devise-two-factor 3.0.0 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of devise-two-factor might be problematic. Click here for more details.

Files changed (23) hide show
  1. checksums.yaml +5 -5
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/.gitignore +3 -0
  5. data/.travis.yml +38 -2
  6. data/Appraisals +29 -0
  7. data/CHANGELOG.md +6 -0
  8. data/README.md +16 -2
  9. data/certs/tinfoilsecurity-gems-cert.pem +32 -30
  10. data/devise-two-factor.gemspec +3 -2
  11. data/gemfiles/rails_4_1.gemfile +8 -0
  12. data/gemfiles/rails_4_2.gemfile +8 -0
  13. data/gemfiles/rails_5_0.gemfile +8 -0
  14. data/gemfiles/rails_5_1.gemfile +8 -0
  15. data/gemfiles/rails_5_2.gemfile +8 -0
  16. data/gemfiles/rails_6_0.gemfile +8 -0
  17. data/lib/devise_two_factor/spec_helpers/two_factor_authenticatable_shared_examples.rb +1 -1
  18. data/lib/devise_two_factor/spec_helpers/two_factor_backupable_shared_examples.rb +1 -1
  19. data/lib/devise_two_factor/strategies/two_factor_authenticatable.rb +1 -1
  20. data/lib/devise_two_factor/strategies/two_factor_backupable.rb +1 -1
  21. data/lib/devise_two_factor/version.rb +1 -1
  22. metadata +64 -41
  23. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 4b3b5de2fc272e8a4cb6efed6a5767d5ebf98b7a
4
- data.tar.gz: b9f07dd6665d994fc78c3fca5baf074a2a7ecdbd
2
+ SHA256:
3
+ metadata.gz: 12a32c4d2067b65a19376f7d98480e89975091a9b57eddd01b7bd8a036eae7bb
4
+ data.tar.gz: 46c843c0e7aeaa0e2432a667195bef8f92eabfc1e7940c9f9e067a3c08fe8797
5
5
  SHA512:
6
- metadata.gz: fdd8ddf024c2d4d336026262ea27c9660df54d6363c3aff582c500e76ae7b8bc136d1cf3f048527b5e95c899af04dc1ae4fb4c91e4323c5b47aeb6fe922df98d
7
- data.tar.gz: 11b3e866530264a4c3779fc49150df1de42658e7ead17496844d7f667d6d033c5c5fb7808d50df62a0a7afdc265e6d442f31d55ac2188d9f330662545d5c37f7
6
+ metadata.gz: 6de2e060514bfcea44bde7fde4c63bc8ab5f0ad934f4d69e3224fdf9534e9c452abc7bb6994d964cd0de61a244ba57e7c400979e07b81c3c2a93d1745aef997d
7
+ data.tar.gz: 867896645165eca78879f02ace0acffedd86f1b32cd38e221630ac9e3bf7f47fec71d6cfa90f5fb16b7a2241b63ca004a33ac598bb60df98bd21601bfda5e16f
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/.gitignore CHANGED
@@ -9,6 +9,8 @@
9
9
  /test/tmp/
10
10
  /test/version_tmp/
11
11
  /tmp/
12
+ /gemfiles/.bundle/
13
+ /gemfiles/*.gemfile.lock
12
14
 
13
15
  ## Specific to RubyMotion:
14
16
  .dat*
@@ -42,6 +44,7 @@ build-iPhoneSimulator/
42
44
  Gemfile.lock
43
45
  .ruby-version
44
46
  .ruby-gemset
47
+ .tool-versions
45
48
 
46
49
  # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
47
50
  .rvmrc
data/.travis.yml CHANGED
@@ -2,9 +2,45 @@ sudo: false
2
2
  language: ruby
3
3
  cache: bundler
4
4
  before_install:
5
- - gem update --system
5
+ - gem i rubygems-update -v '<3' && update_rubygems
6
6
  - gem update bundler
7
+ gemfile:
8
+ - Gemfile
9
+ - gemfiles/rails_4_1.gemfile
10
+ - gemfiles/rails_4_2.gemfile
11
+ - gemfiles/rails_5_0.gemfile
12
+ - gemfiles/rails_5_1.gemfile
13
+ - gemfiles/rails_5_2.gemfile
14
+ - gemfiles/rails_6_0.gemfile
7
15
  rvm:
8
16
  - "2.1"
9
17
  - "2.2"
10
- - "2.3.0"
18
+ - "2.3.4"
19
+ - "2.4.0"
20
+ - "2.4.1"
21
+ - "2.5"
22
+ - "2.6"
23
+ matrix:
24
+ exclude:
25
+ - rvm: "2.1"
26
+ gemfile: gemfiles/rails_5_0.gemfile
27
+ - rvm: "2.2"
28
+ gemfile: gemfiles/rails_5_0.gemfile
29
+ - rvm: "2.1"
30
+ gemfile: gemfiles/rails_5_1.gemfile
31
+ - rvm: "2.2"
32
+ gemfile: gemfiles/rails_5_1.gemfile
33
+ - rvm: "2.1"
34
+ gemfile: gemfiles/rails_5_2.gemfile
35
+ - rvm: "2.2"
36
+ gemfile: gemfiles/rails_5_2.gemfile
37
+ - rvm: "2.1"
38
+ gemfile: gemfiles/rails_6_0.gemfile
39
+ - rvm: "2.2"
40
+ gemfile: gemfiles/rails_6_0.gemfile
41
+ - rvm: "2.3.4"
42
+ gemfile: gemfiles/rails_6_0.gemfile
43
+ - rvm: "2.4.0"
44
+ gemfile: gemfiles/rails_6_0.gemfile
45
+ - rvm: "2.4.1"
46
+ gemfile: gemfiles/rails_6_0.gemfile
data/Appraisals ADDED
@@ -0,0 +1,29 @@
1
+ appraise "rails-4-1" do
2
+ gem 'railties', '~> 4.1'
3
+ gem 'activesupport', '~> 4.1'
4
+ end
5
+
6
+ appraise "rails-4-2" do
7
+ gem 'railties', '~> 4.2'
8
+ gem 'activesupport', '~> 4.2'
9
+ end
10
+
11
+ appraise "rails-5-0" do
12
+ gem 'railties', '~> 5.0'
13
+ gem 'activesupport', '~> 5.0'
14
+ end
15
+
16
+ appraise "rails-5-1" do
17
+ gem 'railties', '~> 5.1'
18
+ gem 'activesupport', '~> 5.1'
19
+ end
20
+
21
+ appraise "rails-5-2" do
22
+ gem 'railties', '~> 5.2'
23
+ gem 'activesupport', '~> 5.2'
24
+ end
25
+
26
+ appraise "rails-6-0" do
27
+ gem 'railties', '~> 6.0'
28
+ gem 'activesupport', '~> 6.0'
29
+ end
data/CHANGELOG.md CHANGED
@@ -2,6 +2,12 @@
2
2
 
3
3
  ## Unreleased
4
4
 
5
+ ## 3.0.2
6
+ - Add Rails 5.1 support
7
+
8
+ ## 3.0.1
9
+ - Qualify call to rspec shared_examples
10
+
5
11
  ## 3.0.0
6
12
  See `UPGRADING.md` for specific help with breaking changes from 2.x to 3.0.0.
7
13
 
data/README.md CHANGED
@@ -1,5 +1,5 @@
1
1
  # Devise-Two-Factor Authentication
2
- By [Tinfoil Security](http://tinfoilsecurity.com/)
2
+ By [Tinfoil Security](https://www.tinfoilsecurity.com/). Interested in [working with us](https://www.tinfoilsecurity.com/jobs)? We're hiring!
3
3
 
4
4
  [![Build Status](https://travis-ci.org/tinfoil/devise-two-factor.svg?branch=master)](https://travis-ci.org/tinfoil/devise-two-factor)
5
5
 
@@ -7,9 +7,12 @@ Devise-Two-Factor is a minimalist extension to Devise which offers support for t
7
7
 
8
8
  * Allows you to incorporate two-factor authentication into your existing models
9
9
  * Is opinionated about security, so you don't have to be
10
- * Integrates easily with two-factor applications like Google Authenticator and Authy
10
+ * Integrates easily with two-factor applications like [Google Authenticator](https://support.google.com/accounts/answer/1066447?hl=en) and [Authy](https://authy.com/)
11
11
  * Is extensible, and includes two-factor backup codes as an example of how plugins can be structured
12
12
 
13
+ ## Contributing
14
+ We welcome pull requests, bug reports, and other contributions. We're especially looking for help getting this gem fully compatible with Rails 5+ and squashing any deprecation messages.
15
+
13
16
  ## Example App
14
17
  An example Rails 4 application is provided in the `demo` directory. It showcases a minimal example of Devise-Two-Factor in action, and can act as a reference for integrating the gem into your own application.
15
18
 
@@ -122,6 +125,17 @@ Before you can do this however, you need to decide how you're going to transmit
122
125
 
123
126
  At Tinfoil Security, we opted to use the excellent [rqrcode-rails3](https://github.com/samvincent/rqrcode-rails3) gem to generate a QR-code representing the user's secret key, which can then be scanned by any mobile two-factor authentication client.
124
127
 
128
+ If you decide to do this you'll need to generate a URI to act as the source for the QR code. This can be done using the `User#otp_provisioning_uri` method.
129
+
130
+ ```ruby
131
+ issuer = 'Your App'
132
+ label = "#{issuer}:#{current_user.email}"
133
+
134
+ current_user.otp_provisioning_uri(label, issuer: issuer)
135
+
136
+ # > "otpauth://totp/Your%20App:user@example.com?secret=[otp_secret]&issuer=Your+App"
137
+ ```
138
+
125
139
  If you instead to decide to send the one-time password to the user directly, such as via SMS, you'll need a mechanism for generating the one-time password on the server:
126
140
 
127
141
  ```ruby
data/certs/tinfoilsecurity-gems-cert.pem CHANGED
@@ -1,33 +1,35 @@
1
1
  -----BEGIN CERTIFICATE-----
2
- MIIFyjCCA7KgAwIBAgIJAK2u0LojMCNtMA0GCSqGSIb3DQEBDQUAMIGcMQswCQYD
3
- VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEfMB0GA1UE
4
- ChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEfMB0GA1UEAxMWVGluZm9pbCBTZWN1
5
- cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYbc3VwcG9ydEB0aW5mb2lsc2VjdXJp
6
- dHkuY29tMB4XDTE0MDUyMDIxMTAwMFoXDTE2MDUyMDIxMTAwMFowgZwxCzAJBgNV
2
+ MIIGADCCA+igAwIBAgIIBr+qGSyQe7MwDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
7
3
  BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
8
- ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJp
9
- dHktZ2VtczEsMCoGCSqGSIb3DQEJARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0
10
- eS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDNJYNH8D+8lACL
11
- t3KzjEIPs3XVBCPaMm2eD/Xk9OOTuDV/NqgMK0icD9MRxMUtS3SCrC9QcPocXT76
12
- f2LQ3yVJuK+rBUasymEES47PIx2czC4n4Hga0xPPuBpioO26oaRFsobyzh9RPOIb
13
- nYfpjyqtdrbm+YyM3sPR4XzFirv9xomT4E9T4RCLgOQHTcLKL9K9m+EN7PeVdVUX
14
- V0Pa7cVs2vJUKedsd7vnr6Lzbn8ToPk/7J/4W931PbaeI5yg9ZuaRa9K2IaY1TkP
15
- I67NW4qKitBVepRlXw6Sb7TYcUncWEQ/eC5CpnOmqUrG5tfGD8cc5aGZOkitW/VX
16
- ZgVj81xgCv1hk4HjErrqq4FBNAaCSNyBfwR0TUYqg1lN1nbNjOKwfb6YRn06R2ov
17
- cFJG0tmGhsQULCr6fW8u2TfSM+U9WFSIJx2griureY7EZPwg/MgsUiWUWMFemz3G
18
- VYXWJR3dN2pW9Uqr3rkjKZbA0bstGWahJO9HuFdDakQxoaTPYPtTQDC+kskkO6lK
19
- G1KLIoZ1iLZzB1Ks1vEeyE7lp1imWgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+
20
- XLzldCNm+DyRFXZ+Q+bK33IveUeUWEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE5
21
- 15kG1mDMGjRcCpEtlskgxUbf7qM7hQIDAQABow0wCzAJBgNVHRMEAjAAMA0GCSqG
22
- SIb3DQEBDQUAA4ICAQCLXzGJOr0isGHscTvm73ReEAOv4g0IOSXjfHfHAOWKhzdM
23
- g+D8nrzhy8wnARqAt2Ob4I+R9scEIfI5MPp/C5HHqWed4m0W0Uygx3V3qyixavkc
24
- nVUJMZ4TPS6W48IHdGGVD45hopx7ycFy+iPm7QUFk4sg044dO53mkScTetm2AvIE
25
- xDTotsFNpn/hrAnzXlH4MQQ7LKXAedPmFi8Jv5nJwv9BnEGJQJhvzQtdx7le4S8J
26
- a78vwAq429N2gVnfSdeU9v9QqdHOF1215lC6qaDI4bk8hVE4RyMxSBZmWKhnPLAm
27
- jFXGc6Wj2yF7HQ2YtEGAAEyjH+tAwF35STv+J3eweUFhyGZPH8Sf+b+UKZc9UF1D
28
- J/VmzQd9D9RaB+pOclDYR3Uiji5EBq1La2FPg48hA0uCd4KJ9dBGwNrxvjDNSBW0
29
- FiM1vjR6AVxIAhOwICeWG6QTvH5Jrnq/UDBnnK/KALCbFw3YbbhOyy+295jta7xf
30
- r32d4cJAvbDF1C6t2JRjNwi0ANgPw0cytl+8yvCyXpXMZpT0YpDk76XICo97SOHI
31
- 5C31v4YyRBnNCp0pN66nxYX2avEiQ8riTBP5mlkPPOhsIoYQHHe2Uj75aVpu0LZ3
32
- cdFzuO4GC1dV0Wv+dsDm+MyF7DT5E9pUPXpnMJuPvPrFpCb+wrFlszW9hGjXbQ==
4
+ ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
5
+ aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
6
+ eS5jb20wHhcNMTkwODA3MTkwMjAwWhcNMjAwODA3MTkwMjAwWjCBiDELMAkGA1UE
7
+ BhMCVVMxCzAJBgNVBAgTAkNBMR8wHQYDVQQKExZUaW5mb2lsIFNlY3VyaXR5LCBJ
8
+ bmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJpdHktZ2VtczEsMCoGCSqGSIb3DQEJ
9
+ ARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0eS5jb20wggIiMA0GCSqGSIb3DQEB
10
+ AQUAA4ICDwAwggIKAoICAQDNJYNH8D+8lACLt3KzjEIPs3XVBCPaMm2eD/Xk9OOT
11
+ uDV/NqgMK0icD9MRxMUtS3SCrC9QcPocXT76f2LQ3yVJuK+rBUasymEES47PIx2c
12
+ zC4n4Hga0xPPuBpioO26oaRFsobyzh9RPOIbnYfpjyqtdrbm+YyM3sPR4XzFirv9
13
+ xomT4E9T4RCLgOQHTcLKL9K9m+EN7PeVdVUXV0Pa7cVs2vJUKedsd7vnr6Lzbn8T
14
+ oPk/7J/4W931PbaeI5yg9ZuaRa9K2IaY1TkPI67NW4qKitBVepRlXw6Sb7TYcUnc
15
+ WEQ/eC5CpnOmqUrG5tfGD8cc5aGZOkitW/VXZgVj81xgCv1hk4HjErrqq4FBNAaC
16
+ SNyBfwR0TUYqg1lN1nbNjOKwfb6YRn06R2ovcFJG0tmGhsQULCr6fW8u2TfSM+U9
17
+ WFSIJx2griureY7EZPwg/MgsUiWUWMFemz3GVYXWJR3dN2pW9Uqr3rkjKZbA0bst
18
+ GWahJO9HuFdDakQxoaTPYPtTQDC+kskkO6lKG1KLIoZ1iLZzB1Ks1vEeyE7lp1im
19
+ WgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+XLzldCNm+DyRFXZ+Q+bK33IveUeU
20
+ WEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE515kG1mDMGjRcCpEtlskgxUbf7qM7
21
+ hQIDAQABo1gwVjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHBzOi8v
22
+ d3d3LnRpbmZvaWxzZWN1cml0eS5jb20vc2VjdXJpdHkvcmV2b2NhdGlvbl9saXN0
23
+ MA0GCSqGSIb3DQEBDQUAA4ICAQAiW9gcR0TTaxsK1DaHZ9U9VxP0dhtWKyTcjDnE
24
+ BHlaayjrEmmQHmEtDEFOkLYOo20LpMFaogxcSHBYto5Z3XYfU9ZPuaY6rGVFhXeq
25
+ mrQn6O0iOxzNOHLSZTgEjQTc2gJg1p1CYSxapla53ivW5v01dNcS1XJE/HFHQttI
26
+ gXdNb53g7XW/c1Be5MvtQKZHsYGNANE+NUUOIFMp29PI1iXBVZVm2PSYL4XlGgQi
27
+ 2cg3tU2TK6+wLul5ZMMvNrOgjaWcbqgW976hUAE03OgR5GDy4M3LfYOs8OJNsktG
28
+ dtpfft6WroUoiqzDCNz85fbLqhY0vwPNJxK/wFHvxTJ2MKL/BdOha8gIV2o5HPTC
29
+ cBpZx2C8FyUKAZfuXwTVkMtPbhFowjPNQN4TNl5N6DRtLnb1PDn9LOXHCPd+0V2b
30
+ ssxu8B1+kf9IyrKBhlqKWSoLdaPboz5FunBUj6nkbXz2VlCkqbRIAFaTtmMJjjWR
31
+ I0Fgx1CAbDjnDvf/hYrjPAvwLOcQ117Tm3Wk/3MP78CwmZoFHRrBw68Ir5mcLrQy
32
+ L71AbBqGd3i+azsNXMmm11ZZetYzbIy6kc9g9MFHd+3xooJpU7eRpm+tyRLKX/qu
33
+ /9iBhU0HVz2daNTk8LdQtzGqff8Dj0qB4sBndVsTW1JxKRP8E3jeLBT4EBGsy9OL
34
+ 5aBXTA==
33
35
  -----END CERTIFICATE-----
data/devise-two-factor.gemspec CHANGED
@@ -24,13 +24,14 @@ Gem::Specification.new do |s|
24
24
  s.test_files = `git ls-files -- spec/*`.split("\n")
25
25
  s.require_paths = ['lib']
26
26
 
27
- s.add_runtime_dependency 'railties'
28
- s.add_runtime_dependency 'activesupport'
27
+ s.add_runtime_dependency 'railties', '< 6.1'
28
+ s.add_runtime_dependency 'activesupport', '< 6.1'
29
29
  s.add_runtime_dependency 'attr_encrypted', '>= 1.3', '< 4', '!= 2'
30
30
  s.add_runtime_dependency 'devise', '~> 4.0'
31
31
  s.add_runtime_dependency 'rotp', '~> 2.0'
32
32
 
33
33
  s.add_development_dependency 'activemodel'
34
+ s.add_development_dependency 'appraisal'
34
35
  s.add_development_dependency 'bundler', '> 1.0'
35
36
  s.add_development_dependency 'rspec', '> 3'
36
37
  s.add_development_dependency 'simplecov'
data/gemfiles/rails_4_1.gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "railties", "~> 4.1"
6
+ gem "activesupport", "~> 4.1"
7
+
8
+ gemspec path: "../"
data/gemfiles/rails_4_2.gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "railties", "~> 4.2"
6
+ gem "activesupport", "~> 4.2"
7
+
8
+ gemspec path: "../"
data/gemfiles/rails_5_0.gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "railties", "~> 5.0"
6
+ gem "activesupport", "~> 5.0"
7
+
8
+ gemspec path: "../"
data/gemfiles/rails_5_1.gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "railties", "~> 5.1"
6
+ gem "activesupport", "~> 5.1"
7
+
8
+ gemspec path: "../"
data/gemfiles/rails_5_2.gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "railties", "~> 5.2"
6
+ gem "activesupport", "~> 5.2"
7
+
8
+ gemspec path: "../"
data/gemfiles/rails_6_0.gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "railties", "~> 6.0.0.rc2"
6
+ gem "activesupport", "~> 6.0.0.rc2"
7
+
8
+ gemspec path: "../"
data/lib/devise_two_factor/spec_helpers/two_factor_authenticatable_shared_examples.rb CHANGED
@@ -1,4 +1,4 @@
1
- shared_examples 'two_factor_authenticatable' do
1
+ RSpec.shared_examples 'two_factor_authenticatable' do
2
2
  before :each do
3
3
  subject.otp_secret = subject.class.generate_otp_secret
4
4
  subject.consumed_timestep = nil
data/lib/devise_two_factor/spec_helpers/two_factor_backupable_shared_examples.rb CHANGED
@@ -1,4 +1,4 @@
1
- shared_examples 'two_factor_backupable' do
1
+ RSpec.shared_examples 'two_factor_backupable' do
2
2
  describe 'required_fields' do
3
3
  it 'has the attr_encrypted fields for otp_backup_codes' do
4
4
  expect(Devise::Models::TwoFactorBackupable.required_fields(subject.class)).to contain_exactly(:otp_backup_codes)
data/lib/devise_two_factor/strategies/two_factor_authenticatable.rb CHANGED
@@ -12,7 +12,7 @@ module Devise
12
12
  super
13
13
  end
14
14
 
15
- fail(:not_found_in_database) unless resource
15
+ fail(Devise.paranoid ? :invalid : :not_found_in_database) unless resource
16
16
 
17
17
  # We want to cascade to the next strategy if this one fails,
18
18
  # but database authenticatable automatically halts on a bad password
data/lib/devise_two_factor/strategies/two_factor_backupable.rb CHANGED
@@ -12,7 +12,7 @@ module Devise
12
12
  super
13
13
  end
14
14
 
15
- fail(:not_found_in_database) unless resource
15
+ fail(Devise.paranoid ? :invalid : :not_found_in_database) unless resource
16
16
 
17
17
  # We want to cascade to the next strategy if this one fails,
18
18
  # but database authenticatable automatically halts on a bad password
data/lib/devise_two_factor/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DeviseTwoFactor
2
- VERSION = '3.0.0'.freeze
2
+ VERSION = '3.1.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-two-factor
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shane Wilton
@@ -52,68 +52,70 @@ cert_chain:
52
52
  -----END CERTIFICATE-----
53
53
  - |
54
54
  -----BEGIN CERTIFICATE-----
55
- MIIFyjCCA7KgAwIBAgIJAK2u0LojMCNtMA0GCSqGSIb3DQEBDQUAMIGcMQswCQYD
56
- VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEfMB0GA1UE
57
- ChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEfMB0GA1UEAxMWVGluZm9pbCBTZWN1
58
- cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYbc3VwcG9ydEB0aW5mb2lsc2VjdXJp
59
- dHkuY29tMB4XDTE0MDUyMDIxMTAwMFoXDTE2MDUyMDIxMTAwMFowgZwxCzAJBgNV
55
+ MIIGADCCA+igAwIBAgIIBr+qGSyQe7MwDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
60
56
  BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
61
- ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJp
62
- dHktZ2VtczEsMCoGCSqGSIb3DQEJARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0
63
- eS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDNJYNH8D+8lACL
64
- t3KzjEIPs3XVBCPaMm2eD/Xk9OOTuDV/NqgMK0icD9MRxMUtS3SCrC9QcPocXT76
65
- f2LQ3yVJuK+rBUasymEES47PIx2czC4n4Hga0xPPuBpioO26oaRFsobyzh9RPOIb
66
- nYfpjyqtdrbm+YyM3sPR4XzFirv9xomT4E9T4RCLgOQHTcLKL9K9m+EN7PeVdVUX
67
- V0Pa7cVs2vJUKedsd7vnr6Lzbn8ToPk/7J/4W931PbaeI5yg9ZuaRa9K2IaY1TkP
68
- I67NW4qKitBVepRlXw6Sb7TYcUncWEQ/eC5CpnOmqUrG5tfGD8cc5aGZOkitW/VX
69
- ZgVj81xgCv1hk4HjErrqq4FBNAaCSNyBfwR0TUYqg1lN1nbNjOKwfb6YRn06R2ov
70
- cFJG0tmGhsQULCr6fW8u2TfSM+U9WFSIJx2griureY7EZPwg/MgsUiWUWMFemz3G
71
- VYXWJR3dN2pW9Uqr3rkjKZbA0bstGWahJO9HuFdDakQxoaTPYPtTQDC+kskkO6lK
72
- G1KLIoZ1iLZzB1Ks1vEeyE7lp1imWgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+
73
- XLzldCNm+DyRFXZ+Q+bK33IveUeUWEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE5
74
- 15kG1mDMGjRcCpEtlskgxUbf7qM7hQIDAQABow0wCzAJBgNVHRMEAjAAMA0GCSqG
75
- SIb3DQEBDQUAA4ICAQCLXzGJOr0isGHscTvm73ReEAOv4g0IOSXjfHfHAOWKhzdM
76
- g+D8nrzhy8wnARqAt2Ob4I+R9scEIfI5MPp/C5HHqWed4m0W0Uygx3V3qyixavkc
77
- nVUJMZ4TPS6W48IHdGGVD45hopx7ycFy+iPm7QUFk4sg044dO53mkScTetm2AvIE
78
- xDTotsFNpn/hrAnzXlH4MQQ7LKXAedPmFi8Jv5nJwv9BnEGJQJhvzQtdx7le4S8J
79
- a78vwAq429N2gVnfSdeU9v9QqdHOF1215lC6qaDI4bk8hVE4RyMxSBZmWKhnPLAm
80
- jFXGc6Wj2yF7HQ2YtEGAAEyjH+tAwF35STv+J3eweUFhyGZPH8Sf+b+UKZc9UF1D
81
- J/VmzQd9D9RaB+pOclDYR3Uiji5EBq1La2FPg48hA0uCd4KJ9dBGwNrxvjDNSBW0
82
- FiM1vjR6AVxIAhOwICeWG6QTvH5Jrnq/UDBnnK/KALCbFw3YbbhOyy+295jta7xf
83
- r32d4cJAvbDF1C6t2JRjNwi0ANgPw0cytl+8yvCyXpXMZpT0YpDk76XICo97SOHI
84
- 5C31v4YyRBnNCp0pN66nxYX2avEiQ8riTBP5mlkPPOhsIoYQHHe2Uj75aVpu0LZ3
85
- cdFzuO4GC1dV0Wv+dsDm+MyF7DT5E9pUPXpnMJuPvPrFpCb+wrFlszW9hGjXbQ==
57
+ ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
58
+ aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
59
+ eS5jb20wHhcNMTkwODA3MTkwMjAwWhcNMjAwODA3MTkwMjAwWjCBiDELMAkGA1UE
60
+ BhMCVVMxCzAJBgNVBAgTAkNBMR8wHQYDVQQKExZUaW5mb2lsIFNlY3VyaXR5LCBJ
61
+ bmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJpdHktZ2VtczEsMCoGCSqGSIb3DQEJ
62
+ ARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0eS5jb20wggIiMA0GCSqGSIb3DQEB
63
+ AQUAA4ICDwAwggIKAoICAQDNJYNH8D+8lACLt3KzjEIPs3XVBCPaMm2eD/Xk9OOT
64
+ uDV/NqgMK0icD9MRxMUtS3SCrC9QcPocXT76f2LQ3yVJuK+rBUasymEES47PIx2c
65
+ zC4n4Hga0xPPuBpioO26oaRFsobyzh9RPOIbnYfpjyqtdrbm+YyM3sPR4XzFirv9
66
+ xomT4E9T4RCLgOQHTcLKL9K9m+EN7PeVdVUXV0Pa7cVs2vJUKedsd7vnr6Lzbn8T
67
+ oPk/7J/4W931PbaeI5yg9ZuaRa9K2IaY1TkPI67NW4qKitBVepRlXw6Sb7TYcUnc
68
+ WEQ/eC5CpnOmqUrG5tfGD8cc5aGZOkitW/VXZgVj81xgCv1hk4HjErrqq4FBNAaC
69
+ SNyBfwR0TUYqg1lN1nbNjOKwfb6YRn06R2ovcFJG0tmGhsQULCr6fW8u2TfSM+U9
70
+ WFSIJx2griureY7EZPwg/MgsUiWUWMFemz3GVYXWJR3dN2pW9Uqr3rkjKZbA0bst
71
+ GWahJO9HuFdDakQxoaTPYPtTQDC+kskkO6lKG1KLIoZ1iLZzB1Ks1vEeyE7lp1im
72
+ WgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+XLzldCNm+DyRFXZ+Q+bK33IveUeU
73
+ WEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE515kG1mDMGjRcCpEtlskgxUbf7qM7
74
+ hQIDAQABo1gwVjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHBzOi8v
75
+ d3d3LnRpbmZvaWxzZWN1cml0eS5jb20vc2VjdXJpdHkvcmV2b2NhdGlvbl9saXN0
76
+ MA0GCSqGSIb3DQEBDQUAA4ICAQAiW9gcR0TTaxsK1DaHZ9U9VxP0dhtWKyTcjDnE
77
+ BHlaayjrEmmQHmEtDEFOkLYOo20LpMFaogxcSHBYto5Z3XYfU9ZPuaY6rGVFhXeq
78
+ mrQn6O0iOxzNOHLSZTgEjQTc2gJg1p1CYSxapla53ivW5v01dNcS1XJE/HFHQttI
79
+ gXdNb53g7XW/c1Be5MvtQKZHsYGNANE+NUUOIFMp29PI1iXBVZVm2PSYL4XlGgQi
80
+ 2cg3tU2TK6+wLul5ZMMvNrOgjaWcbqgW976hUAE03OgR5GDy4M3LfYOs8OJNsktG
81
+ dtpfft6WroUoiqzDCNz85fbLqhY0vwPNJxK/wFHvxTJ2MKL/BdOha8gIV2o5HPTC
82
+ cBpZx2C8FyUKAZfuXwTVkMtPbhFowjPNQN4TNl5N6DRtLnb1PDn9LOXHCPd+0V2b
83
+ ssxu8B1+kf9IyrKBhlqKWSoLdaPboz5FunBUj6nkbXz2VlCkqbRIAFaTtmMJjjWR
84
+ I0Fgx1CAbDjnDvf/hYrjPAvwLOcQ117Tm3Wk/3MP78CwmZoFHRrBw68Ir5mcLrQy
85
+ L71AbBqGd3i+azsNXMmm11ZZetYzbIy6kc9g9MFHd+3xooJpU7eRpm+tyRLKX/qu
86
+ /9iBhU0HVz2daNTk8LdQtzGqff8Dj0qB4sBndVsTW1JxKRP8E3jeLBT4EBGsy9OL
87
+ 5aBXTA==
86
88
  -----END CERTIFICATE-----
87
- date: 2016-05-19 00:00:00.000000000 Z
89
+ date: 2019-08-07 00:00:00.000000000 Z
88
90
  dependencies:
89
91
  - !ruby/object:Gem::Dependency
90
92
  name: railties
91
93
  requirement: !ruby/object:Gem::Requirement
92
94
  requirements:
93
- - - ">="
95
+ - - "<"
94
96
  - !ruby/object:Gem::Version
95
- version: '0'
97
+ version: '6.1'
96
98
  type: :runtime
97
99
  prerelease: false
98
100
  version_requirements: !ruby/object:Gem::Requirement
99
101
  requirements:
100
- - - ">="
102
+ - - "<"
101
103
  - !ruby/object:Gem::Version
102
- version: '0'
104
+ version: '6.1'
103
105
  - !ruby/object:Gem::Dependency
104
106
  name: activesupport
105
107
  requirement: !ruby/object:Gem::Requirement
106
108
  requirements:
107
- - - ">="
109
+ - - "<"
108
110
  - !ruby/object:Gem::Version
109
- version: '0'
111
+ version: '6.1'
110
112
  type: :runtime
111
113
  prerelease: false
112
114
  version_requirements: !ruby/object:Gem::Requirement
113
115
  requirements:
114
- - - ">="
116
+ - - "<"
115
117
  - !ruby/object:Gem::Version
116
- version: '0'
118
+ version: '6.1'
117
119
  - !ruby/object:Gem::Dependency
118
120
  name: attr_encrypted
119
121
  requirement: !ruby/object:Gem::Requirement
@@ -182,6 +184,20 @@ dependencies:
182
184
  - - ">="
183
185
  - !ruby/object:Gem::Version
184
186
  version: '0'
187
+ - !ruby/object:Gem::Dependency
188
+ name: appraisal
189
+ requirement: !ruby/object:Gem::Requirement
190
+ requirements:
191
+ - - ">="
192
+ - !ruby/object:Gem::Version
193
+ version: '0'
194
+ type: :development
195
+ prerelease: false
196
+ version_requirements: !ruby/object:Gem::Requirement
197
+ requirements:
198
+ - - ">="
199
+ - !ruby/object:Gem::Version
200
+ version: '0'
185
201
  - !ruby/object:Gem::Dependency
186
202
  name: bundler
187
203
  requirement: !ruby/object:Gem::Requirement
@@ -261,6 +277,7 @@ files:
261
277
  - ".gitignore"
262
278
  - ".rspec"
263
279
  - ".travis.yml"
280
+ - Appraisals
264
281
  - CHANGELOG.md
265
282
  - CONTRIBUTING.md
266
283
  - Gemfile
@@ -271,6 +288,12 @@ files:
271
288
  - certs/tinfoil-cacert.pem
272
289
  - certs/tinfoilsecurity-gems-cert.pem
273
290
  - devise-two-factor.gemspec
291
+ - gemfiles/rails_4_1.gemfile
292
+ - gemfiles/rails_4_2.gemfile
293
+ - gemfiles/rails_5_0.gemfile
294
+ - gemfiles/rails_5_1.gemfile
295
+ - gemfiles/rails_5_2.gemfile
296
+ - gemfiles/rails_6_0.gemfile
274
297
  - lib/devise-two-factor.rb
275
298
  - lib/devise_two_factor/models.rb
276
299
  - lib/devise_two_factor/models/two_factor_authenticatable.rb
@@ -306,7 +329,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
306
329
  version: '0'
307
330
  requirements: []
308
331
  rubyforge_project: devise-two-factor
309
- rubygems_version: 2.6.3
332
+ rubygems_version: 2.7.6.2
310
333
  signing_key:
311
334
  specification_version: 4
312
335
  summary: Barebones two-factor authentication with Devise
metadata.gz.sig CHANGED
Binary file