devise-two-factor 4.0.2 → 4.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 976317c79975d3526dea8a30d6b7ded62de0d218bc89add6db0cac627b75e057
-  data.tar.gz: 758d0b728bdda8132be4c2f3459cce4bd61a42e548b36b34c5ee07fc8c38f4d8
+  metadata.gz: bb62b67111184c3ac7f38b7d7512d4a3785e57737a8bd2f5fb5399cc04b26632
+  data.tar.gz: 430c248a7ef422ed2c9ccdee4db4591e4b94a0606965cf925bb6224a82da50e3
 SHA512:
-  metadata.gz: 510c99d55da2f9c66533c968c4d7c4681a14bb81a3ba4624fb3c5f61c542ff5bf68683e5234d618a12aeb5398a2016144b8b5222b01a812e8ab6e48332b75264
-  data.tar.gz: 7e68943b8d191f0b0b27f05f51a55b1a47ae85d487b44db22e4d74810eab29faffac01f6b9f6a8afa9c158eede9286611d2e8eafcf138f0ce0292a3cb2d4895a
+  metadata.gz: '098e361beaaea9b1737d696b1294210b1f0797ddd6234ccd2d5c98796aff6a6ee5620350fc0d49f4da85176f3ed0bb048f8e9245067bb32bebfce0390162f6e9'
+  data.tar.gz: 2b3fc4ae61bb8d2e74778071e4f15947be05c65844c6d9a60e1dfd8a381391b1af9e215472c78059e7a85f0d072658850b518abd68cbabf769fa0b7f8150701b

data/CHANGELOG.md

@@ -2,6 +2,11 @@
 
 ## Unreleased
 
+## 4.0.2
+- Add Rails 7.0 support
+- Renew signing certificate
+- Use `after` option of TOTP#verify for additional timestamp verification
+
 ## 4.0.1
 - Convert CI from Travis CI to Github Actions ([#198](https://github.com/tinfoil/devise-two-factor/pull/198))
 - Fix ActiveSupport::Testing::TimeHelpers require in shared examples ([#191](https://github.com/tinfoil/devise-two-factor/pull/191))

data/devise-two-factor.gemspec

@@ -23,7 +23,7 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency 'railties',       '< 7.1'
   s.add_runtime_dependency 'activesupport',  '< 7.1'
-  s.add_runtime_dependency 'attr_encrypted', '>= 1.3', '< 4', '!= 2'
+  s.add_runtime_dependency 'attr_encrypted', '>= 1.3', '< 5', '!= 2'
   s.add_runtime_dependency 'devise',         '~> 4.0'
   s.add_runtime_dependency 'rotp',           '~> 6.0'
 

data/lib/devise_two_factor/version.rb

@@ -1,3 +1,3 @@
 module DeviseTwoFactor
-  VERSION = '4.0.2'.freeze
+  VERSION = '4.1.0'.freeze
 end

data/spec/devise/models/two_factor_authenticatable_spec.rb

@@ -64,15 +64,31 @@ describe ::Devise::Models::TwoFactorAuthenticatable do
 
     describe 'otp_secret options' do
       it 'should be of the key' do
-        expect(subject.encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
+        if attr_encrypted_is_rails_seven_compatible?
+          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
+        else
+          expect(subject.encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
+        end
       end
 
       it 'should be of the mode' do
-        expect(subject.encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
+        if attr_encrypted_is_rails_seven_compatible?
+          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
+        else
+          expect(subject.encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
+        end
       end
 
       it 'should be of the mode' do
-        expect(subject.encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
+        if attr_encrypted_is_rails_seven_compatible?
+          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
+        else
+          expect(subject.encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
+        end
+      end
+
+      def attr_encrypted_is_rails_seven_compatible?
+        Gem::Version.new(AttrEncrypted::Version.string) >= Gem::Version.new('4.0.0')
       end
     end
   end

metadata

@@ -1,11 +1,11 @@
 --- !ruby/object:Gem::Specification
 name: devise-two-factor
 version: !ruby/object:Gem::Version
-  version: 4.0.2
+  version: 4.1.0
 platform: ruby
 authors:
 - Shane Wilton
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain:
 - |
@@ -86,7 +86,7 @@ cert_chain:
   vqIDv6JBG9I16h/HhchntKfM58MI1bNZFBSdZqYOJiL8JIjP8HNIk76Y366ppG29
   EhBYYg==
   -----END CERTIFICATE-----
-date: 2022-03-24 00:00:00.000000000 Z
+date: 2023-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -123,12 +123,12 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.3'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '4'
     - - "!="
       - !ruby/object:Gem::Version
         version: '2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -136,12 +136,12 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.3'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '4'
     - - "!="
       - !ruby/object:Gem::Version
         version: '2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -301,7 +301,7 @@ homepage: https://github.com/tinfoil/devise-two-factor
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -316,8 +316,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
-signing_key:
+rubygems_version: 3.0.3.1
+signing_key: 
 specification_version: 4
 summary: Barebones two-factor authentication with Devise
 test_files: