RubyGems - devise-otp - Versions diffs - 0.6.0 → 0.7.0 - Mend

devise-otp 0.6.0 → 0.7.0

Files changed (52) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +0 -2
data/.gitignore +3 -1
data/CHANGELOG.md +51 -8
data/README.md +8 -2
data/app/controllers/devise_otp/devise/otp_credentials_controller.rb +46 -27
data/app/controllers/devise_otp/devise/otp_tokens_controller.rb +24 -6
data/app/views/devise/otp_credentials/show.html.erb +6 -6
data/app/views/devise/otp_tokens/_token_secret.html.erb +3 -4
data/app/views/devise/otp_tokens/edit.html.erb +26 -0
data/app/views/devise/otp_tokens/show.html.erb +7 -14
data/config/locales/en.yml +23 -14
data/devise-otp.gemspec +1 -2
data/lib/devise/strategies/database_authenticatable.rb +64 -0
data/lib/devise-otp/version.rb +1 -1
data/lib/devise-otp.rb +31 -11
data/lib/devise_otp_authenticatable/controllers/helpers.rb +9 -10
data/lib/devise_otp_authenticatable/controllers/public_helpers.rb +39 -0
data/lib/devise_otp_authenticatable/controllers/url_helpers.rb +10 -0
data/lib/devise_otp_authenticatable/engine.rb +2 -5
data/lib/devise_otp_authenticatable/hooks/refreshable.rb +5 -0
data/lib/devise_otp_authenticatable/models/otp_authenticatable.rb +22 -20
data/lib/devise_otp_authenticatable/routes.rb +3 -1
data/test/dummy/app/controllers/admin_posts_controller.rb +85 -0
data/test/dummy/app/controllers/application_controller.rb +0 -1
data/test/dummy/app/controllers/base_controller.rb +6 -0
data/test/dummy/app/models/admin.rb +25 -0
data/test/dummy/app/views/admin_posts/_form.html.erb +25 -0
data/test/dummy/app/views/admin_posts/edit.html.erb +6 -0
data/test/dummy/app/views/admin_posts/index.html.erb +25 -0
data/test/dummy/app/views/admin_posts/new.html.erb +5 -0
data/test/dummy/app/views/admin_posts/show.html.erb +15 -0
data/test/dummy/app/views/base/home.html.erb +1 -0
data/test/dummy/config/application.rb +0 -2
data/test/dummy/config/routes.rb +4 -1
data/test/dummy/db/migrate/20240604000001_create_admins.rb +9 -0
data/test/dummy/db/migrate/20240604000002_add_devise_to_admins.rb +52 -0
data/test/dummy/db/migrate/20240604000003_devise_otp_add_to_admins.rb +28 -0
data/test/integration/disable_token_test.rb +53 -0
data/test/integration/enable_otp_form_test.rb +57 -0
data/test/integration/persistence_test.rb +3 -6
data/test/integration/refresh_test.rb +32 -0
data/test/integration/reset_token_test.rb +45 -0
data/test/integration/sign_in_test.rb +10 -14
data/test/integration/trackable_test.rb +50 -0
data/test/integration_tests_helper.rb +24 -6
data/test/models/otp_authenticatable_test.rb +62 -27
data/test/test_helper.rb +1 -71
metadata +26 -23
data/lib/devise_otp_authenticatable/hooks/sessions.rb +0 -58
data/lib/devise_otp_authenticatable/hooks.rb +0 -11
data/test/integration/token_test.rb +0 -30

data/test/integration/persistence_test.rb CHANGED Viewed

@@ -51,13 +51,10 @@ class PersistenceTest < ActionDispatch::IntegrationTest
     visit user_otp_token_path
     assert_equal user_otp_token_path, current_path
-    enable_chrome_headless_downloads(page, "/tmp/devise-otp")
+    click_link("Download recovery codes")
-    DownloadHelper.wait_for_download(count: 1) do
-      click_link("Download recovery codes")
-    end
-    assert_equal 1, DownloadHelper.downloads.size
+    assert current_path.match?(/recovery\.text/)
+    assert page.body.match?(user.next_otp_recovery_tokens.values.join("\n"))
   end
   test "trusted status should expire" do

data/test/integration/refresh_test.rb CHANGED Viewed

@@ -5,10 +5,12 @@ class RefreshTest < ActionDispatch::IntegrationTest
   def setup
     @old_refresh = User.otp_credentials_refresh
     User.otp_credentials_refresh = 1.second
+    Admin.otp_credentials_refresh = 1.second
   end
   def teardown
     User.otp_credentials_refresh = @old_refresh
+    Admin.otp_credentials_refresh = @old_refresh
     Capybara.reset_sessions!
   end
@@ -72,4 +74,34 @@ class RefreshTest < ActionDispatch::IntegrationTest
     assert_equal user_otp_token_path, current_path
   end
+  test "works for non-default warden scopes" do
+    admin = create_full_admin
+    admin.populate_otp_secrets!
+    admin.enable_otp!
+    visit new_admin_session_path
+    fill_in "admin_email", with: admin.email
+    fill_in "admin_password", with: admin.password
+    page.has_content?("Log in") ? click_button("Log in") : click_button("Sign in")
+    assert_equal admin_otp_credential_path, current_path
+    fill_in "token", with: ROTP::TOTP.new(admin.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
+    assert_equal "/", current_path
+    sleep(2)
+    visit admin_otp_token_path
+    assert_equal refresh_admin_otp_credential_path, current_path
+    fill_in "admin_refresh_password", with: "12345678"
+    click_button "Continue..."
+    assert_equal admin_otp_token_path, current_path
+  end
 end

data/test/integration/reset_token_test.rb ADDED Viewed

@@ -0,0 +1,45 @@
+require "test_helper"
+require "integration_tests_helper"
+class ResetTokenTest < ActionDispatch::IntegrationTest
+  def setup
+    # log in 1fa
+    @user = enable_otp_and_sign_in
+    assert_equal user_otp_credential_path, current_path
+    # otp 2fa
+    fill_in "token", with: ROTP::TOTP.new(@user.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
+    assert_equal root_path, current_path
+  end
+  def teardown
+    Capybara.reset_sessions!
+  end
+  test "redirects to otp_tokens#edit page" do
+    reset_otp
+    assert_equal "/users/otp/token/edit", current_path
+  end
+  test "generates new token secrets" do
+    # get auth secrets
+    auth_secret = @user.otp_auth_secret
+    recovery_secret = @user.otp_recovery_secret
+    # reset otp
+    reset_otp
+    # compare auth secrets
+    @user.reload
+    assert_not_nil @user.otp_auth_secret
+    assert_not_equal @user.otp_auth_secret, auth_secret
+    assert_not_nil @user.otp_recovery_secret
+    assert_not_equal @user.otp_recovery_secret, recovery_secret
+  end
+end

data/test/integration/sign_in_test.rb CHANGED Viewed

@@ -17,20 +17,16 @@ class SignInTest < ActionDispatch::IntegrationTest
     assert_equal posts_path, current_path
   end
-  test "a new user, just signed in, should be able to sign in and enable their OTP authentication" do
+  test "a new user, just signed in, should be able to see and click the 'Enable Two-Factor Authentication' link" do
     user = sign_user_in
     visit user_otp_token_path
-    assert !page.has_content?("Your token secret")
+    assert page.has_content?("Disabled")
-    check "user_otp_enabled"
-    click_button "Continue..."
+    click_link "Enable Two-Factor Authentication"
-    assert_equal user_otp_token_path, current_path
-    assert page.has_content?("Your token secret")
-    assert !user.otp_auth_secret.nil?
-    assert !user.otp_persistence_seed.nil?
+    assert page.has_content?("Enable Two-Factor Authentication")
+    assert_equal edit_user_otp_token_path, current_path
   end
   test "a new user should be able to sign in enable OTP and be prompted for their token" do
@@ -43,17 +39,17 @@ class SignInTest < ActionDispatch::IntegrationTest
     enable_otp_and_sign_in
     assert_equal user_otp_credential_path, current_path
-    fill_in "user_token", with: "123456"
+    fill_in "token", with: "123456"
     click_button "Submit Token"
-    assert_equal new_user_session_path, current_path
+    assert_equal user_otp_credential_path, current_path
   end
   test "fail blank token authentication" do
     enable_otp_and_sign_in
     assert_equal user_otp_credential_path, current_path
-    fill_in "user_token", with: ""
+    fill_in "token", with: ""
     click_button "Submit Token"
     assert_equal user_otp_credential_path, current_path
@@ -62,7 +58,7 @@ class SignInTest < ActionDispatch::IntegrationTest
   test "successful token authentication" do
     user = enable_otp_and_sign_in
-    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    fill_in "token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
     click_button "Submit Token"
     assert_equal root_path, current_path
@@ -76,7 +72,7 @@ class SignInTest < ActionDispatch::IntegrationTest
     sleep(2)
-    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    fill_in "token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
     click_button "Submit Token"
     User.otp_authentication_timeout = old_timeout

data/test/integration/trackable_test.rb ADDED Viewed

@@ -0,0 +1,50 @@
+require "test_helper"
+require "integration_tests_helper"
+class TrackableTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = sign_user_in
+    @user.reload
+    @sign_in_count = @user.sign_in_count
+    @current_sign_in_at = @user.current_sign_in_at
+    sign_out
+  end
+  def teardown
+    Capybara.reset_sessions!
+  end
+  test "if otp is disabled, it should update devise trackable fields as usual when the user signs in" do
+    sign_user_in(@user)
+    @user.reload
+    assert_not_equal @sign_in_count, @user.sign_in_count
+    assert_not_equal @current_sign_in_at, @user.current_sign_in_at
+  end
+  test "if otp is enabled, it should not update devise trackable fields until user enters their user token to complete their sign in" do
+    @user.populate_otp_secrets!
+    @user.enable_otp!
+    sign_user_in(@user)
+    @user.reload
+    assert_equal @sign_in_count, @user.sign_in_count
+    assert_equal @current_sign_in_at, @user.current_sign_in_at
+    fill_in "token", with: ROTP::TOTP.new(@user.otp_auth_secret).at(Time.now)
+    click_button "Submit Token"
+    @user.reload
+    assert_not_equal @sign_in_count, @user.sign_in_count
+    assert_not_equal @current_sign_in_at, @user.current_sign_in_at
+  end
+end

data/test/integration_tests_helper.rb CHANGED Viewed

@@ -16,18 +16,31 @@ class ActionDispatch::IntegrationTest
     end
   end
+  def create_full_admin
+    @admin ||= begin
+      admin = Admin.create!(
+        email: "admin@email.invalid",
+        password: "12345678",
+        password_confirmation: "12345678"
+      )
+      admin
+    end
+  end
   def enable_otp_and_sign_in_with_otp
     enable_otp_and_sign_in.tap do |user|
-      fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+      fill_in "token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
       click_button "Submit Token"
     end
   end
   def enable_otp_and_sign_in
     user = create_full_user
+    user.populate_otp_secrets!
     sign_user_in(user)
-    visit user_otp_token_path
-    check "user_otp_enabled"
+    visit edit_user_otp_token_path
+    fill_in "confirmation_code", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
     click_button "Continue..."
     Capybara.reset_sessions!
@@ -37,14 +50,18 @@ class ActionDispatch::IntegrationTest
   end
   def otp_challenge_for(user)
-    fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
+    fill_in "token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
     click_button "Submit Token"
   end
   def disable_otp
     visit user_otp_token_path
-    uncheck "user_otp_enabled"
-    click_button "Continue..."
+    click_button "Disable Two-Factor Authentication"
+  end
+  def reset_otp
+    visit user_otp_token_path
+    click_button "Reset Token Secret"
   end
   def sign_out
@@ -61,4 +78,5 @@ class ActionDispatch::IntegrationTest
     page.has_content?("Log in") ? click_button("Log in") : click_button("Sign in")
     user
   end
 end

data/test/models/otp_authenticatable_test.rb CHANGED Viewed

@@ -6,42 +6,70 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
     new_user
   end
-  test "new users have a non-nil secret set" do
-    assert_not_nil User.first.otp_auth_secret
+  test "new users do not have a secret set" do
+    user = User.first
+    [:otp_auth_secret, :otp_recovery_secret, :otp_persistence_seed].each do |field|
+      assert_nil user.send(field)
+    end
   end
   test "new users have OTP disabled by default" do
     assert !User.first.otp_enabled
   end
-  test "users should have an instance of TOTP/ROTP objects" do
-    u = User.first
-    assert u.time_based_otp.is_a? ROTP::TOTP
-    assert u.recovery_otp.is_a? ROTP::HOTP
+  test "populating otp secrets should populate all required fields" do
+    user = User.first
+    user.populate_otp_secrets!
+    [:otp_auth_secret, :otp_recovery_secret, :otp_persistence_seed].each do |field|
+      assert_not_nil user.send(field)
+    end
   end
-  test "users should have their otp_auth_secret/persistence_seed set on creation" do
-    assert User.first.otp_auth_secret
-    assert User.first.otp_persistence_seed
+  test "time_based_otp and recover_otp fields should be an instance of TOTP/ROTP objects" do
+    user = User.first
+    user.populate_otp_secrets!
+    assert user.time_based_otp.is_a? ROTP::TOTP
+    assert user.recovery_otp.is_a? ROTP::HOTP
   end
-  test "reset_otp_credentials should generate new secrets and disable OTP" do
-    u = User.first
-    u.update_attribute(:otp_enabled, true)
-    assert u.otp_enabled
-    otp_auth_secret = u.otp_auth_secret
-    otp_persistence_seed = u.otp_persistence_seed
+  test "clear_otp_fields should clear all otp fields" do
+    user = User.first
+    user.populate_otp_secrets!
-    u.reset_otp_credentials!
-    assert !(otp_auth_secret == u.otp_auth_secret)
-    assert !(otp_persistence_seed == u.otp_persistence_seed)
-    assert !u.otp_enabled
+    user.enable_otp!
+    user.generate_otp_challenge!
+    user.update(
+      :otp_failed_attempts => 1,
+      :otp_recovery_counter => 1
+    )
+    assert user.otp_enabled
+    [:otp_auth_secret, :otp_recovery_secret, :otp_persistence_seed].each do |field|
+      assert_not_nil user.send(field)
+    end
+    [:otp_failed_attempts, :otp_recovery_counter].each do |field|
+      assert_not user.send(field) == 0
+    end
+    user.clear_otp_fields!
+    [:otp_auth_secret, :otp_recovery_secret, :otp_persistence_seed].each do |field|
+      assert_nil user.send(field)
+    end
+    [:otp_failed_attempts, :otp_recovery_counter].each do |field|
+      assert user.send(field) == 0
+    end
   end
   test "reset_otp_persistence should generate new persistence_seed but NOT change the otp_auth_secret" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     assert u.otp_enabled
     otp_auth_secret = u.otp_auth_secret
     otp_persistence_seed = u.otp_persistence_seed
@@ -53,7 +81,8 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
   test "generating a challenge, should retrieve the user later" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     challenge = u.generate_otp_challenge!
     w = User.find_valid_otp_challenge(challenge)
@@ -63,7 +92,8 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
   test "expiring the challenge, should retrieve nothing" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     challenge = u.generate_otp_challenge!(1.second)
     sleep(2)
@@ -73,7 +103,8 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
   test "expired challenges should not be valid" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     challenge = u.generate_otp_challenge!(1.second)
     sleep(2)
     assert_equal false, u.otp_challenge_valid?
@@ -81,14 +112,16 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
   test "null otp challenge" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     assert_equal false, u.validate_otp_token("")
     assert_equal false, u.validate_otp_token(nil)
   end
   test "generated otp token should be valid for the user" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     secret = u.otp_auth_secret
     token = ROTP::TOTP.new(secret).now
@@ -98,7 +131,8 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
   test "generated otp token, out of drift window, should be NOT valid for the user" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     secret = u.otp_auth_secret
@@ -110,7 +144,8 @@ class OtpAuthenticatableTest < ActiveSupport::TestCase
   test "recovery secrets should be valid, and valid only once" do
     u = User.first
-    u.update_attribute(:otp_enabled, true)
+    u.populate_otp_secrets!
+    u.enable_otp!
     recovery = u.next_otp_recovery_tokens
     assert u.valid_otp_recovery_token? recovery.fetch(0)

data/test/test_helper.rb CHANGED Viewed

@@ -6,86 +6,16 @@ require "dummy/config/environment"
 require "orm/#{DEVISE_ORM}"
 require "rails/test_help"
 require "capybara/rails"
-require "capybara/cuprite"
 require "minitest/reporters"
-MiniTest::Reporters.use!
+Minitest::Reporters.use!
 # I18n.load_path << File.expand_path("../support/locale/en.yml", __FILE__) if DEVISE_ORM == :mongoid
 # ActiveSupport::Deprecation.silenced = true
-# Use a module to not pollute the global namespace
-module CapybaraHelper
-  def self.register_driver(driver_name, args = [])
-    opts = {headless: true, js_errors: true, window_size: [1920, 1200], browser_options: {}}
-    args.each do |arg|
-      opts[:browser_options][arg] = nil
-    end
-    Capybara.register_driver(driver_name) do |app|
-      Capybara::Cuprite::Driver.new(app, opts)
-    end
-  end
-end
-# Register our own custom drivers
-CapybaraHelper.register_driver(:headless_chrome, %w[disable-gpu no-sandbox disable-dev-shm-usage])
-# Configure Capybara JS driver
-Capybara.current_driver = :headless_chrome
-Capybara.javascript_driver = :headless_chrome
-# Configure Capybara server
-Capybara.run_server = true
-Capybara.server = :puma, {Silent: true}
 class ActionDispatch::IntegrationTest
   include Capybara::DSL
-  # What capybara calls a "page" in its DSL is actually a Capybara::Session
-  # and doesn't know about the *command* method that allows us to play with
-  # the Chrome API.
-  # See: https://rubydoc.info/github/jnicklas/capybara/master/Capybara/Session
-  #
-  # To enable downloads we need to do it on the browser's page object, so fetch it
-  # from this long method chain.
-  # See: https://github.com/rubycdp/ferrum/blob/master/lib/ferrum/page.rb
-  def enable_chrome_headless_downloads(session, directory)
-    page = session.driver.browser.page
-    page.command("Page.setDownloadBehavior", behavior: "allow", downloadPath: directory)
-  end
-end
-# From https://collectiveidea.com/blog/archives/2012/01/27/testing-file-downloads-with-capybara-and-chromedriver
-module DownloadHelper
-  extend self
-  TIMEOUT = 10
-  def downloads
-    Dir["/tmp/devise-otp/*"]
-  end
-  def wait_for_download(count: 1)
-    yield if block_given?
-    Timeout.timeout(TIMEOUT) do
-      sleep 0.2 until downloaded?(count)
-    end
-  end
-  def downloaded?(count)
-    !downloading? && downloads.size == count
-  end
-  def downloading?
-    downloads.grep(/\.crdownload$/).any?
-  end
-  def clear_downloads
-    FileUtils.rm_f(downloads)
-  end
 end
 require "devise-otp"

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise-otp
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Lele Forzani
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-06 00:00:00.000000000 Z
+date: 2024-06-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -79,20 +79,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: cuprite
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest-reporters
   requirement: !ruby/object:Gem::Requirement
@@ -167,16 +153,16 @@ dependencies:
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: standardrb
   requirement: !ruby/object:Gem::Requirement
@@ -214,6 +200,7 @@ files:
 - app/views/devise/otp_credentials/show.html.erb
 - app/views/devise/otp_tokens/_token_secret.html.erb
 - app/views/devise/otp_tokens/_trusted_devices.html.erb
+- app/views/devise/otp_tokens/edit.html.erb
 - app/views/devise/otp_tokens/recovery.html.erb
 - app/views/devise/otp_tokens/recovery_codes.text.erb
 - app/views/devise/otp_tokens/show.html.erb
@@ -222,11 +209,12 @@ files:
 - docs/QR_CODES.md
 - lib/devise-otp.rb
 - lib/devise-otp/version.rb
+- lib/devise/strategies/database_authenticatable.rb
 - lib/devise_otp_authenticatable/controllers/helpers.rb
+- lib/devise_otp_authenticatable/controllers/public_helpers.rb
 - lib/devise_otp_authenticatable/controllers/url_helpers.rb
 - lib/devise_otp_authenticatable/engine.rb
-- lib/devise_otp_authenticatable/hooks.rb
-- lib/devise_otp_authenticatable/hooks/sessions.rb
+- lib/devise_otp_authenticatable/hooks/refreshable.rb
 - lib/devise_otp_authenticatable/models/otp_authenticatable.rb
 - lib/devise_otp_authenticatable/routes.rb
 - lib/generators/active_record/devise_otp_generator.rb
@@ -239,13 +227,22 @@ files:
 - test/dummy/app/assets/config/manifest.js
 - test/dummy/app/assets/javascripts/application.js
 - test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/controllers/admin_posts_controller.rb
 - test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/base_controller.rb
 - test/dummy/app/controllers/posts_controller.rb
 - test/dummy/app/helpers/application_helper.rb
 - test/dummy/app/helpers/posts_helper.rb
 - test/dummy/app/mailers/.gitkeep
+- test/dummy/app/models/admin.rb
 - test/dummy/app/models/post.rb
 - test/dummy/app/models/user.rb
+- test/dummy/app/views/admin_posts/_form.html.erb
+- test/dummy/app/views/admin_posts/edit.html.erb
+- test/dummy/app/views/admin_posts/index.html.erb
+- test/dummy/app/views/admin_posts/new.html.erb
+- test/dummy/app/views/admin_posts/show.html.erb
+- test/dummy/app/views/base/home.html.erb
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/app/views/posts/_form.html.erb
 - test/dummy/app/views/posts/edit.html.erb
@@ -273,16 +270,22 @@ files:
 - test/dummy/db/migrate/20130131092406_add_devise_to_users.rb
 - test/dummy/db/migrate/20130131142320_create_posts.rb
 - test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb
+- test/dummy/db/migrate/20240604000001_create_admins.rb
+- test/dummy/db/migrate/20240604000002_add_devise_to_admins.rb
+- test/dummy/db/migrate/20240604000003_devise_otp_add_to_admins.rb
 - test/dummy/lib/assets/.gitkeep
 - test/dummy/public/404.html
 - test/dummy/public/422.html
 - test/dummy/public/500.html
 - test/dummy/public/favicon.ico
 - test/dummy/script/rails
+- test/integration/disable_token_test.rb
+- test/integration/enable_otp_form_test.rb
 - test/integration/persistence_test.rb
 - test/integration/refresh_test.rb
+- test/integration/reset_token_test.rb
 - test/integration/sign_in_test.rb
-- test/integration/token_test.rb
+- test/integration/trackable_test.rb
 - test/integration_tests_helper.rb
 - test/model_tests_helper.rb
 - test/models/otp_authenticatable_test.rb