devise_code_authenticatable 0.1.3 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -11
- data/lib/devise_code_authenticatable.rb +14 -0
- data/lib/devise_code_authenticatable/login_code.rb +9 -4
- data/lib/devise_code_authenticatable/mailer.rb +1 -0
- data/lib/devise_code_authenticatable/models.rb +3 -0
- data/lib/devise_code_authenticatable/strategies/code_authenticatable.rb +18 -14
- data/lib/devise_code_authenticatable/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fd002956ced9c39d04aff6ae2571c6436a33d764a0018f0c1c63d076b1ab080d
|
|
4
|
+
data.tar.gz: 2b3b514a7add40d4aff0679369e16ffb2bb59168b4fc61d38f18177e4cb283f2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5b2c4800b08725bdff4fe3b50ce11ce353494f5064f87a68dfa09df6044b282a11f6155e8a4d32d4eef3fc75abfae099d98c96e647ea597fe22fd06de0924733
|
|
7
|
+
data.tar.gz: 33ab15669026be9ab140fe8f81d6581dd5e652ba55c32615a3c18b48dd4e94d117c75d4e5daf977e317f897bcaedfe548830c437a5eb11045374152c383cef93
|
data/README.md
CHANGED
|
@@ -1,9 +1,6 @@
|
|
|
1
1
|
# DeviseCodeAuthenticatable
|
|
2
2
|
A Devise plugin for two-factor authenticatable.
|
|
3
3
|
|
|
4
|
-
## Demo
|
|
5
|
-
An example rails app to use this plugin is setup in [demo](https://github.com/vincentying15/demo_for_devise_code_authenticatable)
|
|
6
|
-
|
|
7
4
|
## Installation
|
|
8
5
|
Add this line to your Rails Gemfile:
|
|
9
6
|
|
|
@@ -11,21 +8,19 @@ Add this line to your Rails Gemfile:
|
|
|
11
8
|
gem 'devise_code_authenticatable'
|
|
12
9
|
```
|
|
13
10
|
|
|
14
|
-
### Automatic installation
|
|
15
11
|
Run:
|
|
16
12
|
|
|
17
13
|
```bash
|
|
18
14
|
rails generate devise_code_authenticatable:install
|
|
19
15
|
```
|
|
20
16
|
|
|
21
|
-
This will create a migration file
|
|
22
|
-
|
|
17
|
+
This will create a migration file in your `db/migrate` folder, then
|
|
18
|
+
|
|
23
19
|
|
|
24
20
|
```ruby
|
|
25
21
|
rails db:migrate
|
|
26
22
|
```
|
|
27
|
-
|
|
28
|
-
Add <tt>:authenticatable</tt> to the model you want to enable code_authenticatable
|
|
23
|
+
Add `:authenticatable` to the model you want to enable code_authenticatable, also make sure `:database_authenticatable` is removed
|
|
29
24
|
|
|
30
25
|
```ruby
|
|
31
26
|
class User < ActiveRecord::Base
|
|
@@ -40,8 +35,5 @@ This plugin is included with basic views, to customize the views you need to run
|
|
|
40
35
|
rails generate devise_code_authenticatable:views
|
|
41
36
|
```
|
|
42
37
|
|
|
43
|
-
### Login by password
|
|
44
|
-
The existing <tt>Devise::SessionsController</tt> would be override, so you can not login by your password
|
|
45
|
-
|
|
46
38
|
## License
|
|
47
39
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
|
@@ -16,6 +16,20 @@ require 'devise_code_authenticatable/rails'
|
|
|
16
16
|
require 'devise_code_authenticatable/strategies/code_authenticatable'
|
|
17
17
|
|
|
18
18
|
module Devise
|
|
19
|
+
# Public: Maximum retry times for a code to be verifed (default: 5).
|
|
20
|
+
# Login code will not change even if user click resend mail,
|
|
21
|
+
# and the same code will be sent again.
|
|
22
|
+
#
|
|
23
|
+
# config.retry_limit = 1 # => The code will be reset immediately when user passed wrong code
|
|
24
|
+
mattr_accessor :retry_limit
|
|
25
|
+
@@retry_limit = 5
|
|
26
|
+
|
|
27
|
+
# Public: Deadline for a code to be verifed (default: 10.minutes).
|
|
28
|
+
# Login code will expired if user has not enter the login_code in 10 minutes
|
|
29
|
+
#
|
|
30
|
+
# config.expire_time = 1.hour # => The code is valid in the next hour after generated
|
|
31
|
+
mattr_accessor :expire_time
|
|
32
|
+
@@expire_time = 10.minutes
|
|
19
33
|
end
|
|
20
34
|
|
|
21
35
|
|
|
@@ -17,16 +17,20 @@ module DeviseCodeAuthenticatable
|
|
|
17
17
|
|
|
18
18
|
def verify(code)
|
|
19
19
|
if expired?
|
|
20
|
-
|
|
20
|
+
return false
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
self.retry_times += 1; save
|
|
24
24
|
self.code == code
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
+
def used?
|
|
28
|
+
expired
|
|
29
|
+
end
|
|
30
|
+
|
|
27
31
|
def expired?
|
|
28
|
-
retry_time_limit =
|
|
29
|
-
expire_at = (self.created_at || Time.now) +
|
|
32
|
+
retry_time_limit = self.class.retry_limit
|
|
33
|
+
expire_at = (self.created_at || Time.now) + self.class.expire_time
|
|
30
34
|
|
|
31
35
|
self.expired = self.expired || Time.now.after?(expire_at) || self.retry_times.to_i > retry_time_limit
|
|
32
36
|
end
|
|
@@ -36,7 +40,8 @@ module DeviseCodeAuthenticatable
|
|
|
36
40
|
end
|
|
37
41
|
|
|
38
42
|
module ClassMethods
|
|
39
|
-
Devise::Models.config(self, :
|
|
43
|
+
Devise::Models.config(self, :retry_limit)
|
|
44
|
+
Devise::Models.config(self, :expire_time)
|
|
40
45
|
end
|
|
41
46
|
|
|
42
47
|
end
|
|
@@ -10,21 +10,25 @@ module DeviseCodeAuthenticatable
|
|
|
10
10
|
login_code = params[scope].fetch "login_code", ""
|
|
11
11
|
|
|
12
12
|
if resource.nil?
|
|
13
|
-
fail(:not_found_in_database)
|
|
13
|
+
fail(:not_found_in_database); return
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
if resource.login_codes.empty?
|
|
17
|
+
resource.send_code_login_instructions
|
|
18
|
+
fail(:login_code_expired); return
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
if resource.login_codes.last.expired?
|
|
22
|
+
resource.send_code_login_instructions unless resource.login_codes.last.used?
|
|
23
|
+
fail(:login_code_expired); return
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
if validate(resource){ hashed = true; resource.login_codes.last.verify(login_code) }
|
|
27
|
+
remember_me(resource)
|
|
28
|
+
resource.after_code_authentication
|
|
29
|
+
success!(resource)
|
|
14
30
|
else
|
|
15
|
-
|
|
16
|
-
resource.generate_login_code
|
|
17
|
-
resource.send_code_login_instructions
|
|
18
|
-
fail(:login_code_expired)
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
if validate(resource){ hashed = true; resource.login_codes.last.verify(login_code) }
|
|
22
|
-
remember_me(resource)
|
|
23
|
-
resource.after_code_authentication
|
|
24
|
-
success!(resource)
|
|
25
|
-
else
|
|
26
|
-
fail(:invalid_login_code)
|
|
27
|
-
end
|
|
31
|
+
fail(:invalid_login_code)
|
|
28
32
|
end
|
|
29
33
|
end
|
|
30
34
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_code_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- vincentying15
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-12-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 6.0
|
|
19
|
+
version: '6.0'
|
|
20
20
|
- - ">="
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: 6.0.2.1
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - "~>"
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: 6.0
|
|
29
|
+
version: '6.0'
|
|
30
30
|
- - ">="
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 6.0.2.1
|