devise-otp 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +7 -8
- data/CHANGELOG.md +4 -1
- data/Gemfile +10 -0
- data/app/controllers/devise_otp/devise/otp_tokens_controller.rb +6 -6
- data/app/views/devise/otp_tokens/show.html.erb +1 -1
- data/devise-otp.gemspec +3 -12
- data/docs/QR_CODES.md +1 -40
- data/lib/devise/strategies/database_authenticatable.rb +1 -1
- data/lib/devise-otp/version.rb +1 -1
- data/lib/generators/active_record/templates/migration.rb +1 -1
- data/test/dummy/config/routes.rb +1 -1
- data/test/orm/active_record.rb +6 -1
- metadata +6 -118
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 95e8a170c1942c78dae2cb24c06a818c6e91854268acf78df61b83e22fd18726
|
|
4
|
+
data.tar.gz: 409a75794455459fa1c88892216d556b138cf1a40f4bfe0a06f3ce65a47a528e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 45d13d374f2a2504fcee11d81f8771712ae706d138725e3bb777470b099b106cb09ffdb4e2132b6ac5c837b00bb341ff9b5fc56ce5981ff144b358d1e8ed4338
|
|
7
|
+
data.tar.gz: b946e7a0551ba464285e324559f287a9765657258159e508fe08f4b22068548a4be6602d3173a6fac46638130e5795c69bdbdd4b28031d48cfaa592b87eef9da
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -7,28 +7,27 @@ on:
|
|
|
7
7
|
|
|
8
8
|
jobs:
|
|
9
9
|
rspec:
|
|
10
|
-
runs-on: ubuntu-
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
11
|
strategy:
|
|
12
12
|
fail-fast: false
|
|
13
13
|
matrix:
|
|
14
14
|
ruby:
|
|
15
|
+
- '3.3'
|
|
16
|
+
- '3.2'
|
|
15
17
|
- '3.1'
|
|
18
|
+
- 'head'
|
|
16
19
|
|
|
17
20
|
steps:
|
|
18
21
|
- name: Checkout
|
|
19
|
-
uses: actions/checkout@
|
|
22
|
+
uses: actions/checkout@v4
|
|
20
23
|
|
|
21
24
|
- name: Setup Ruby
|
|
22
25
|
uses: ruby/setup-ruby@v1
|
|
23
26
|
with:
|
|
24
27
|
ruby-version: ${{ matrix.ruby }}
|
|
25
|
-
|
|
26
|
-
- name: Bundle
|
|
27
|
-
run: |
|
|
28
|
-
gem install bundler
|
|
29
|
-
bundle install --jobs 4 --retry 3
|
|
28
|
+
bundler-cache: true
|
|
30
29
|
|
|
31
30
|
- name: Run tests
|
|
32
31
|
env:
|
|
33
32
|
DEVISE_ORM: active_record
|
|
34
|
-
run: rake test
|
|
33
|
+
run: bundle exec rake test
|
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
|
@@ -2,3 +2,13 @@ source "https://rubygems.org"
|
|
|
2
2
|
|
|
3
3
|
# Specify your gem's dependencies in devise-otp.gemspec
|
|
4
4
|
gemspec
|
|
5
|
+
|
|
6
|
+
gem "capybara"
|
|
7
|
+
gem "minitest-reporters", ">= 0.5.0"
|
|
8
|
+
gem "puma"
|
|
9
|
+
gem "rake"
|
|
10
|
+
gem "rdoc"
|
|
11
|
+
gem "shoulda"
|
|
12
|
+
gem "sprockets-rails"
|
|
13
|
+
gem "sqlite3", "~> 1.4"
|
|
14
|
+
gem "standardrb"
|
|
@@ -33,7 +33,7 @@ module DeviseOtp
|
|
|
33
33
|
if resource.valid_otp_token?(params[:confirmation_code])
|
|
34
34
|
resource.enable_otp!
|
|
35
35
|
otp_set_flash_message :success, :successfully_updated
|
|
36
|
-
redirect_to
|
|
36
|
+
redirect_to otp_token_path_for(resource)
|
|
37
37
|
else
|
|
38
38
|
otp_set_flash_message :danger, :could_not_confirm
|
|
39
39
|
render :edit
|
|
@@ -48,7 +48,7 @@ module DeviseOtp
|
|
|
48
48
|
otp_set_flash_message :success, :successfully_disabled_otp
|
|
49
49
|
end
|
|
50
50
|
|
|
51
|
-
redirect_to
|
|
51
|
+
redirect_to otp_token_path_for(resource)
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
#
|
|
@@ -59,7 +59,7 @@ module DeviseOtp
|
|
|
59
59
|
otp_set_flash_message :success, :successfully_set_persistence
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
redirect_to
|
|
62
|
+
redirect_to otp_token_path_for(resource)
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
#
|
|
@@ -70,7 +70,7 @@ module DeviseOtp
|
|
|
70
70
|
otp_set_flash_message :success, :successfully_cleared_persistence
|
|
71
71
|
end
|
|
72
72
|
|
|
73
|
-
redirect_to
|
|
73
|
+
redirect_to otp_token_path_for(resource)
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
#
|
|
@@ -81,7 +81,7 @@ module DeviseOtp
|
|
|
81
81
|
otp_set_flash_message :notice, :successfully_reset_persistence
|
|
82
82
|
end
|
|
83
83
|
|
|
84
|
-
redirect_to
|
|
84
|
+
redirect_to otp_token_path_for(resource)
|
|
85
85
|
end
|
|
86
86
|
|
|
87
87
|
def recovery
|
|
@@ -100,7 +100,7 @@ module DeviseOtp
|
|
|
100
100
|
otp_set_flash_message :success, :successfully_reset_otp
|
|
101
101
|
end
|
|
102
102
|
|
|
103
|
-
redirect_to
|
|
103
|
+
redirect_to edit_otp_token_path_for(resource)
|
|
104
104
|
end
|
|
105
105
|
|
|
106
106
|
private
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<%= render :partial => 'trusted_devices' if trusted_devices_enabled? %>
|
|
8
8
|
|
|
9
9
|
<% unless otp_mandatory_on?(resource) %>
|
|
10
|
-
<%= button_to I18n.t('disable_link', :scope => 'devise.otp.otp_tokens'),
|
|
10
|
+
<%= button_to I18n.t('disable_link', :scope => 'devise.otp.otp_tokens'), otp_token_path_for(resource), :method => :delete, :data => { "turbo-method": "DELETE" } %>
|
|
11
11
|
<% end %>
|
|
12
12
|
<% else %>
|
|
13
13
|
<%= link_to I18n.t('enable_link', :scope => 'devise.otp.otp_tokens'), edit_otp_token_path_for(resource) %>
|
data/devise-otp.gemspec
CHANGED
|
@@ -14,16 +14,7 @@ Gem::Specification.new do |gem|
|
|
|
14
14
|
gem.files = `git ls-files`.split($/)
|
|
15
15
|
gem.require_paths = ["lib"]
|
|
16
16
|
|
|
17
|
-
gem.
|
|
18
|
-
gem.
|
|
19
|
-
gem.
|
|
20
|
-
|
|
21
|
-
gem.add_development_dependency "capybara"
|
|
22
|
-
gem.add_development_dependency "minitest-reporters", ">= 0.5.0"
|
|
23
|
-
gem.add_development_dependency "puma"
|
|
24
|
-
gem.add_development_dependency "rdoc"
|
|
25
|
-
gem.add_development_dependency "shoulda"
|
|
26
|
-
gem.add_development_dependency "sprockets-rails"
|
|
27
|
-
gem.add_development_dependency "sqlite3", "~> 1.4"
|
|
28
|
-
gem.add_development_dependency "standardrb"
|
|
17
|
+
gem.add_dependency "rails", ">= 7.0", "< 8.0"
|
|
18
|
+
gem.add_dependency "devise", ">= 4.8.0", "< 5.0"
|
|
19
|
+
gem.add_dependency "rotp", ">= 2.0.0"
|
|
29
20
|
end
|
data/docs/QR_CODES.md
CHANGED
|
@@ -6,43 +6,4 @@ To do that, add the the following line to your `application.js` file:
|
|
|
6
6
|
|
|
7
7
|
//= require devise-otp
|
|
8
8
|
|
|
9
|
-
You can change this behavior by overriding the `otp_authenticator_token_image` method in your view helper
|
|
10
|
-
|
|
11
|
-
```ruby
|
|
12
|
-
def otp_authenticator_token_image(resource)
|
|
13
|
-
otp_authenticator_token_image_google(resource.otp_provisioning_uri)
|
|
14
|
-
end
|
|
15
|
-
```
|
|
16
|
-
|
|
17
|
-
This will call [Google API](https://github.com/wmlele/devise-otp/tree/master/lib/devise_otp_authenticatable/controllers/helpers.rb#L160) to render the QR code.
|
|
18
|
-
|
|
19
|
-
If your application is configured to use CSP policies, you'll need to authorize `chart.googleapis.com`. Here's an example with [secure_headers](https://github.com/github/secure_headers)):
|
|
20
|
-
|
|
21
|
-
```ruby
|
|
22
|
-
config.csp[:img_src] << 'chart.googleapis.com'
|
|
23
|
-
```
|
|
24
|
-
|
|
25
|
-
A third option consists in installing [jquery-qrcode]https://github.com/jeromeetienne/jquery-qrcode with Yarn or [shakapacker](https://github.com/shakacode/shakapacker) and overriding `otp_authenticator_token_image` to render some HTML :
|
|
26
|
-
|
|
27
|
-
```ruby
|
|
28
|
-
def otp_authenticator_token_image(resource)
|
|
29
|
-
tag(:span, data: { toggle: 'qrcode', otp_url: resource.otp_provisioning_uri, width: 192, height: 192, render: 'canvas' })
|
|
30
|
-
end
|
|
31
|
-
```
|
|
32
|
-
The QR code is then rendered by `jquery-qrcode` by setting a JS listener in your `application.js` :
|
|
33
|
-
|
|
34
|
-
```js
|
|
35
|
-
$(document).on('turbo:load', function() {
|
|
36
|
-
return $('[data-toggle=qrcode]').each(function() {
|
|
37
|
-
var data;
|
|
38
|
-
data = $(this).data();
|
|
39
|
-
return $(this).qrcode({
|
|
40
|
-
text: data['otpUrl'],
|
|
41
|
-
width: data['width'],
|
|
42
|
-
height: data['height'],
|
|
43
|
-
render: data['render']
|
|
44
|
-
});
|
|
45
|
-
});
|
|
46
|
-
});
|
|
47
|
-
```
|
|
48
|
-
This way you don't rely on external services to render the QR codes.
|
|
9
|
+
You can change this behavior by overriding the `otp_authenticator_token_image` method in your view helper.
|
data/lib/devise-otp/version.rb
CHANGED
data/test/dummy/config/routes.rb
CHANGED
data/test/orm/active_record.rb
CHANGED
|
@@ -3,4 +3,9 @@ ActiveRecord::Base.logger = Logger.new(nil)
|
|
|
3
3
|
|
|
4
4
|
migrations_path = File.expand_path("../../dummy/db/migrate/", __FILE__)
|
|
5
5
|
|
|
6
|
-
|
|
6
|
+
if Rails.version.to_f >= 7.2
|
|
7
|
+
ActiveRecord::MigrationContext.new(migrations_path).migrate
|
|
8
|
+
else
|
|
9
|
+
# To support order versions of Rails (pre v7.2)
|
|
10
|
+
ActiveRecord::MigrationContext.new(migrations_path, ActiveRecord::SchemaMigration).migrate
|
|
11
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-otp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lele Forzani
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2024-
|
|
12
|
+
date: 2024-09-04 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -17,20 +17,20 @@ dependencies:
|
|
|
17
17
|
requirements:
|
|
18
18
|
- - ">="
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: '
|
|
20
|
+
version: '7.0'
|
|
21
21
|
- - "<"
|
|
22
22
|
- !ruby/object:Gem::Version
|
|
23
|
-
version: '
|
|
23
|
+
version: '8.0'
|
|
24
24
|
type: :runtime
|
|
25
25
|
prerelease: false
|
|
26
26
|
version_requirements: !ruby/object:Gem::Requirement
|
|
27
27
|
requirements:
|
|
28
28
|
- - ">="
|
|
29
29
|
- !ruby/object:Gem::Version
|
|
30
|
-
version: '
|
|
30
|
+
version: '7.0'
|
|
31
31
|
- - "<"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '8.0'
|
|
34
34
|
- !ruby/object:Gem::Dependency
|
|
35
35
|
name: devise
|
|
36
36
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -65,118 +65,6 @@ dependencies:
|
|
|
65
65
|
- - ">="
|
|
66
66
|
- !ruby/object:Gem::Version
|
|
67
67
|
version: 2.0.0
|
|
68
|
-
- !ruby/object:Gem::Dependency
|
|
69
|
-
name: capybara
|
|
70
|
-
requirement: !ruby/object:Gem::Requirement
|
|
71
|
-
requirements:
|
|
72
|
-
- - ">="
|
|
73
|
-
- !ruby/object:Gem::Version
|
|
74
|
-
version: '0'
|
|
75
|
-
type: :development
|
|
76
|
-
prerelease: false
|
|
77
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
78
|
-
requirements:
|
|
79
|
-
- - ">="
|
|
80
|
-
- !ruby/object:Gem::Version
|
|
81
|
-
version: '0'
|
|
82
|
-
- !ruby/object:Gem::Dependency
|
|
83
|
-
name: minitest-reporters
|
|
84
|
-
requirement: !ruby/object:Gem::Requirement
|
|
85
|
-
requirements:
|
|
86
|
-
- - ">="
|
|
87
|
-
- !ruby/object:Gem::Version
|
|
88
|
-
version: 0.5.0
|
|
89
|
-
type: :development
|
|
90
|
-
prerelease: false
|
|
91
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
92
|
-
requirements:
|
|
93
|
-
- - ">="
|
|
94
|
-
- !ruby/object:Gem::Version
|
|
95
|
-
version: 0.5.0
|
|
96
|
-
- !ruby/object:Gem::Dependency
|
|
97
|
-
name: puma
|
|
98
|
-
requirement: !ruby/object:Gem::Requirement
|
|
99
|
-
requirements:
|
|
100
|
-
- - ">="
|
|
101
|
-
- !ruby/object:Gem::Version
|
|
102
|
-
version: '0'
|
|
103
|
-
type: :development
|
|
104
|
-
prerelease: false
|
|
105
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
106
|
-
requirements:
|
|
107
|
-
- - ">="
|
|
108
|
-
- !ruby/object:Gem::Version
|
|
109
|
-
version: '0'
|
|
110
|
-
- !ruby/object:Gem::Dependency
|
|
111
|
-
name: rdoc
|
|
112
|
-
requirement: !ruby/object:Gem::Requirement
|
|
113
|
-
requirements:
|
|
114
|
-
- - ">="
|
|
115
|
-
- !ruby/object:Gem::Version
|
|
116
|
-
version: '0'
|
|
117
|
-
type: :development
|
|
118
|
-
prerelease: false
|
|
119
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
120
|
-
requirements:
|
|
121
|
-
- - ">="
|
|
122
|
-
- !ruby/object:Gem::Version
|
|
123
|
-
version: '0'
|
|
124
|
-
- !ruby/object:Gem::Dependency
|
|
125
|
-
name: shoulda
|
|
126
|
-
requirement: !ruby/object:Gem::Requirement
|
|
127
|
-
requirements:
|
|
128
|
-
- - ">="
|
|
129
|
-
- !ruby/object:Gem::Version
|
|
130
|
-
version: '0'
|
|
131
|
-
type: :development
|
|
132
|
-
prerelease: false
|
|
133
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
134
|
-
requirements:
|
|
135
|
-
- - ">="
|
|
136
|
-
- !ruby/object:Gem::Version
|
|
137
|
-
version: '0'
|
|
138
|
-
- !ruby/object:Gem::Dependency
|
|
139
|
-
name: sprockets-rails
|
|
140
|
-
requirement: !ruby/object:Gem::Requirement
|
|
141
|
-
requirements:
|
|
142
|
-
- - ">="
|
|
143
|
-
- !ruby/object:Gem::Version
|
|
144
|
-
version: '0'
|
|
145
|
-
type: :development
|
|
146
|
-
prerelease: false
|
|
147
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
148
|
-
requirements:
|
|
149
|
-
- - ">="
|
|
150
|
-
- !ruby/object:Gem::Version
|
|
151
|
-
version: '0'
|
|
152
|
-
- !ruby/object:Gem::Dependency
|
|
153
|
-
name: sqlite3
|
|
154
|
-
requirement: !ruby/object:Gem::Requirement
|
|
155
|
-
requirements:
|
|
156
|
-
- - "~>"
|
|
157
|
-
- !ruby/object:Gem::Version
|
|
158
|
-
version: '1.4'
|
|
159
|
-
type: :development
|
|
160
|
-
prerelease: false
|
|
161
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
162
|
-
requirements:
|
|
163
|
-
- - "~>"
|
|
164
|
-
- !ruby/object:Gem::Version
|
|
165
|
-
version: '1.4'
|
|
166
|
-
- !ruby/object:Gem::Dependency
|
|
167
|
-
name: standardrb
|
|
168
|
-
requirement: !ruby/object:Gem::Requirement
|
|
169
|
-
requirements:
|
|
170
|
-
- - ">="
|
|
171
|
-
- !ruby/object:Gem::Version
|
|
172
|
-
version: '0'
|
|
173
|
-
type: :development
|
|
174
|
-
prerelease: false
|
|
175
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
176
|
-
requirements:
|
|
177
|
-
- - ">="
|
|
178
|
-
- !ruby/object:Gem::Version
|
|
179
|
-
version: '0'
|
|
180
68
|
description: Time Based OTP/rfc6238 compatible authentication for Devise
|
|
181
69
|
email:
|
|
182
70
|
- lele@windmill.it
|