RubyGems - devise-two-factor - Versions diffs - 4.1.1 → 6.4.0 - Mend

devise-two-factor 4.1.1 → 6.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +6 -0
data/.github/workflows/ci.yml +3 -18
data/.github/workflows/push.yml +28 -0
data/.markdownlint.json +6 -0
data/Appraisals +9 -34
data/CHANGELOG.md +59 -0
data/README.md +110 -67
data/Rakefile +2 -0
data/SECURITY.md +5 -0
data/UPGRADING.md +218 -2
data/devise-two-factor.gemspec +8 -15
data/gemfiles/{rails_4.2.gemfile → rails_7.2.gemfile} +2 -2
data/gemfiles/{rails_5.0.gemfile → rails_8.0.gemfile} +2 -2
data/gemfiles/{rails_4.1.gemfile → rails_8.1.gemfile} +2 -2
data/lib/devise-two-factor.rb +12 -5
data/lib/devise_two_factor/models/two_factor_authenticatable.rb +41 -29
data/lib/devise_two_factor/models/two_factor_backupable.rb +6 -2
data/lib/devise_two_factor/spec_helpers/two_factor_authenticatable_shared_examples.rb +6 -18
data/lib/devise_two_factor/spec_helpers/two_factor_backupable_shared_examples.rb +53 -24
data/lib/devise_two_factor/strategies/two_factor_authenticatable.rb +8 -2
data/lib/devise_two_factor/strategies/two_factor_backupable.rb +6 -4
data/lib/devise_two_factor/version.rb +1 -1
data/lib/generators/devise_two_factor/devise_two_factor_generator.rb +2 -7
data/spec/devise/models/two_factor_authenticatable_spec.rb +11 -69
data/spec/devise/models/two_factor_backupable_spec.rb +11 -2
data/spec/spec_helper.rb +0 -1
metadata +42 -134
checksums.yaml.gz.sig +0 -0
data/certs/tinfoil-cacert.pem +0 -41
data/certs/tinfoilsecurity-gems-cert.pem +0 -35
data/gemfiles/rails_5.1.gemfile +0 -8
data/gemfiles/rails_5.2.gemfile +0 -8
data/gemfiles/rails_6.0.gemfile +0 -8
data/gemfiles/rails_6.1.gemfile +0 -8
data/gemfiles/rails_7.0.gemfile +0 -8
data.tar.gz.sig +0 -0
metadata.gz.sig +0 -0

data/lib/devise_two_factor/strategies/two_factor_authenticatable.rb CHANGED Viewed

@@ -4,12 +4,18 @@ module Devise
       def authenticate!
         resource = mapping.to.find_for_database_authentication(authentication_hash)
+        hashed = false
         # We authenticate in two cases:
         # 1. The password and the OTP are correct
         # 2. The password is correct, and OTP is not required for login
         # We check the OTP, then defer to DatabaseAuthenticatable
-        if validate(resource) { validate_otp(resource) }
+        if validate(resource) { hashed = true; validate_otp(resource) }
           super
+        else
+          # Paranoid mode: do the expensive hash even when resource is nil,
+          # to avoid timing-based user enumeration.
+          mapping.to.new.password = password if !hashed && Devise.paranoid
         end
         fail(Devise.paranoid ? :invalid : :not_found_in_database) unless resource
@@ -21,7 +27,7 @@ module Devise
       def validate_otp(resource)
         return true unless resource.otp_required_for_login
-        return if params[scope]['otp_attempt'].nil?
+        return if params[scope].nil? || params[scope]['otp_attempt'].nil?
         resource.validate_and_consume_otp!(params[scope]['otp_attempt'])
       end
     end

data/lib/devise_two_factor/strategies/two_factor_backupable.rb CHANGED Viewed

@@ -5,10 +5,7 @@ module Devise
       def authenticate!
         resource = mapping.to.find_for_database_authentication(authentication_hash)
-        if validate(resource) { resource.invalidate_otp_backup_code!(params[scope]['otp_attempt']) }
-          # Devise fails to authenticate invalidated resources, but if we've
-          # gotten here, the object changed (Since we deleted a recovery code)
-          resource.save!
+        if validate(resource) { validate_backup_code(resource) }
           super
         end
@@ -18,6 +15,11 @@ module Devise
         # but database authenticatable automatically halts on a bad password
         @halted = false if @result == :failure
       end
+      def validate_backup_code(resource)
+        return if params[scope].nil? || params[scope]['otp_attempt'].nil?
+        resource.invalidate_otp_backup_code!(params[scope]['otp_attempt'])
+      end
     end
   end
 end

data/lib/devise_two_factor/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeviseTwoFactor
-  VERSION = '4.1.1'.freeze
+  VERSION = '6.4.0'.freeze
 end

data/lib/generators/devise_two_factor/devise_two_factor_generator.rb CHANGED Viewed

@@ -3,8 +3,6 @@ require 'rails/generators'
 module DeviseTwoFactor
   module Generators
     class DeviseTwoFactorGenerator < Rails::Generators::NamedBase
-      argument :encryption_key_env, :type => :string, :required => true
       desc 'Creates a migration to add the required attributes to NAME, and ' \
            'adds the necessary Devise directives to the model'
@@ -19,9 +17,7 @@ module DeviseTwoFactor
       def create_devise_two_factor_migration
         migration_arguments = [
                                 "add_devise_two_factor_to_#{plural_name}",
-                                "encrypted_otp_secret:string",
-                                "encrypted_otp_secret_iv:string",
-                                "encrypted_otp_secret_salt:string",
+                                "otp_secret:string",
                                 "consumed_timestep:integer",
                                 "otp_required_for_login:boolean"
                               ]
@@ -51,8 +47,7 @@ module DeviseTwoFactor
         indent_depth = class_path.size
         content = [
-                    "devise :two_factor_authenticatable,",
-                    "       :otp_secret_encryption_key => ENV['#{encryption_key_env}']\n"
+                    "devise :two_factor_authenticatable"
                   ]
         content << "attr_accessible :otp_attempt\n" if needs_attr_accessible?

data/spec/devise/models/two_factor_authenticatable_spec.rb CHANGED Viewed

@@ -6,91 +6,33 @@ class TwoFactorAuthenticatableDouble
   include ::ActiveModel::Validations::Callbacks
   extend  ::Devise::Models
-  define_model_callbacks :update
-  devise :two_factor_authenticatable, :otp_secret_encryption_key => 'test-key'*4
-  attr_accessor :consumed_timestep
-  def save(validate)
-    # noop for testing
-    true
+  # stub out the ::ActiveRecord::Encryption::EncryptableRecord API
+  attr_accessor :otp_secret
+  def self.encrypts(*attrs)
+    nil
   end
-end
-class TwoFactorAuthenticatableWithCustomizeAttrEncryptedDouble
-  extend ::ActiveModel::Callbacks
-  include ::ActiveModel::Validations::Callbacks
-  # like https://github.com/tinfoil/devise-two-factor/blob/cf73e52043fbe45b74d68d02bc859522ad22fe73/UPGRADING.md#guide-to-upgrading-from-2x-to-3x
-  extend ::AttrEncrypted
-  attr_encrypted :otp_secret,
-                  :key       => 'test-key'*8,
-                  :mode      => :per_attribute_iv_and_salt,
-                  :algorithm => 'aes-256-cbc'
-  extend  ::Devise::Models
   define_model_callbacks :update
-  devise :two_factor_authenticatable, :otp_secret_encryption_key => 'test-key'*4
+  devise :two_factor_authenticatable
   attr_accessor :consumed_timestep
-  def save(validate)
+  def save!(_)
     # noop for testing
     true
   end
 end
 describe ::Devise::Models::TwoFactorAuthenticatable do
-  context 'When included in a class' do
-    subject { TwoFactorAuthenticatableDouble.new }
-    it_behaves_like 'two_factor_authenticatable'
+  it 'should be inserted prior to other devise modules' do
+    expect(Devise::ALL.first).to eq(:two_factor_authenticatable)
   end
-end
-describe ::Devise::Models::TwoFactorAuthenticatable do
   context 'When included in a class' do
-    subject { TwoFactorAuthenticatableWithCustomizeAttrEncryptedDouble.new }
+    subject { TwoFactorAuthenticatableDouble.new }
     it_behaves_like 'two_factor_authenticatable'
-    before :each do
-      subject.otp_secret = subject.class.generate_otp_secret
-      subject.consumed_timestep = nil
-    end
-    describe 'otp_secret options' do
-      it 'should be of the key' do
-        if attr_encrypted_is_rails_seven_compatible?
-          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
-        else
-          expect(subject.encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
-        end
-      end
-      it 'should be of the mode' do
-        if attr_encrypted_is_rails_seven_compatible?
-          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
-        else
-          expect(subject.encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
-        end
-      end
-      it 'should be of the mode' do
-        if attr_encrypted_is_rails_seven_compatible?
-          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
-        else
-          expect(subject.encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
-        end
-      end
-      def attr_encrypted_is_rails_seven_compatible?
-        Gem::Version.new(AttrEncrypted::Version.string) >= Gem::Version.new('4.0.0')
-      end
-    end
   end
 end
@@ -101,11 +43,11 @@ describe ::Devise::Models::TwoFactorAuthenticatable do
       subject.otp_attempt = 'foo'
       subject.password_confirmation = 'foo'
     end
-    it 'otp_attempt should be nill' do
+    it 'otp_attempt should be nill' do
       subject.clean_up_passwords
       expect(subject.otp_attempt).to be_nil
     end
-    it 'password_confirmation should be nill' do
+    it 'password_confirmation should be nill' do
       subject.clean_up_passwords
       expect(subject.password_confirmation).to be_nil
     end

data/spec/devise/models/two_factor_backupable_spec.rb CHANGED Viewed

@@ -6,12 +6,21 @@ class TwoFactorBackupableDouble
   include ::ActiveModel::Validations::Callbacks
   extend  ::Devise::Models
+  # stub out the ::ActiveRecord::Encryption::EncryptableRecord API
+  attr_accessor :otp_secret
+  def self.encrypts(*attrs)
+    nil
+  end
   define_model_callbacks :update
-  devise :two_factor_authenticatable, :two_factor_backupable,
-         :otp_secret_encryption_key => 'test-key'*4
+  devise :two_factor_authenticatable, :two_factor_backupable
   attr_accessor :otp_backup_codes
+  def save!(_)
+    true
+  end
 end
 describe ::Devise::Models::TwoFactorBackupable do

data/spec/spec_helper.rb CHANGED Viewed

@@ -18,7 +18,6 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 $LOAD_PATH.unshift(File.dirname(__FILE__))
 require 'rspec'
-require 'faker'
 require 'devise-two-factor'
 require 'devise_two_factor/spec_helpers'

metadata CHANGED Viewed

@@ -1,161 +1,74 @@
 --- !ruby/object:Gem::Specification
 name: devise-two-factor
 version: !ruby/object:Gem::Version
-  version: 4.1.1
+  version: 6.4.0
 platform: ruby
 authors:
-- Shane Wilton
-autorequire:
+- Quinn Wilton
 bindir: bin
-cert_chain:
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIHSjCCBTKgAwIBAgIJAK2u0LojMCNgMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
-  VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEfMB0GA1UE
-  ChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEfMB0GA1UEAxMWVGluZm9pbCBTZWN1
-  cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYbc3VwcG9ydEB0aW5mb2lsc2VjdXJp
-  dHkuY29tMB4XDTIxMDkwOTE4MjIwMFoXDTI1MDkwOTE4MjIwMFowgZwxCzAJBgNV
-  BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
-  ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
-  aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
-  eS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqbHvsSj0H0FB1
-  0gLYoDK1BKugkSB2DZeZZHP6B1UdWRahJXJP9oT1lhfQxx8iX4cgEi7JU3NqA6NR
-  cIRFQ50eH/qlmgs7909gaf8pDaeC0vR3wd0GeRg6qr1eDEnkzIyr/D1AMiX6H1eP
-  Y7J3SfrdaL3gft2iPRKGkgqsXR7oBNLA3n/ShiNgPXqRDl1CCj6aMY0cn5ROFScz
-  vT2FUB4DEwPD2l18m1p99OnXqsOLL2J65qA2+cI8FtgFmlwIi5oSf+URvIdNx+cH
-  lInlAtVHCvAKYLY0dlQ7czMQBcRpYjp2rwPt9f2ksq9b/voMTBABYHFV+IVn8svv
-  GZ5e1+icjtr/R7dCGmCdEdFLXVxafmZhukymG9USv9DKuv1qh7r4q8KaPIE8n7nQ
-  m97jENFfsgnwv+nUmIJ3tzuW5ZxO7A0tIIYdwzt0UjrO3ya4R5bTFXr4bnzZ/g/s
-  CLknWqg1BCRlPd6LnpVGPT0gNDV1pEO25wE3A3Yy0Ujxudcgay/CgUhnlU11qOAc
-  xmar2fhNZsviUhndd/220Ad5QMV2XzcAiopJIeu0juIVGRQM7x2h19Hsp0m6sOEF
-  jfhvbdUa4nvmIFeYFY+hr/YkTmG9ZjyBa8YaZXhwjhSmKCQ374J7mn5e0Cryuvi5
-  tYhwJn8rdwYZF/h2qqfEu8vaLoD09QIDAQABo4IBizCCAYcwHQYDVR0OBBYEFMmT
-  /x412UH+5OHqgleeTjLOv6iHMIHRBgNVHSMEgckwgcaAFMmT/x412UH+5OHqglee
-  TjLOv6iHoYGipIGfMIGcMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNV
-  BAcTCVBhbG8gQWx0bzEfMB0GA1UEChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEf
-  MB0GA1UEAxMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYb
-  c3VwcG9ydEB0aW5mb2lsc2VjdXJpdHkuY29tggkAra7QuiMwI2AwDwYDVR0TAQH/
-  BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAQYwCQYDVR0SBAIwADArBglghkgBhvhC
-  AQ0EHhYcVGlueUNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAmBgNVHREEHzAdgRtz
-  dXBwb3J0QHRpbmZvaWxzZWN1cml0eS5jb20wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-  SIb3DQEBBQUAA4ICAQBZy4JJSmwLuO0nZbdr4tJeVS2P8bcGi6PzAcdzVfwzjp6n
-  5qf8m4O8my4lnJieom0GrWSHQoPY1Yur4hEoZbugKO9DWZL3dTiGcrgw0TbQ6Gtq
-  TTPatW3LA21qFJwvohSvLqPdmZuM+H9g49sdl2kNTDVI6iUyMYuNpL14aPKPGBFo
-  o7UjciT1h7JtJl9b/fXrbPeRHBwpZXWeipiPGv/OZW5KnOsNlUkTquS7Zj4ETkIC
-  6mVtmsLvq+YwFthFyMU37pXwYxcmqRmH6lX+XC6AVW5oO4GBmG+Zr/Z+h5Cih5ca
-  /mX88RkO+dGTjw1IdxKmxOqKL62OBATKrTDJ/scsmRptynA4TunYW+7ikOpDbPfL
-  l18aleLISlcgWJg/Czf2nmBqAClPLnhV8qxWsvt58MQQ/Jpoggvpl8EG1PylWiBS
-  Kc/4Ad/FKQFpTzXUgDg2kV07npVjYbBzA5p4ZSWSlflFu93jb9gg2+qtnRSImVCZ
-  nQjZdsv8hebElPAIbtJjSnoH1Kz2ucYLakdF1UMKnpp1PVREtuKPz/foU9KUHs0z
-  dWRALx8cWG4uKK9AIEUlVdGKfX0Wj0qFK0KGxl3f3jObud5Agwue2EPKWwUzEGUh
-  Iqp60gNw3vBdKHw4dh1bfcbXWnRDL+OQPuOFZeMWgu1QmeHeuggYtYtRg7V5Kg==
-  -----END CERTIFICATE-----
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIGADCCA+igAwIBAgIIHIF9ta6cW3YwDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
-  BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
-  ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
-  aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
-  eS5jb20wHhcNMjIwMzIyMjI1MzAwWhcNMjUwOTA5MTgyMjAwWjCBiDELMAkGA1UE
-  BhMCVVMxCzAJBgNVBAgTAkNBMR8wHQYDVQQKExZUaW5mb2lsIFNlY3VyaXR5LCBJ
-  bmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJpdHktZ2VtczEsMCoGCSqGSIb3DQEJ
-  ARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0eS5jb20wggIiMA0GCSqGSIb3DQEB
-  AQUAA4ICDwAwggIKAoICAQDNJYNH8D+8lACLt3KzjEIPs3XVBCPaMm2eD/Xk9OOT
-  uDV/NqgMK0icD9MRxMUtS3SCrC9QcPocXT76f2LQ3yVJuK+rBUasymEES47PIx2c
-  zC4n4Hga0xPPuBpioO26oaRFsobyzh9RPOIbnYfpjyqtdrbm+YyM3sPR4XzFirv9
-  xomT4E9T4RCLgOQHTcLKL9K9m+EN7PeVdVUXV0Pa7cVs2vJUKedsd7vnr6Lzbn8T
-  oPk/7J/4W931PbaeI5yg9ZuaRa9K2IaY1TkPI67NW4qKitBVepRlXw6Sb7TYcUnc
-  WEQ/eC5CpnOmqUrG5tfGD8cc5aGZOkitW/VXZgVj81xgCv1hk4HjErrqq4FBNAaC
-  SNyBfwR0TUYqg1lN1nbNjOKwfb6YRn06R2ovcFJG0tmGhsQULCr6fW8u2TfSM+U9
-  WFSIJx2griureY7EZPwg/MgsUiWUWMFemz3GVYXWJR3dN2pW9Uqr3rkjKZbA0bst
-  GWahJO9HuFdDakQxoaTPYPtTQDC+kskkO6lKG1KLIoZ1iLZzB1Ks1vEeyE7lp1im
-  WgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+XLzldCNm+DyRFXZ+Q+bK33IveUeU
-  WEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE515kG1mDMGjRcCpEtlskgxUbf7qM7
-  hQIDAQABo1gwVjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHBzOi8v
-  d3d3LnRpbmZvaWxzZWN1cml0eS5jb20vc2VjdXJpdHkvcmV2b2NhdGlvbl9saXN0
-  MA0GCSqGSIb3DQEBDQUAA4ICAQAiYF/m2ny/mxFvBVxHfdYuzybhCvsEUd+TSnoe
-  mqOWntY3sxCOaY0aGOMB4vyg9G+oP/kT4m63sD4uQxeuU7WOjaG2smCSS5q+PSWS
-  v63gILqPamjSyP/Om864EA6YlvVQ7nPXhVDEaiBt3iliefJGmb0wWSbbDCmq3aMb
-  WTLuax/IeY6MjJi20LutIcuz+VX8OxlA1hSpgAToMz3xrhA8fPt5UkKhkDkPFYBF
-  5htKVipyijChWsXyt33YM2qGaavTEXzxza1I99PGNRKxUMvbSMas4YaLqkBpQSc+
-  mcrLWYPiXWsePGu+j08AypE2Ubp4AOSZJN9rBBGotC3gofipo+K/sBiOM9xXI76Q
-  0HYOxXPa7D7UQQG1R9i0rcxmf9qepIVYCldmqVkKKDizcDo5UI9lRiLFjDyQhn6l
-  YFY9bPQ4lKTK5Jr3M6+dV7fHxLhqXyMGs1905IUb7qvB7Bq/f0qJfC0JZuY/qdn2
-  lL0SeFKOVsjErtobh3u8p8j2USkc8uJgIANHpXEMEExdp899CV/eVjh3TpAR7E6T
-  mg7Q9Hi6Hh8z+Le9iR4I49vPEWDQEvj35IT6VfwU79UfIOlX+DkW8fFkPbaut3Se
-  vqIDv6JBG9I16h/HhchntKfM58MI1bNZFBSdZqYOJiL8JIjP8HNIk76Y366ppG29
-  EhBYYg==
-  -----END CERTIFICATE-----
-date: 2023-10-12 00:00:00.000000000 Z
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '7.0'
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+        version: '7.2'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '8.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '7.2'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '7.0'
+        version: '8.2'
 - !ruby/object:Gem::Dependency
-  name: attr_encrypted
+  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - "!="
-      - !ruby/object:Gem::Version
-        version: '2'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '8.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - "!="
-      - !ruby/object:Gem::Version
-        version: '2'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '8.2'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '4.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '4.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rotp
   requirement: !ruby/object:Gem::Requirement
@@ -241,27 +154,30 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: faker
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-description: Barebones two-factor authentication with Devise
-email: engineers@tinfoilsecurity.com
+        version: '13'
+description: Devise-Two-Factor is a minimalist extension to Devise which offers support
+  for two-factor authentication through the TOTP scheme.
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
 - ".github/workflows/ci.yml"
+- ".github/workflows/push.yml"
 - ".gitignore"
+- ".markdownlint.json"
 - ".rspec"
 - Appraisals
 - CHANGELOG.md
@@ -270,18 +186,12 @@ files:
 - LICENSE
 - README.md
 - Rakefile
+- SECURITY.md
 - UPGRADING.md
-- certs/tinfoil-cacert.pem
-- certs/tinfoilsecurity-gems-cert.pem
 - devise-two-factor.gemspec
-- gemfiles/rails_4.1.gemfile
-- gemfiles/rails_4.2.gemfile
-- gemfiles/rails_5.0.gemfile
-- gemfiles/rails_5.1.gemfile
-- gemfiles/rails_5.2.gemfile
-- gemfiles/rails_6.0.gemfile
-- gemfiles/rails_6.1.gemfile
-- gemfiles/rails_7.0.gemfile
+- gemfiles/rails_7.2.gemfile
+- gemfiles/rails_8.0.gemfile
+- gemfiles/rails_8.1.gemfile
 - lib/devise-two-factor.rb
 - lib/devise_two_factor/models.rb
 - lib/devise_two_factor/models/two_factor_authenticatable.rb
@@ -297,11 +207,10 @@ files:
 - spec/devise/models/two_factor_authenticatable_spec.rb
 - spec/devise/models/two_factor_backupable_spec.rb
 - spec/spec_helper.rb
-homepage: https://github.com/tinfoil/devise-two-factor
+homepage: https://github.com/devise-two-factor/devise-two-factor
 licenses:
 - MIT
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -316,8 +225,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3.1
-signing_key:
+rubygems_version: 4.0.3
 specification_version: 4
 summary: Barebones two-factor authentication with Devise
 test_files:

checksums.yaml.gz.sig DELETED Viewed

Binary file

data/certs/tinfoil-cacert.pem DELETED Viewed

@@ -1,41 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIHSjCCBTKgAwIBAgIJAK2u0LojMCNgMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
-VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEfMB0GA1UE
-ChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEfMB0GA1UEAxMWVGluZm9pbCBTZWN1
-cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYbc3VwcG9ydEB0aW5mb2lsc2VjdXJp
-dHkuY29tMB4XDTIxMDkwOTE4MjIwMFoXDTI1MDkwOTE4MjIwMFowgZwxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
-ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
-aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
-eS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqbHvsSj0H0FB1
-0gLYoDK1BKugkSB2DZeZZHP6B1UdWRahJXJP9oT1lhfQxx8iX4cgEi7JU3NqA6NR
-cIRFQ50eH/qlmgs7909gaf8pDaeC0vR3wd0GeRg6qr1eDEnkzIyr/D1AMiX6H1eP
-Y7J3SfrdaL3gft2iPRKGkgqsXR7oBNLA3n/ShiNgPXqRDl1CCj6aMY0cn5ROFScz
-vT2FUB4DEwPD2l18m1p99OnXqsOLL2J65qA2+cI8FtgFmlwIi5oSf+URvIdNx+cH
-lInlAtVHCvAKYLY0dlQ7czMQBcRpYjp2rwPt9f2ksq9b/voMTBABYHFV+IVn8svv
-GZ5e1+icjtr/R7dCGmCdEdFLXVxafmZhukymG9USv9DKuv1qh7r4q8KaPIE8n7nQ
-m97jENFfsgnwv+nUmIJ3tzuW5ZxO7A0tIIYdwzt0UjrO3ya4R5bTFXr4bnzZ/g/s
-CLknWqg1BCRlPd6LnpVGPT0gNDV1pEO25wE3A3Yy0Ujxudcgay/CgUhnlU11qOAc
-xmar2fhNZsviUhndd/220Ad5QMV2XzcAiopJIeu0juIVGRQM7x2h19Hsp0m6sOEF
-jfhvbdUa4nvmIFeYFY+hr/YkTmG9ZjyBa8YaZXhwjhSmKCQ374J7mn5e0Cryuvi5
-tYhwJn8rdwYZF/h2qqfEu8vaLoD09QIDAQABo4IBizCCAYcwHQYDVR0OBBYEFMmT
-/x412UH+5OHqgleeTjLOv6iHMIHRBgNVHSMEgckwgcaAFMmT/x412UH+5OHqglee
-TjLOv6iHoYGipIGfMIGcMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNV
-BAcTCVBhbG8gQWx0bzEfMB0GA1UEChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEf
-MB0GA1UEAxMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYb
-c3VwcG9ydEB0aW5mb2lsc2VjdXJpdHkuY29tggkAra7QuiMwI2AwDwYDVR0TAQH/
-BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAQYwCQYDVR0SBAIwADArBglghkgBhvhC
-AQ0EHhYcVGlueUNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAmBgNVHREEHzAdgRtz
-dXBwb3J0QHRpbmZvaWxzZWN1cml0eS5jb20wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-SIb3DQEBBQUAA4ICAQBZy4JJSmwLuO0nZbdr4tJeVS2P8bcGi6PzAcdzVfwzjp6n
-5qf8m4O8my4lnJieom0GrWSHQoPY1Yur4hEoZbugKO9DWZL3dTiGcrgw0TbQ6Gtq
-TTPatW3LA21qFJwvohSvLqPdmZuM+H9g49sdl2kNTDVI6iUyMYuNpL14aPKPGBFo
-o7UjciT1h7JtJl9b/fXrbPeRHBwpZXWeipiPGv/OZW5KnOsNlUkTquS7Zj4ETkIC
-6mVtmsLvq+YwFthFyMU37pXwYxcmqRmH6lX+XC6AVW5oO4GBmG+Zr/Z+h5Cih5ca
-/mX88RkO+dGTjw1IdxKmxOqKL62OBATKrTDJ/scsmRptynA4TunYW+7ikOpDbPfL
-l18aleLISlcgWJg/Czf2nmBqAClPLnhV8qxWsvt58MQQ/Jpoggvpl8EG1PylWiBS
-Kc/4Ad/FKQFpTzXUgDg2kV07npVjYbBzA5p4ZSWSlflFu93jb9gg2+qtnRSImVCZ
-nQjZdsv8hebElPAIbtJjSnoH1Kz2ucYLakdF1UMKnpp1PVREtuKPz/foU9KUHs0z
-dWRALx8cWG4uKK9AIEUlVdGKfX0Wj0qFK0KGxl3f3jObud5Agwue2EPKWwUzEGUh
-Iqp60gNw3vBdKHw4dh1bfcbXWnRDL+OQPuOFZeMWgu1QmeHeuggYtYtRg7V5Kg==
------END CERTIFICATE-----

data/certs/tinfoilsecurity-gems-cert.pem DELETED Viewed

@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGADCCA+igAwIBAgIIHIF9ta6cW3YwDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
-ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
-aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
-eS5jb20wHhcNMjIwMzIyMjI1MzAwWhcNMjUwOTA5MTgyMjAwWjCBiDELMAkGA1UE
-BhMCVVMxCzAJBgNVBAgTAkNBMR8wHQYDVQQKExZUaW5mb2lsIFNlY3VyaXR5LCBJ
-bmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJpdHktZ2VtczEsMCoGCSqGSIb3DQEJ
-ARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0eS5jb20wggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQDNJYNH8D+8lACLt3KzjEIPs3XVBCPaMm2eD/Xk9OOT
-uDV/NqgMK0icD9MRxMUtS3SCrC9QcPocXT76f2LQ3yVJuK+rBUasymEES47PIx2c
-zC4n4Hga0xPPuBpioO26oaRFsobyzh9RPOIbnYfpjyqtdrbm+YyM3sPR4XzFirv9
-xomT4E9T4RCLgOQHTcLKL9K9m+EN7PeVdVUXV0Pa7cVs2vJUKedsd7vnr6Lzbn8T
-oPk/7J/4W931PbaeI5yg9ZuaRa9K2IaY1TkPI67NW4qKitBVepRlXw6Sb7TYcUnc
-WEQ/eC5CpnOmqUrG5tfGD8cc5aGZOkitW/VXZgVj81xgCv1hk4HjErrqq4FBNAaC
-SNyBfwR0TUYqg1lN1nbNjOKwfb6YRn06R2ovcFJG0tmGhsQULCr6fW8u2TfSM+U9
-WFSIJx2griureY7EZPwg/MgsUiWUWMFemz3GVYXWJR3dN2pW9Uqr3rkjKZbA0bst
-GWahJO9HuFdDakQxoaTPYPtTQDC+kskkO6lKG1KLIoZ1iLZzB1Ks1vEeyE7lp1im
-WgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+XLzldCNm+DyRFXZ+Q+bK33IveUeU
-WEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE515kG1mDMGjRcCpEtlskgxUbf7qM7
-hQIDAQABo1gwVjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHBzOi8v
-d3d3LnRpbmZvaWxzZWN1cml0eS5jb20vc2VjdXJpdHkvcmV2b2NhdGlvbl9saXN0
-MA0GCSqGSIb3DQEBDQUAA4ICAQAiYF/m2ny/mxFvBVxHfdYuzybhCvsEUd+TSnoe
-mqOWntY3sxCOaY0aGOMB4vyg9G+oP/kT4m63sD4uQxeuU7WOjaG2smCSS5q+PSWS
-v63gILqPamjSyP/Om864EA6YlvVQ7nPXhVDEaiBt3iliefJGmb0wWSbbDCmq3aMb
-WTLuax/IeY6MjJi20LutIcuz+VX8OxlA1hSpgAToMz3xrhA8fPt5UkKhkDkPFYBF
-5htKVipyijChWsXyt33YM2qGaavTEXzxza1I99PGNRKxUMvbSMas4YaLqkBpQSc+
-mcrLWYPiXWsePGu+j08AypE2Ubp4AOSZJN9rBBGotC3gofipo+K/sBiOM9xXI76Q
-0HYOxXPa7D7UQQG1R9i0rcxmf9qepIVYCldmqVkKKDizcDo5UI9lRiLFjDyQhn6l
-YFY9bPQ4lKTK5Jr3M6+dV7fHxLhqXyMGs1905IUb7qvB7Bq/f0qJfC0JZuY/qdn2
-lL0SeFKOVsjErtobh3u8p8j2USkc8uJgIANHpXEMEExdp899CV/eVjh3TpAR7E6T
-mg7Q9Hi6Hh8z+Le9iR4I49vPEWDQEvj35IT6VfwU79UfIOlX+DkW8fFkPbaut3Se
-vqIDv6JBG9I16h/HhchntKfM58MI1bNZFBSdZqYOJiL8JIjP8HNIk76Y366ppG29
-EhBYYg==
------END CERTIFICATE-----

data/gemfiles/rails_5.1.gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "railties", "~> 5.1"
-gem "activesupport", "~> 5.1"
-gemspec path: "../"

data/gemfiles/rails_5.2.gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "railties", "~> 5.2"
-gem "activesupport", "~> 5.2"
-gemspec path: "../"

data/gemfiles/rails_6.0.gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "railties", "~> 6.0"
-gem "activesupport", "~> 6.0"
-gemspec path: "../"

data/gemfiles/rails_6.1.gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "railties", "~> 6.1"
-gem "activesupport", "~> 6.1"
-gemspec path: "../"

data/gemfiles/rails_7.0.gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "railties", "~> 7.0"
-gem "activesupport", "~> 7.0"
-gemspec path: "../"

data.tar.gz.sig DELETED Viewed

Binary file

metadata.gz.sig DELETED Viewed

Binary file