling OTP after successfully enabling" do
     # log in 1fa
     user = enable_otp_and_sign_in
     assert_equal user_otp_credential_path, current_path
 
     # otp 2fa
-    fill_in 'user_token', :with => ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
-    click_button 'Submit Token'
+    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
     assert_equal root_path, current_path
 
     # disable OTP

data/test/integration_tests_helper.rb

@@ -2,15 +2,15 @@ class ActionDispatch::IntegrationTest
   include Warden::Test::Helpers
 
   def warden
-    request.env['warden']
+    request.env["warden"]
   end
-  
+
   def create_full_user
     @user ||= begin
       user = User.create!(
-        :email                 => 'user@email.invalid',
-        :password              => '12345678',
-        :password_confirmation => '12345678'
+        email: "user@email.invalid",
+        password: "12345678",
+        password_confirmation: "12345678"
       )
       user
     end
@@ -18,8 +18,8 @@ class ActionDispatch::IntegrationTest
 
   def enable_otp_and_sign_in_with_otp
     enable_otp_and_sign_in.tap do |user|
-      fill_in 'user_token', :with => ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
-      click_button 'Submit Token'
+      fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+      click_button "Submit Token"
     end
   end
 
@@ -27,8 +27,8 @@ class ActionDispatch::IntegrationTest
     user = create_full_user
     sign_user_in(user)
     visit user_otp_token_path
-    check 'user_otp_enabled'
-    click_button 'Continue...'
+    check "user_otp_enabled"
+    click_button "Continue..."
 
     Capybara.reset_sessions!
 
@@ -37,14 +37,14 @@ class ActionDispatch::IntegrationTest
   end
 
   def otp_challenge_for(user)
-    fill_in 'user_token', :with => ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
-    click_button 'Submit Token'
+    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
   end
 
   def disable_otp
     visit user_otp_token_path
-    uncheck 'user_otp_enabled'
-    click_button 'Continue...'
+    uncheck "user_otp_enabled"
+    click_button "Continue..."
   end
 
   def sign_out
@@ -55,11 +55,10 @@ class ActionDispatch::IntegrationTest
     user ||= create_full_user
     resource_name = user.class.name.underscore
     visit send("new_#{resource_name}_session_path")
-    fill_in "#{resource_name}_email", :with => user.email
-    fill_in "#{resource_name}_password", :with => user.password
+    fill_in "#{resource_name}_email", with: user.email
+    fill_in "#{resource_name}_password", with: user.password
 
-    page.has_content?('Log in') ? click_button('Log in') : click_button('Sign in')
+    page.has_content?("Log in") ? click_button("Log in") : click_button("Sign in")
     user
   end
-
 end

data/test/model_tests_helper.rb

@@ -1,5 +1,4 @@
 class ActiveSupport::TestCase
-
   #
   # Helpers for creating new users
   #
@@ -9,14 +8,13 @@ class ActiveSupport::TestCase
     "user-#{@@unique_identity_count}@mail.invalid"
   end
 
-  def valid_attributes(attributes={})
-    { :email => unique_identity,
-      :password => '12345678',
-      :password_confirmation => '12345678' }.update(attributes)
+  def valid_attributes(attributes = {})
+    {email: unique_identity,
+     password: "12345678",
+     password_confirmation: "12345678"}.update(attributes)
   end
 
-  def new_user(attributes={})
+  def new_user(attributes = {})
     User.new(valid_attributes(attributes)).save
   end
-
 end

data/test/models/otp_authenticatable_test.rb

@@ -1,32 +1,31 @@
-require 'test_helper'
-require 'model_tests_helper'
+require "test_helper"
+require "model_tests_helper"
 
 class OtpAuthenticatableTest < ActiveSupport::TestCase
-
   def setup
     new_user
   end
 
-  test 'new users have a non-nil secret set' do
+  test "new users have a non-nil secret set" do
     assert_not_nil User.first.otp_auth_secret
   end
 
-  test 'new users have OTP disabled by default' do
+  test "new users have OTP disabled by default" do
     assert !User.first.otp_enabled
   end
 
-  test 'users should have an instance of TOTP/ROTP objects' do
+  test "users should have an instance of TOTP/ROTP objects" do
     u = User.first
     assert u.time_based_otp.is_a? ROTP::TOTP
     assert u.recovery_otp.is_a? ROTP::HOTP
   end
 
-  test 'users should have their otp_auth_secret/persistence_seed set on creation' do
+  test "users should have their otp_auth_secret/persistence_seed set on creation" do
     assert User.first.otp_auth_secret
     assert User.first.otp_persistence_seed
   end
 
-  test 'reset_otp_credentials should generate new secrets and disable OTP' do
+  test "reset_otp_credentials should generate new secrets and disable OTP" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
     assert u.otp_enabled
@@ -39,7 +38,7 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     assert !u.otp_enabled
   end
 
-  test 'reset_otp_persistence should generate new persistence_seed but NOT change the otp_auth_secret' do
+  test "reset_otp_persistence should generate new persistence_seed but NOT change the otp_auth_secret" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
     assert u.otp_enabled
@@ -47,22 +46,22 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     otp_persistence_seed = u.otp_persistence_seed
 
     u.reset_otp_persistence!
-    assert (otp_auth_secret == u.otp_auth_secret)
+    assert(otp_auth_secret == u.otp_auth_secret)
     assert !(otp_persistence_seed == u.otp_persistence_seed)
     assert u.otp_enabled
   end
 
-  test 'generating a challenge, should retrieve the user later' do
+  test "generating a challenge, should retrieve the user later" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
     challenge = u.generate_otp_challenge!
 
     w = User.find_valid_otp_challenge(challenge)
     assert w.is_a? User
-    assert_equal w,u
+    assert_equal w, u
   end
 
-  test 'expiring the challenge, should retrieve nothing' do
+  test "expiring the challenge, should retrieve nothing" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
     challenge = u.generate_otp_challenge!(1.second)
@@ -72,7 +71,7 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     assert_nil w
   end
 
-  test 'expired challenges should not be valid' do
+  test "expired challenges should not be valid" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
     challenge = u.generate_otp_challenge!(1.second)
@@ -80,14 +79,14 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     assert_equal false, u.otp_challenge_valid?
   end
 
-  test 'null otp challenge' do
+  test "null otp challenge" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
-    assert_equal false, u.validate_otp_token('')
+    assert_equal false, u.validate_otp_token("")
     assert_equal false, u.validate_otp_token(nil)
   end
 
-  test 'generated otp token should be valid for the user' do
+  test "generated otp token should be valid for the user" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
 
@@ -97,7 +96,7 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     assert_equal true, u.validate_otp_token(token)
   end
 
-  test 'generated otp token, out of drift window, should be NOT valid for the user' do
+  test "generated otp token, out of drift window, should be NOT valid for the user" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
 
@@ -109,7 +108,7 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     end
   end
 
-  test 'recovery secrets should be valid, and valid only once' do
+  test "recovery secrets should be valid, and valid only once" do
     u = User.first
     u.update_attribute(:otp_enabled, true)
     recovery = u.next_otp_recovery_tokens

data/test/test_helper.rb

@@ -4,21 +4,21 @@ DEVISE_ORM = (ENV["DEVISE_ORM"] || :active_record).to_sym
 puts "\n==> Devise.orm = #{DEVISE_ORM.inspect}"
 require "dummy/config/environment"
 require "orm/#{DEVISE_ORM}"
-require 'rails/test_help'
-require 'capybara/rails'
-require 'capybara/cuprite'
-require 'minitest/reporters'
+require "rails/test_help"
+require "capybara/rails"
+require "capybara/cuprite"
+require "minitest/reporters"
 
 MiniTest::Reporters.use!
 
-#I18n.load_path << File.expand_path("../support/locale/en.yml", __FILE__) if DEVISE_ORM == :mongoid
+# I18n.load_path << File.expand_path("../support/locale/en.yml", __FILE__) if DEVISE_ORM == :mongoid
 
-#ActiveSupport::Deprecation.silenced = true
+# ActiveSupport::Deprecation.silenced = true
 
 # Use a module to not pollute the global namespace
 module CapybaraHelper
   def self.register_driver(driver_name, args = [])
-    opts = { headless: true, js_errors: true, window_size: [1920, 1200], browser_options: {} }
+    opts = {headless: true, js_errors: true, window_size: [1920, 1200], browser_options: {}}
     args.each do |arg|
       opts[:browser_options][arg] = nil
     end
@@ -33,12 +33,12 @@ end
 CapybaraHelper.register_driver(:headless_chrome, %w[disable-gpu no-sandbox disable-dev-shm-usage])
 
 # Configure Capybara JS driver
-Capybara.current_driver    = :headless_chrome
+Capybara.current_driver = :headless_chrome
 Capybara.javascript_driver = :headless_chrome
 
 # Configure Capybara server
 Capybara.run_server = true
-Capybara.server     = :puma, { Silent: true }
+Capybara.server = :puma, {Silent: true}
 
 class ActionDispatch::IntegrationTest
   include Capybara::DSL
@@ -53,7 +53,7 @@ class ActionDispatch::IntegrationTest
   # See: https://github.com/rubycdp/ferrum/blob/master/lib/ferrum/page.rb
   def enable_chrome_headless_downloads(session, directory)
     page = session.driver.browser.page
-    page.command('Page.setDownloadBehavior', behavior: 'allow', downloadPath: directory)
+    page.command("Page.setDownloadBehavior", behavior: "allow", downloadPath: directory)
   end
 end