devise_google_authenticator 0.1.0

data/.document

@@ -0,0 +1,5 @@
+lib/**/*.rb
+bin/*
+- 
+features/**/*.feature
+LICENSE.txt

data/Gemfile

@@ -0,0 +1,16 @@
+source "http://rubygems.org"
+# Add dependencies required to use your gem here.
+# Example:
+#   gem "activesupport", ">= 2.3.5"
+gem "rails"
+gem "devise"
+gem "rotp"
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "shoulda", ">= 0"
+  gem "bundler", "~> 1.0.0"
+  gem "jeweler", "~> 1.6.4"
+  gem "rcov", ">= 0"
+end

data/Gemfile.lock

@@ -0,0 +1,109 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionmailer (3.1.1)
+      actionpack (= 3.1.1)
+      mail (~> 2.3.0)
+    actionpack (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      i18n (~> 0.6)
+      rack (~> 1.3.2)
+      rack-cache (~> 1.1)
+      rack-mount (~> 0.8.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.0.2)
+    activemodel (3.1.1)
+      activesupport (= 3.1.1)
+      builder (~> 3.0.0)
+      i18n (~> 0.6)
+    activerecord (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+      arel (~> 2.2.1)
+      tzinfo (~> 0.3.29)
+    activeresource (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+    activesupport (3.1.1)
+      multi_json (~> 1.0)
+    arel (2.2.1)
+    bcrypt-ruby (3.0.1)
+    builder (3.0.0)
+    devise (1.4.9)
+      bcrypt-ruby (~> 3.0)
+      orm_adapter (~> 0.0.3)
+      warden (~> 1.0.3)
+    erubis (2.7.0)
+    git (1.2.5)
+    hike (1.2.1)
+    i18n (0.6.0)
+    jeweler (1.6.4)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+    json (1.6.1)
+    mail (2.3.0)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.17.2)
+    multi_json (1.0.3)
+    orm_adapter (0.0.5)
+    polyglot (0.3.3)
+    rack (1.3.5)
+    rack-cache (1.1)
+      rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-ssl (1.3.2)
+      rack
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rails (3.1.1)
+      actionmailer (= 3.1.1)
+      actionpack (= 3.1.1)
+      activerecord (= 3.1.1)
+      activeresource (= 3.1.1)
+      activesupport (= 3.1.1)
+      bundler (~> 1.0)
+      railties (= 3.1.1)
+    railties (3.1.1)
+      actionpack (= 3.1.1)
+      activesupport (= 3.1.1)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (~> 0.14.6)
+    rake (0.9.2.2)
+    rcov (0.9.11)
+    rdoc (3.11)
+      json (~> 1.4)
+    rotp (1.3.2)
+    shoulda (2.11.3)
+    sprockets (2.0.3)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    thor (0.14.6)
+    tilt (1.3.3)
+    treetop (1.4.10)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.31)
+    warden (1.0.6)
+      rack (>= 1.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.0.0)
+  devise
+  jeweler (~> 1.6.4)
+  rails
+  rcov
+  rotp
+  shoulda

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Christian Frichot
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,19 @@
+= devise_google_authenticator
+
+Description goes here.
+
+== Contributing to devise_google_authenticator
+ 
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
+* Fork the project
+* Start a feature/bugfix branch
+* Commit and push until you are happy with your contribution
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+== Copyright
+
+Copyright (c) 2011 Christian Frichot. See LICENSE.txt for
+further details.
+

data/Rakefile

@@ -0,0 +1,53 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name = "devise_google_authenticator"
+  gem.homepage = "http://github.com/xntrik/devise_google_authenticator"
+  gem.license = "MIT"
+  gem.summary = %Q{Devise Google Authenticator Extension}
+  gem.description = %Q{Devise Google Authenticator Extension, for adding Google's OTP to your Rails apps!}
+  gem.email = "xntrik@gmail.com"
+  gem.authors = ["Christian Frichot"]
+  # dependencies defined in Gemfile
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+require 'rcov/rcovtask'
+Rcov::RcovTask.new do |test|
+  test.libs << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+  test.rcov_opts << '--exclude "gems/*"'
+end
+
+task :default => :test
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "devise_google_authenticator #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/app/controllers/devise/checkga_controller.rb

@@ -0,0 +1,13 @@
+class Devise::CheckgaController < Devise::SessionsController
+  prepend_before_filter :require_no_authentication, :only => [ :show, :update ]
+  include Devise::Controllers::InternalHelpers
+  
+  def show
+    render_with_scope :show
+  end
+  
+  def update
+    sign_in(resource_name, resource)
+    respond_with resource, :location => redirect_location(resource_name, resource)
+  end
+end

data/app/controllers/devise/displayqr_controller.rb

@@ -0,0 +1,35 @@
+class Devise::DisplayqrController < ApplicationController
+  prepend_before_filter :authenticate_scope!, :only => [:show,:update]
+  
+  include Devise::Controllers::InternalHelpers
+  
+  def show
+    if not resource.nil? and not resource.gauth_secret.nil?
+      render_with_scope :show
+    else
+      sign_in scope, resource, :bypass => true
+      redirect_to stored_location_for(scope) || :root
+    end
+  end
+  
+  def update
+    tmp = params[resource_name]
+    if resource.set_gauth_enabled(params[resource_name])
+      set_flash_message :notice, "Status Updated!"
+      sign_in scope, resource, :bypass => true
+      redirect_to stored_location_for(scope) || :root
+    else
+      render_with_scope :show
+    end
+  end
+    
+  private
+  def scope
+    resource_name.to_sym
+  end
+  
+  def authenticate_scope!
+    send(:"authenticate_#{resource_name}!")
+    self.resource = send("current_#{resource_name}")
+  end
+end

data/app/views/devise/checkga/show.html.erb

@@ -0,0 +1,6 @@
+<h2>Submit QR Code</h2>
+
+<%= form_for(resource, :as => resource_name, :url => [resource_name, :checkga], :html => { :method => :put }) do |f| %>
+	
+	<p><%= f.submit "Continue.." %></p>
+<% end %>

data/app/views/devise/displayqr/show.html.erb

@@ -0,0 +1,12 @@
+<h2>Your QR Code</h2>
+
+<%= google_authenticator_qrcode(resource) %>
+
+<%= form_for(resource, :as => resource_name, :url => [resource_name, :displayqr], :html => { :method => :put }) do |f| %>
+	<%= devise_error_messages! %>
+	<h3>Would you like to enable Google Authenticator?</h3>
+	<p><%= f.label :gauth_enabled, "Google Authenticator Status" %><br />
+	<%= f.check_box :gauth_enabled %></p>
+	
+	<p><%= f.submit "Continue.." %></p>
+<% end %>

data/devise_google_authenticator.gemspec

@@ -0,0 +1,82 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = "devise_google_authenticator"
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Christian Frichot"]
+  s.date = "2011-11-21"
+  s.description = "Devise Google Authenticator Extension, for adding Google's OTP to your Rails apps!"
+  s.email = "xntrik@gmail.com"
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.rdoc"
+  ]
+  s.files = [
+    ".document",
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE.txt",
+    "README.rdoc",
+    "Rakefile",
+    "VERSION",
+    "app/controllers/devise/checkga_controller.rb",
+    "app/controllers/devise/displayqr_controller.rb",
+    "app/views/devise/checkga/show.html.erb",
+    "app/views/devise/displayqr/show.html.erb",
+    "devise_google_authenticator.gemspec",
+    "lib/devise_google_authenticatable/controllers/helpers.rb",
+    "lib/devise_google_authenticatable/hooks/google_authenticatable.rb",
+    "lib/devise_google_authenticatable/models/google_authenticatable.rb",
+    "lib/devise_google_authenticatable/orm/active_record.rb",
+    "lib/devise_google_authenticatable/patches.rb",
+    "lib/devise_google_authenticatable/patches/check_ga.rb",
+    "lib/devise_google_authenticatable/patches/display_qr.rb",
+    "lib/devise_google_authenticatable/rails.rb",
+    "lib/devise_google_authenticatable/routes.rb",
+    "lib/devise_google_authenticatable/schema.rb",
+    "lib/devise_google_authenticator.rb",
+    "test/helper.rb",
+    "test/test_devise_google_authenticator.rb"
+  ]
+  s.homepage = "http://github.com/xntrik/devise_google_authenticator"
+  s.licenses = ["MIT"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = "1.8.10"
+  s.summary = "Devise Google Authenticator Extension"
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<rails>, [">= 0"])
+      s.add_runtime_dependency(%q<devise>, [">= 0"])
+      s.add_runtime_dependency(%q<rotp>, [">= 0"])
+      s.add_development_dependency(%q<shoulda>, [">= 0"])
+      s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_development_dependency(%q<jeweler>, ["~> 1.6.4"])
+      s.add_development_dependency(%q<rcov>, [">= 0"])
+    else
+      s.add_dependency(%q<rails>, [">= 0"])
+      s.add_dependency(%q<devise>, [">= 0"])
+      s.add_dependency(%q<rotp>, [">= 0"])
+      s.add_dependency(%q<shoulda>, [">= 0"])
+      s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
+      s.add_dependency(%q<rcov>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<rails>, [">= 0"])
+    s.add_dependency(%q<devise>, [">= 0"])
+    s.add_dependency(%q<rotp>, [">= 0"])
+    s.add_dependency(%q<shoulda>, [">= 0"])
+    s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+    s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
+    s.add_dependency(%q<rcov>, [">= 0"])
+  end
+end
+

data/lib/devise_google_authenticatable/controllers/helpers.rb

@@ -0,0 +1,17 @@
+module DeviseGoogleAuthenticator
+  module Controllers # :nodoc:
+    module Helpers # :nodoc:
+      def google_authenticator_qrcode(user)
+        data = "otpauth://totp/#{username_from_email(user.email)}@#{Rails.application.class.parent_name}?secret=#{user.gauth_secret}"
+        data = Rack::Utils.escape(data)
+        url = "https://chart.googleapis.com/chart?chs=200x200&chld=M|0&cht=qr&chl=#{data}"
+        return image_tag(url, :alt => 'Google Authenticator QRCode')
+      end
+      
+      def username_from_email(email)
+        (/^(.*)@/).match(email)[1]
+      end
+      
+    end
+  end
+end

data/lib/devise_google_authenticatable/hooks/google_authenticatable.rb

@@ -0,0 +1,9 @@
+Warden::Manager.after_set_user do |record, warden, options|
+  if record.respond_to?(:login_phase_one)
+    if warden.session(options[:scope]).fetch(:gauth_phase_one,"nope") == "nope"
+      redirect_to :controller => 'checkga', :action => 'show'
+    end
+    #warden.session(options[:scope])[:gauth_phase_one] 
+  #respond_with record, :location => {:controller => 'checkga', :action => 'show'}
+  end
+end

data/lib/devise_google_authenticatable/models/google_authenticatable.rb

@@ -0,0 +1,44 @@
+require 'rotp'
+#require 'devise_google_authenticatable/hooks/google_authenticatable'
+
+module Devise # :nodoc:
+  module Models # :nodoc:
+
+    module GoogleAuthenticatable
+
+      def self.included(base) # :nodoc:
+        base.extend ClassMethods
+
+        base.class_eval do
+          before_validation :assign_auth_secret, :on => :create
+          include InstanceMethods
+        end
+      end
+
+      module InstanceMethods # :nodoc:
+        def get_qr
+          self.gauth_secret
+        end
+        
+        def set_gauth_enabled(param)
+          self.update_without_password(param)
+        end
+        
+        def login_phase_one
+          return "yep"
+        end
+
+        private
+
+        def assign_auth_secret
+          self.gauth_secret = ROTP::Base32.random_base32
+        end
+        
+      end
+
+      module ClassMethods # :nodoc:
+        #Something here?
+      end
+    end
+  end
+end

data/lib/devise_google_authenticatable/orm/active_record.rb

@@ -0,0 +1,21 @@
+module DeviseGoogleAuthenticator
+  module Orm
+    # This module contains handle schema (migrations):
+    #
+    #  create_table :accounts do |t|
+    #    t.gauth_secret
+    #    t.gauth_enabled
+    #  end
+    #
+
+    module ActiveRecord
+      module Schema
+        include DeviseGoogleAuthenticator::Schema
+      end
+    end
+
+  end
+end
+
+ActiveRecord::ConnectionAdapters::Table.send :include, DeviseGoogleAuthenticator::Orm::ActiveRecord::Schema
+ActiveRecord::ConnectionAdapters::TableDefinition.send :include, DeviseGoogleAuthenticator::Orm::ActiveRecord::Schema

data/lib/devise_google_authenticatable/patches/check_ga.rb

@@ -0,0 +1,90 @@
+module DeviseGoogleAuthenticator::Patches
+  # patch Sessions controller to check that the OTP is accurate
+  module CheckGA
+    extend ActiveSupport::Concern
+    included do
+    # here the patch
+
+      alias_method :create_original, :create
+      
+      #Below is trial 1 .. over-writing most of the create method
+      #Whilst this works, I wish it was about a gazillion times cleaner
+      
+      define_method :create do
+        #Okay, firstly we grab the resource, if the user stuffs up anything, this dies immediately.
+        #This actually authenticates their password
+        resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
+
+        #Okay, check that the resource model includes the get_qr method
+        if resource.respond_to?(:get_qr) #Therefore we can quiz for a QR
+
+          # Okay, we have the method to get the qr secret, lets check if the user has gauth enabled
+          if resource.gauth_enabled.to_i != 0 #gauth_enabled is not set to zero, therefore it's ON!
+            
+            # Orite, At this point the user model includes the extension stuff
+            # PLUS, gauth_enabled is ON, so lets try and authenticate .. but first
+            
+            # Lets check if the "POST" includes the gauth_submit parameter
+            if params.fetch(resource_name).include?("gauth_submit") #Yep, the browser submitted the gauth_submit - OTP
+              
+              #Okay, lets get what they submitted in the form, crunch it into an int
+              submitted_value = params.fetch(resource_name).fetch("gauth_submit").to_i
+              
+              #By default, gauth is not successful
+              gauth_successful = false
+              
+              if submitted_value == 0 #We have a field, but they've left it blank..
+                #Nothing, they left the field blank, and therefore will not sign in, gauth_successfull remains false
+              else
+                #Okay, they submitted something into the OTP field
+              
+                #Lets account for the fact the timing may not always be accurate, so go backwards, current and forwards
+                #If the submitted OTP matches, then gauth_successful is true - YAY for you! .. Yay for you indeed.
+                
+                #CF TODO: Do some checking here, how late can these codes be??
+                if submitted_value == ROTP::TOTP.new(resource.get_qr).at(Time.now.ago(30))
+                  gauth_successful = true
+                elsif submitted_value == ROTP::TOTP.new(resource.get_qr).at(Time.now)
+                  gauth_successful = true
+                elsif submitted_value == ROTP::TOTP.new(resource.get_qr).at(Time.now.in(30))
+                  gauth_successful = true
+                end
+              end
+              
+              if gauth_successful == true #That means the OTP actually worked, lets log 'em in
+                set_flash_message(:notice, :signed_in) if is_navigational_format?
+                sign_in(resource_name, resource)
+                respond_with resource, :location => redirect_location(resource_name, resource)
+              else #That means that, the OTP did NOT line up properly, lets kick 'em back to the start
+                signed_in = signed_in?(resource_name)
+                Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)
+                resource = build_resource
+                clean_up_passwords(resource)
+                respond_with resource, :location => {:controller => 'sessions', :action => 'new'}
+              end
+              
+            else #Okay, this is odd, the user is all set to go, but the browser did NOT include the OTP, tampering occurred
+              # OR - the developer did NOT modify the "sessions" view to include 
+              # TODO: What should they put in the view again?
+              
+              #At this point, we're going to log them back out and send them back to the start
+              signed_in = signed_in?(resource_name)
+              Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)
+              resource = build_resource
+              clean_up_passwords(resource)
+              respond_with resource, :location => {:controller => 'sessions', :action => 'new'}
+            end
+          else #gauth_enabled must have been set to zero, therefore it's off .. lets just continue with the original sign in process
+            set_flash_message(:notice, :signed_in) if is_navigational_format?
+            sign_in(resource_name, resource)
+            respond_with resource, :location => redirect_location(resource_name, resource)
+          end
+        else #It looks like the model did NOT include the get_qr method .. lets just continue with the original sign in process
+          set_flash_message(:notice, :signed_in) if is_navigational_format?
+          sign_in(resource_name, resource)
+          respond_with resource, :location => redirect_location(resource_name, resource)
+        end
+      end
+    end
+  end
+end

data/lib/devise_google_authenticatable/patches/display_qr.rb

@@ -0,0 +1,31 @@
+module DeviseGoogleAuthenticator::Patches
+  # patch Registrations controller to display the QR code
+  module DisplayQR
+    extend ActiveSupport::Concern
+    included do
+      
+      #arrr be the patch
+      alias_method :create_original, :create
+
+      define_method :create do
+        build_resource
+
+        if resource.save
+          if resource.active_for_authentication?
+            set_flash_message :notice, :signed_up if is_navigational_format?
+            sign_in(resource_name, resource)
+            
+            respond_with resource, :location => {:controller => 'displayqr', :action => 'show'}
+          else
+            set_flash_message :notice, :inactive_signed_up, :reason => inactive_reason(resource) if is_navigational_format?
+            expire_session_data_after_sign_in!
+            respond_with resource, :location => after_inactive_sign_up_path_for(resource)
+          end
+        else
+          clean_up_passwords(resource)
+          respond_with_navigational(resource) { render_with_scope :new }
+        end
+      end
+    end
+  end
+end

data/lib/devise_google_authenticatable/patches.rb

@@ -0,0 +1,13 @@
+module DeviseGoogleAuthenticator
+  module Patches
+    autoload :DisplayQR, 'devise_google_authenticatable/patches/display_qr'
+    autoload :CheckGA, 'devise_google_authenticatable/patches/check_ga'
+
+    class << self
+      def apply
+        Devise::RegistrationsController.send(:include, Patches::DisplayQR)
+        Devise::SessionsController.send(:include, Patches::CheckGA)
+      end
+    end
+  end
+end

data/lib/devise_google_authenticatable/rails.rb

@@ -0,0 +1,8 @@
+module DeviseGoogleAuthenticator
+  class Engine < ::Rails::Engine # :nodoc:
+    ActionDispatch::Callbacks.to_prepare do
+      DeviseGoogleAuthenticator::Patches.apply
+    end
+
+  end
+end

data/lib/devise_google_authenticatable/routes.rb

@@ -0,0 +1,14 @@
+module ActionDispatch::Routing # :nodoc:
+  class Mapper # :nodoc:
+
+    protected
+
+    # route for handle expired passwords
+    def devise_displayqr(mapping, controllers)
+      resource :displayqr, :only => [:show, :update], :path => mapping.path_names[:displayqr], :controller => controllers[:displayqr]
+      resource :checkga, :only => [:show, :update], :path => mapping.path_names[:checkga], :controller => controllers[:checkga]
+    end
+
+  end
+end
+

data/lib/devise_google_authenticatable/schema.rb

@@ -0,0 +1,30 @@
+module DeviseGoogleAuthenticator
+  # add schema helper for migrations
+  module Schema
+    # Add gauth_secret columns in the resource's database tables
+    #
+    # Examples
+    #
+    # # For a new resource migration:
+    # create_table :the_resources do |t|
+    #   t.gauth_secret
+    #   t.gauth_enabled
+    # ...
+    # end
+    #
+    # # or if the resource's table already exists, define a migration and put this in:
+    # change_table :the_resources do |t|
+    #   t.string :gauth_secret
+    #   t.boolean :gauth_enabled
+    # end
+    #
+    def gauth_secret
+      apply_devise_schema :gauth_secret, String
+    end
+    
+    def gauth_enabled
+      apply_devise_schema :gauth_enabled, Integer, {:default => 0}
+    end
+
+  end
+end

data/lib/devise_google_authenticator.rb

@@ -0,0 +1,26 @@
+require 'active_record/connection_adapters/abstract/schema_definitions'
+require 'active_support/core_ext/integer'
+require 'active_support/core_ext/string'
+require 'active_support/ordered_hash'
+require 'active_support/concern'
+require 'devise'
+
+# a security extension for devise
+module DeviseGoogleAuthenticator
+  autoload :Schema, 'devise_google_authenticatable/schema'
+  autoload :Patches, 'devise_google_authenticatable/patches'
+  
+#  module Controllers # :nodoc:
+#    autoload :Helpers, 'devise_google_authenticatable/controllers/helpers'
+#  end
+end
+
+
+
+require 'devise_google_authenticatable/routes'
+require 'devise_google_authenticatable/rails'
+require 'devise_google_authenticatable/orm/active_record'
+require 'devise_google_authenticatable/controllers/helpers'
+ActionView::Base.send :include, DeviseGoogleAuthenticator::Controllers::Helpers
+
+Devise.add_module :google_authenticatable, :controller => :google_authenticatable, :model => 'devise_google_authenticatable/models/google_authenticatable', :route => :displayqr

data/test/helper.rb

@@ -0,0 +1,18 @@
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'test/unit'
+require 'shoulda'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'devise_google_authenticator'
+
+class Test::Unit::TestCase
+end

data/test/test_devise_google_authenticator.rb

@@ -0,0 +1,7 @@
+require 'helper'
+
+class TestDeviseGoogleAuthenticator < Test::Unit::TestCase
+  should "probably rename this file and start testing for real" do
+    flunk "hey buddy, you should probably rename this file and start testing for real"
+  end
+end

metadata

@@ -0,0 +1,153 @@
+--- !ruby/object:Gem::Specification
+name: devise_google_authenticator
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Christian Frichot
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-11-21 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: &70249517217040 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70249517217040
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: &70249517216520 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70249517216520
+- !ruby/object:Gem::Dependency
+  name: rotp
+  requirement: &70249517215940 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70249517215940
+- !ruby/object:Gem::Dependency
+  name: shoulda
+  requirement: &70249517215320 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70249517215320
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: &70249517214560 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :development
+  prerelease: false
+  version_requirements: *70249517214560
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: &70249517213420 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.6.4
+  type: :development
+  prerelease: false
+  version_requirements: *70249517213420
+- !ruby/object:Gem::Dependency
+  name: rcov
+  requirement: &70249517212620 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70249517212620
+description: Devise Google Authenticator Extension, for adding Google's OTP to your
+  Rails apps!
+email: xntrik@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.txt
+- README.rdoc
+files:
+- .document
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.rdoc
+- Rakefile
+- VERSION
+- app/controllers/devise/checkga_controller.rb
+- app/controllers/devise/displayqr_controller.rb
+- app/views/devise/checkga/show.html.erb
+- app/views/devise/displayqr/show.html.erb
+- devise_google_authenticator.gemspec
+- lib/devise_google_authenticatable/controllers/helpers.rb
+- lib/devise_google_authenticatable/hooks/google_authenticatable.rb
+- lib/devise_google_authenticatable/models/google_authenticatable.rb
+- lib/devise_google_authenticatable/orm/active_record.rb
+- lib/devise_google_authenticatable/patches.rb
+- lib/devise_google_authenticatable/patches/check_ga.rb
+- lib/devise_google_authenticatable/patches/display_qr.rb
+- lib/devise_google_authenticatable/rails.rb
+- lib/devise_google_authenticatable/routes.rb
+- lib/devise_google_authenticatable/schema.rb
+- lib/devise_google_authenticator.rb
+- test/helper.rb
+- test/test_devise_google_authenticator.rb
+homepage: http://github.com/xntrik/devise_google_authenticator
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -1606279146511615943
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Devise Google Authenticator Extension
+test_files: []