devise-otp 0.7.1 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +18 -8
- data/.gitignore +2 -0
- data/Appraisals +36 -0
- data/CHANGELOG.md +4 -1
- data/Gemfile +12 -0
- data/README.md +8 -7
- data/app/assets/stylesheets/devise-otp.css +4 -0
- data/app/controllers/devise_otp/devise/otp_credentials_controller.rb +4 -6
- data/app/controllers/devise_otp/devise/otp_tokens_controller.rb +7 -8
- data/app/views/devise/otp_tokens/show.html.erb +1 -1
- data/config/locales/en.yml +0 -2
- data/devise-otp.gemspec +8 -16
- data/gemfiles/rails_7.0.gemfile +25 -0
- data/gemfiles/rails_7.1.gemfile +21 -0
- data/gemfiles/rails_7.2.gemfile +17 -0
- data/gemfiles/rails_8.0.gemfile +17 -0
- data/lib/devise-otp/version.rb +1 -1
- data/lib/devise_otp_authenticatable/controllers/helpers.rb +5 -28
- data/lib/generators/active_record/templates/migration.rb +1 -1
- data/test/dummy/app/assets/javascripts/application.js +0 -1
- data/test/dummy/app/assets/stylesheets/application.css +1 -0
- data/test/dummy/app/views/layouts/application.html.erb +7 -1
- data/test/dummy/config/routes.rb +1 -1
- data/test/dummy/db/migrate/20240604000001_create_admins.rb +1 -1
- data/test/integration/disable_token_test.rb +3 -0
- data/test/integration/enable_otp_form_test.rb +17 -0
- data/test/integration/persistence_test.rb +3 -0
- data/test/integration/refresh_test.rb +9 -0
- data/test/integration/reset_token_test.rb +3 -0
- data/test/integration/sign_in_test.rb +30 -0
- data/test/orm/active_record.rb +6 -1
- metadata +19 -118
- data/app/assets/javascripts/devise-otp.js +0 -1
- data/app/assets/javascripts/qrcode.js +0 -609
- data/docs/QR_CODES.md +0 -48
|
@@ -43,6 +43,7 @@ class SignInTest < ActionDispatch::IntegrationTest
|
|
|
43
43
|
click_button "Submit Token"
|
|
44
44
|
|
|
45
45
|
assert_equal user_otp_credential_path, current_path
|
|
46
|
+
assert page.has_content? "The token you provided was invalid."
|
|
46
47
|
end
|
|
47
48
|
|
|
48
49
|
test "fail blank token authentication" do
|
|
@@ -53,6 +54,7 @@ class SignInTest < ActionDispatch::IntegrationTest
|
|
|
53
54
|
click_button "Submit Token"
|
|
54
55
|
|
|
55
56
|
assert_equal user_otp_credential_path, current_path
|
|
57
|
+
assert page.has_content? "You need to type in the token you generated with your device."
|
|
56
58
|
end
|
|
57
59
|
|
|
58
60
|
test "successful token authentication" do
|
|
@@ -78,4 +80,32 @@ class SignInTest < ActionDispatch::IntegrationTest
|
|
|
78
80
|
User.otp_authentication_timeout = old_timeout
|
|
79
81
|
assert_equal new_user_session_path, current_path
|
|
80
82
|
end
|
|
83
|
+
|
|
84
|
+
test "blank token flash message does not persist to successful authentication redirect." do
|
|
85
|
+
user = enable_otp_and_sign_in
|
|
86
|
+
|
|
87
|
+
fill_in "token", with: "123456"
|
|
88
|
+
click_button "Submit Token"
|
|
89
|
+
|
|
90
|
+
assert page.has_content?("The token you provided was invalid.")
|
|
91
|
+
|
|
92
|
+
fill_in "token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
|
|
93
|
+
click_button "Submit Token"
|
|
94
|
+
|
|
95
|
+
assert !page.has_content?("The token you provided was invalid.")
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
test "invalid token flash message does not persist to successful authentication redirect." do
|
|
99
|
+
user = enable_otp_and_sign_in
|
|
100
|
+
|
|
101
|
+
fill_in "token", with: ""
|
|
102
|
+
click_button "Submit Token"
|
|
103
|
+
|
|
104
|
+
assert page.has_content?("You need to type in the token you generated with your device.")
|
|
105
|
+
|
|
106
|
+
fill_in "token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
|
|
107
|
+
click_button "Submit Token"
|
|
108
|
+
|
|
109
|
+
assert !page.has_content?("You need to type in the token you generated with your device.")
|
|
110
|
+
end
|
|
81
111
|
end
|
data/test/orm/active_record.rb
CHANGED
|
@@ -3,4 +3,9 @@ ActiveRecord::Base.logger = Logger.new(nil)
|
|
|
3
3
|
|
|
4
4
|
migrations_path = File.expand_path("../../dummy/db/migrate/", __FILE__)
|
|
5
5
|
|
|
6
|
-
|
|
6
|
+
if Rails.version.to_f >= 7.2
|
|
7
|
+
ActiveRecord::MigrationContext.new(migrations_path).migrate
|
|
8
|
+
else
|
|
9
|
+
# To support order versions of Rails (pre v7.2)
|
|
10
|
+
ActiveRecord::MigrationContext.new(migrations_path, ActiveRecord::SchemaMigration).migrate
|
|
11
|
+
end
|
metadata
CHANGED
|
@@ -1,15 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-otp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lele Forzani
|
|
8
8
|
- Josef Strzibny
|
|
9
|
+
- Laney Stroup
|
|
9
10
|
autorequire:
|
|
10
11
|
bindir: bin
|
|
11
12
|
cert_chain: []
|
|
12
|
-
date: 2024-
|
|
13
|
+
date: 2024-11-21 00:00:00.000000000 Z
|
|
13
14
|
dependencies:
|
|
14
15
|
- !ruby/object:Gem::Dependency
|
|
15
16
|
name: rails
|
|
@@ -17,20 +18,14 @@ dependencies:
|
|
|
17
18
|
requirements:
|
|
18
19
|
- - ">="
|
|
19
20
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: '
|
|
21
|
-
- - "<"
|
|
22
|
-
- !ruby/object:Gem::Version
|
|
23
|
-
version: '7.2'
|
|
21
|
+
version: '7.0'
|
|
24
22
|
type: :runtime
|
|
25
23
|
prerelease: false
|
|
26
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
27
25
|
requirements:
|
|
28
26
|
- - ">="
|
|
29
27
|
- !ruby/object:Gem::Version
|
|
30
|
-
version: '
|
|
31
|
-
- - "<"
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version: '7.2'
|
|
28
|
+
version: '7.0'
|
|
34
29
|
- !ruby/object:Gem::Dependency
|
|
35
30
|
name: devise
|
|
36
31
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -66,134 +61,37 @@ dependencies:
|
|
|
66
61
|
- !ruby/object:Gem::Version
|
|
67
62
|
version: 2.0.0
|
|
68
63
|
- !ruby/object:Gem::Dependency
|
|
69
|
-
name:
|
|
70
|
-
requirement: !ruby/object:Gem::Requirement
|
|
71
|
-
requirements:
|
|
72
|
-
- - ">="
|
|
73
|
-
- !ruby/object:Gem::Version
|
|
74
|
-
version: '0'
|
|
75
|
-
type: :development
|
|
76
|
-
prerelease: false
|
|
77
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
78
|
-
requirements:
|
|
79
|
-
- - ">="
|
|
80
|
-
- !ruby/object:Gem::Version
|
|
81
|
-
version: '0'
|
|
82
|
-
- !ruby/object:Gem::Dependency
|
|
83
|
-
name: minitest-reporters
|
|
84
|
-
requirement: !ruby/object:Gem::Requirement
|
|
85
|
-
requirements:
|
|
86
|
-
- - ">="
|
|
87
|
-
- !ruby/object:Gem::Version
|
|
88
|
-
version: 0.5.0
|
|
89
|
-
type: :development
|
|
90
|
-
prerelease: false
|
|
91
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
92
|
-
requirements:
|
|
93
|
-
- - ">="
|
|
94
|
-
- !ruby/object:Gem::Version
|
|
95
|
-
version: 0.5.0
|
|
96
|
-
- !ruby/object:Gem::Dependency
|
|
97
|
-
name: puma
|
|
98
|
-
requirement: !ruby/object:Gem::Requirement
|
|
99
|
-
requirements:
|
|
100
|
-
- - ">="
|
|
101
|
-
- !ruby/object:Gem::Version
|
|
102
|
-
version: '0'
|
|
103
|
-
type: :development
|
|
104
|
-
prerelease: false
|
|
105
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
106
|
-
requirements:
|
|
107
|
-
- - ">="
|
|
108
|
-
- !ruby/object:Gem::Version
|
|
109
|
-
version: '0'
|
|
110
|
-
- !ruby/object:Gem::Dependency
|
|
111
|
-
name: rdoc
|
|
112
|
-
requirement: !ruby/object:Gem::Requirement
|
|
113
|
-
requirements:
|
|
114
|
-
- - ">="
|
|
115
|
-
- !ruby/object:Gem::Version
|
|
116
|
-
version: '0'
|
|
117
|
-
type: :development
|
|
118
|
-
prerelease: false
|
|
119
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
120
|
-
requirements:
|
|
121
|
-
- - ">="
|
|
122
|
-
- !ruby/object:Gem::Version
|
|
123
|
-
version: '0'
|
|
124
|
-
- !ruby/object:Gem::Dependency
|
|
125
|
-
name: shoulda
|
|
126
|
-
requirement: !ruby/object:Gem::Requirement
|
|
127
|
-
requirements:
|
|
128
|
-
- - ">="
|
|
129
|
-
- !ruby/object:Gem::Version
|
|
130
|
-
version: '0'
|
|
131
|
-
type: :development
|
|
132
|
-
prerelease: false
|
|
133
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
134
|
-
requirements:
|
|
135
|
-
- - ">="
|
|
136
|
-
- !ruby/object:Gem::Version
|
|
137
|
-
version: '0'
|
|
138
|
-
- !ruby/object:Gem::Dependency
|
|
139
|
-
name: sprockets-rails
|
|
140
|
-
requirement: !ruby/object:Gem::Requirement
|
|
141
|
-
requirements:
|
|
142
|
-
- - ">="
|
|
143
|
-
- !ruby/object:Gem::Version
|
|
144
|
-
version: '0'
|
|
145
|
-
type: :development
|
|
146
|
-
prerelease: false
|
|
147
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
148
|
-
requirements:
|
|
149
|
-
- - ">="
|
|
150
|
-
- !ruby/object:Gem::Version
|
|
151
|
-
version: '0'
|
|
152
|
-
- !ruby/object:Gem::Dependency
|
|
153
|
-
name: sqlite3
|
|
64
|
+
name: rqrcode
|
|
154
65
|
requirement: !ruby/object:Gem::Requirement
|
|
155
66
|
requirements:
|
|
156
67
|
- - "~>"
|
|
157
68
|
- !ruby/object:Gem::Version
|
|
158
|
-
version: '
|
|
159
|
-
type: :
|
|
69
|
+
version: '2.0'
|
|
70
|
+
type: :runtime
|
|
160
71
|
prerelease: false
|
|
161
72
|
version_requirements: !ruby/object:Gem::Requirement
|
|
162
73
|
requirements:
|
|
163
74
|
- - "~>"
|
|
164
75
|
- !ruby/object:Gem::Version
|
|
165
|
-
version: '
|
|
166
|
-
|
|
167
|
-
name: standardrb
|
|
168
|
-
requirement: !ruby/object:Gem::Requirement
|
|
169
|
-
requirements:
|
|
170
|
-
- - ">="
|
|
171
|
-
- !ruby/object:Gem::Version
|
|
172
|
-
version: '0'
|
|
173
|
-
type: :development
|
|
174
|
-
prerelease: false
|
|
175
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
176
|
-
requirements:
|
|
177
|
-
- - ">="
|
|
178
|
-
- !ruby/object:Gem::Version
|
|
179
|
-
version: '0'
|
|
180
|
-
description: Time Based OTP/rfc6238 compatible authentication for Devise
|
|
76
|
+
version: '2.0'
|
|
77
|
+
description: OTP authentication for Devise
|
|
181
78
|
email:
|
|
182
79
|
- lele@windmill.it
|
|
183
80
|
- strzibny@strzibny.name
|
|
81
|
+
- laney@stroupsolutions.com
|
|
184
82
|
executables: []
|
|
185
83
|
extensions: []
|
|
186
84
|
extra_rdoc_files: []
|
|
187
85
|
files:
|
|
188
86
|
- ".github/workflows/ci.yml"
|
|
189
87
|
- ".gitignore"
|
|
88
|
+
- Appraisals
|
|
190
89
|
- CHANGELOG.md
|
|
191
90
|
- Gemfile
|
|
192
91
|
- LICENSE.txt
|
|
193
92
|
- README.md
|
|
194
93
|
- Rakefile
|
|
195
|
-
- app/assets/
|
|
196
|
-
- app/assets/javascripts/qrcode.js
|
|
94
|
+
- app/assets/stylesheets/devise-otp.css
|
|
197
95
|
- app/controllers/devise_otp/devise/otp_credentials_controller.rb
|
|
198
96
|
- app/controllers/devise_otp/devise/otp_tokens_controller.rb
|
|
199
97
|
- app/views/devise/otp_credentials/refresh.html.erb
|
|
@@ -206,7 +104,10 @@ files:
|
|
|
206
104
|
- app/views/devise/otp_tokens/show.html.erb
|
|
207
105
|
- config/locales/en.yml
|
|
208
106
|
- devise-otp.gemspec
|
|
209
|
-
-
|
|
107
|
+
- gemfiles/rails_7.0.gemfile
|
|
108
|
+
- gemfiles/rails_7.1.gemfile
|
|
109
|
+
- gemfiles/rails_7.2.gemfile
|
|
110
|
+
- gemfiles/rails_8.0.gemfile
|
|
210
111
|
- lib/devise-otp.rb
|
|
211
112
|
- lib/devise-otp/version.rb
|
|
212
113
|
- lib/devise/strategies/database_authenticatable.rb
|
|
@@ -291,7 +192,7 @@ files:
|
|
|
291
192
|
- test/models/otp_authenticatable_test.rb
|
|
292
193
|
- test/orm/active_record.rb
|
|
293
194
|
- test/test_helper.rb
|
|
294
|
-
homepage:
|
|
195
|
+
homepage: https://github.com/wmlele/devise-otp
|
|
295
196
|
licenses: []
|
|
296
197
|
metadata: {}
|
|
297
198
|
post_install_message:
|
|
@@ -309,7 +210,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
309
210
|
- !ruby/object:Gem::Version
|
|
310
211
|
version: '0'
|
|
311
212
|
requirements: []
|
|
312
|
-
rubygems_version: 3.
|
|
213
|
+
rubygems_version: 3.5.16
|
|
313
214
|
signing_key:
|
|
314
215
|
specification_version: 4
|
|
315
216
|
summary: Time Based OTP/rfc6238 compatible authentication for Devise
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
//= require_tree .
|