devise_code_authenticatable 0.1.3 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -11
- data/lib/devise_code_authenticatable.rb +14 -0
- data/lib/devise_code_authenticatable/login_code.rb +9 -4
- data/lib/devise_code_authenticatable/mailer.rb +1 -0
- data/lib/devise_code_authenticatable/models.rb +3 -0
- data/lib/devise_code_authenticatable/strategies/code_authenticatable.rb +18 -14
- data/lib/devise_code_authenticatable/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fd002956ced9c39d04aff6ae2571c6436a33d764a0018f0c1c63d076b1ab080d
|
4
|
+
data.tar.gz: 2b3b514a7add40d4aff0679369e16ffb2bb59168b4fc61d38f18177e4cb283f2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5b2c4800b08725bdff4fe3b50ce11ce353494f5064f87a68dfa09df6044b282a11f6155e8a4d32d4eef3fc75abfae099d98c96e647ea597fe22fd06de0924733
|
7
|
+
data.tar.gz: 33ab15669026be9ab140fe8f81d6581dd5e652ba55c32615a3c18b48dd4e94d117c75d4e5daf977e317f897bcaedfe548830c437a5eb11045374152c383cef93
|
data/README.md
CHANGED
@@ -1,9 +1,6 @@
|
|
1
1
|
# DeviseCodeAuthenticatable
|
2
2
|
A Devise plugin for two-factor authenticatable.
|
3
3
|
|
4
|
-
## Demo
|
5
|
-
An example rails app to use this plugin is setup in [demo](https://github.com/vincentying15/demo_for_devise_code_authenticatable)
|
6
|
-
|
7
4
|
## Installation
|
8
5
|
Add this line to your Rails Gemfile:
|
9
6
|
|
@@ -11,21 +8,19 @@ Add this line to your Rails Gemfile:
|
|
11
8
|
gem 'devise_code_authenticatable'
|
12
9
|
```
|
13
10
|
|
14
|
-
### Automatic installation
|
15
11
|
Run:
|
16
12
|
|
17
13
|
```bash
|
18
14
|
rails generate devise_code_authenticatable:install
|
19
15
|
```
|
20
16
|
|
21
|
-
This will create a migration file
|
22
|
-
|
17
|
+
This will create a migration file in your `db/migrate` folder, then
|
18
|
+
|
23
19
|
|
24
20
|
```ruby
|
25
21
|
rails db:migrate
|
26
22
|
```
|
27
|
-
|
28
|
-
Add <tt>:authenticatable</tt> to the model you want to enable code_authenticatable
|
23
|
+
Add `:authenticatable` to the model you want to enable code_authenticatable, also make sure `:database_authenticatable` is removed
|
29
24
|
|
30
25
|
```ruby
|
31
26
|
class User < ActiveRecord::Base
|
@@ -40,8 +35,5 @@ This plugin is included with basic views, to customize the views you need to run
|
|
40
35
|
rails generate devise_code_authenticatable:views
|
41
36
|
```
|
42
37
|
|
43
|
-
### Login by password
|
44
|
-
The existing <tt>Devise::SessionsController</tt> would be override, so you can not login by your password
|
45
|
-
|
46
38
|
## License
|
47
39
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
@@ -16,6 +16,20 @@ require 'devise_code_authenticatable/rails'
|
|
16
16
|
require 'devise_code_authenticatable/strategies/code_authenticatable'
|
17
17
|
|
18
18
|
module Devise
|
19
|
+
# Public: Maximum retry times for a code to be verifed (default: 5).
|
20
|
+
# Login code will not change even if user click resend mail,
|
21
|
+
# and the same code will be sent again.
|
22
|
+
#
|
23
|
+
# config.retry_limit = 1 # => The code will be reset immediately when user passed wrong code
|
24
|
+
mattr_accessor :retry_limit
|
25
|
+
@@retry_limit = 5
|
26
|
+
|
27
|
+
# Public: Deadline for a code to be verifed (default: 10.minutes).
|
28
|
+
# Login code will expired if user has not enter the login_code in 10 minutes
|
29
|
+
#
|
30
|
+
# config.expire_time = 1.hour # => The code is valid in the next hour after generated
|
31
|
+
mattr_accessor :expire_time
|
32
|
+
@@expire_time = 10.minutes
|
19
33
|
end
|
20
34
|
|
21
35
|
|
@@ -17,16 +17,20 @@ module DeviseCodeAuthenticatable
|
|
17
17
|
|
18
18
|
def verify(code)
|
19
19
|
if expired?
|
20
|
-
|
20
|
+
return false
|
21
21
|
end
|
22
22
|
|
23
23
|
self.retry_times += 1; save
|
24
24
|
self.code == code
|
25
25
|
end
|
26
26
|
|
27
|
+
def used?
|
28
|
+
expired
|
29
|
+
end
|
30
|
+
|
27
31
|
def expired?
|
28
|
-
retry_time_limit =
|
29
|
-
expire_at = (self.created_at || Time.now) +
|
32
|
+
retry_time_limit = self.class.retry_limit
|
33
|
+
expire_at = (self.created_at || Time.now) + self.class.expire_time
|
30
34
|
|
31
35
|
self.expired = self.expired || Time.now.after?(expire_at) || self.retry_times.to_i > retry_time_limit
|
32
36
|
end
|
@@ -36,7 +40,8 @@ module DeviseCodeAuthenticatable
|
|
36
40
|
end
|
37
41
|
|
38
42
|
module ClassMethods
|
39
|
-
Devise::Models.config(self, :
|
43
|
+
Devise::Models.config(self, :retry_limit)
|
44
|
+
Devise::Models.config(self, :expire_time)
|
40
45
|
end
|
41
46
|
|
42
47
|
end
|
@@ -10,21 +10,25 @@ module DeviseCodeAuthenticatable
|
|
10
10
|
login_code = params[scope].fetch "login_code", ""
|
11
11
|
|
12
12
|
if resource.nil?
|
13
|
-
fail(:not_found_in_database)
|
13
|
+
fail(:not_found_in_database); return
|
14
|
+
end
|
15
|
+
|
16
|
+
if resource.login_codes.empty?
|
17
|
+
resource.send_code_login_instructions
|
18
|
+
fail(:login_code_expired); return
|
19
|
+
end
|
20
|
+
|
21
|
+
if resource.login_codes.last.expired?
|
22
|
+
resource.send_code_login_instructions unless resource.login_codes.last.used?
|
23
|
+
fail(:login_code_expired); return
|
24
|
+
end
|
25
|
+
|
26
|
+
if validate(resource){ hashed = true; resource.login_codes.last.verify(login_code) }
|
27
|
+
remember_me(resource)
|
28
|
+
resource.after_code_authentication
|
29
|
+
success!(resource)
|
14
30
|
else
|
15
|
-
|
16
|
-
resource.generate_login_code
|
17
|
-
resource.send_code_login_instructions
|
18
|
-
fail(:login_code_expired)
|
19
|
-
end
|
20
|
-
|
21
|
-
if validate(resource){ hashed = true; resource.login_codes.last.verify(login_code) }
|
22
|
-
remember_me(resource)
|
23
|
-
resource.after_code_authentication
|
24
|
-
success!(resource)
|
25
|
-
else
|
26
|
-
fail(:invalid_login_code)
|
27
|
-
end
|
31
|
+
fail(:invalid_login_code)
|
28
32
|
end
|
29
33
|
end
|
30
34
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_code_authenticatable
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- vincentying15
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-12-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 6.0
|
19
|
+
version: '6.0'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 6.0.2.1
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - "~>"
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: 6.0
|
29
|
+
version: '6.0'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 6.0.2.1
|