devise_google_authenticator 0.3.7 → 0.3.8

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    ZjMxZmMyYjM2ZWFkNzg3MGUzODE4ZGY0ODc2M2FjODBkN2M2NWJkMQ==
+    NjBmNWJmYjg3Yzk3NWE4ZmU1Njg1OTYyOTEwODE0MzUxMDU0ODBjMg==
   data.tar.gz: !binary |-
-    ZWVmODk0ZThjZDk4ZTA3YjFhNmNjOWJiMDZlYTZiNGIzYTY2YWYwYw==
+    ZDNmNDMwNmQ2ZjgzOTYyNmRlMjY0Y2ZjZGFlNWRiM2QzNmRiOGJhNg==
 SHA512:
   metadata.gz: !binary |-
-    YTk2YzQ0OGVkYzZhOTI1NTY3NjFiYmM3ZTRiMWZiOTU4YzNlZTcxYTQzNDBl
-    Y2NjMDgyYWVlYzA0ZDNlZjFkMmNmNzA3YjA2YzZiMTViMWQzMzA0MmFmNTQ5
-    YmUzOGMxYzYzNjg1NTY4NWFiMjIzZGNhNmZjM2IxMjA5ZWEwMGU=
+    NTdhZGZmZmFhYjEyMzk3NDEwYmU0ODlhNWViMzQ2MTI4YzA4ZjllNmMxYzhk
+    Y2VlMDNmOTM0NTQ5ZmQ5M2Y5OWMyYjFmNzg0MTVjZWM3MTVlOTMyNWVjMDI0
+    NTI0NzUyN2RmYmViMWNlZDQ0OWIzYzNiY2NjNTBjOTdkYjc1NTI=
   data.tar.gz: !binary |-
-    YWZhM2YwNmM2MGJmYTAwZWYyZDM5Y2YxYTZlZGE3NjI2M2NiM2ZkMWM5MDg3
-    OTk4NjE2MjJhNjhhZDVjNzhjNGJhODk4MTVkZjA0MzAwNDBlODJlZGNjZjli
-    ZTY1NDA5ZGYyZGY4MDhjMmRjNjg4OWJkMWZiY2NkMGE3ODYwNzM=
+    ZTk2MTk2ODA1YzJkM2E0ZDY5ZmM1YTNhOGJlZTM0ZDZjYjYzNWY1YzUzNzg4
+    OWI3Y2U4MDMxN2MwNDg3MTJmM2JkNjI4MzdkOTdhMDcxY2I5ZDNmZTVhYjE3
+    MDE4NmNkODBkNTg4MmMyMDkyZjhkNGRmNjQxMzY5OTQxYTlkMWE=

data/README.rdoc

@@ -13,13 +13,14 @@ This is a devise[https://github.com/plataformatec/devise] extension to allow you
 * Version 0.3.5 - Updated README for Rails apps with existing users. (Thanks Jon Collier)
 * Version 0.3.6 - Slight updates - increased key size, more open gemspec, updated en.yml. (Thanks Michael Guymon)
 * Version 0.3.7 - Support for current Devise (3.2.0) and Rails4 (Thanks https://github.com/ronald05arias) - integration test still broke - need to address this
+* Version 0.3.8 - Support for remembering the token authentication. (i.e. don't request the token for a configurable amount of time Thanks https://github.com/blahblahblah-) - and seriously, I'm going to try and refactor all the integration tests with Rspec.
 
 == Installation
 
 Add the gem to your Gemfile (don't forget devise too):
 
 * gem 'devise'
-* gem 'devise_google_authenticator', '0.3.7'
+* gem 'devise_google_authenticator', '0.3.8'
 
 Don't forget to "bundle install"
 

data/app/controllers/devise/checkga_controller.rb

@@ -22,11 +22,21 @@ class Devise::CheckgaController < Devise::SessionsController
         set_flash_message(:notice, :signed_in) if is_navigational_format?
         sign_in(resource_name,resource)
         respond_with resource, :location => after_sign_in_path_for(resource)
+
+        if not resource.class.ga_remembertime.nil? 
+          cookies.signed[:gauth] = {
+            :value => resource.email << "," << Time.now.to_i.to_s,
+            :secure => !(Rails.env.test? || Rails.env.development?),
+            :expires => (resource.class.ga_remembertime + 1.days).from_now
+          }
+        end
       else
+        set_flash_message(:error, :error)
         redirect_to :root
       end
 
     else
+      set_flash_message(:error, :error)
       redirect_to :root
     end
   end

data/app/controllers/devise/displayqr_controller.rb

@@ -14,7 +14,7 @@ class Devise::DisplayqrController < DeviseController
 
   def update
     if resource.set_gauth_enabled(resource_params)
-      set_flash_message :notice, "Status Updated!"
+      set_flash_message :notice, :status
       sign_in scope, resource, :bypass => true
       redirect_to stored_location_for(scope) || :root
     else

data/config/locales/en.yml

@@ -9,4 +9,8 @@ en:
       submit: "Continue..."
     checkga:
       user:
-        signed_in: "Signed in successfully from token."
+        signed_in: "Signed in successfully from token."
+        error: "Sign in failed"
+    displayqr:
+      user:
+        status: "User status updated!"

data/lib/devise_google_authenticatable/models/google_authenticatable.rb

@@ -49,6 +49,19 @@ module Devise # :nodoc:
           end
         end
 
+        def require_token?(cookie)
+          if self.class.ga_remembertime.nil? || cookie.blank?
+            return true
+          end
+          array = cookie.to_s.split ','
+          if array.count != 2
+            return true
+          end
+          last_logged_in_email = array[0]
+          last_logged_in_time = array[1].to_i
+          return last_logged_in_email != self.email || (Time.now.to_i - last_logged_in_time) > self.class.ga_remembertime.to_i
+        end
+
         private
 
         def assign_auth_secret
@@ -61,7 +74,7 @@ module Devise # :nodoc:
         def find_by_gauth_tmp(gauth_tmp)
           find(:first, :conditions => {:gauth_tmp => gauth_tmp})
         end
-        ::Devise::Models.config(self, :ga_timeout, :ga_timedrift)
+        ::Devise::Models.config(self, :ga_timeout, :ga_timedrift, :ga_remembertime)
       end
     end
   end

data/lib/devise_google_authenticatable/patches/check_ga.rb

@@ -11,21 +11,20 @@ module DeviseGoogleAuthenticator::Patches
 
         resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
 
-        if resource.respond_to?(:get_qr) and resource.gauth_enabled.to_i != 0 #Therefore we can quiz for a QR
+        if resource.respond_to?(:get_qr) and resource.gauth_enabled.to_i != 0 and resource.require_token?(cookies.signed[:gauth]) #Therefore we can quiz for a QR
           tmpid = resource.assign_tmp #assign a temporary key and fetch it
           warden.logout #log the user out
 
           #we head back into the checkga controller with the temporary id
           respond_with resource, :location => { :controller => 'checkga', :action => 'show', :id => tmpid}
 
-        else #It's not using, or not enabled for Google 2FA - carry on, nothing to see here.
+        else #It's not using, or not enabled for Google 2FA, OR is remembering token and therefore not asking for the moment - carry on, nothing to see here.
           set_flash_message(:notice, :signed_in) if is_flashing_format?
           sign_in(resource_name, resource)
           respond_with resource, :location => after_sign_in_path_for(resource)
         end
 
       end
-      
     end
   end
 end

data/lib/devise_google_authenticator.rb

@@ -11,6 +11,9 @@ module Devise # :nodoc:
 
 	mattr_accessor :ga_timedrift
 	@@ga_timedrift = 3
+
+	mattr_accessor :ga_remembertime
+	@@ga_remembertime = 1.month
 end
 
 # a security extension for devise

data/lib/generators/devise_google_authenticator/install_generator.rb

@@ -12,6 +12,9 @@ module DeviseGoogleAuthenticator
         "  # config.ga_timeout = 3.minutes\n\n" +
         "  # Change time drift settings for valid token values. To change the default, uncomment and change the below:\n" +
         "  # config.ga_timedrift = 3\n\n" +
+        "  # Change setting to how long to remember device before requiring another token. Change to nil to turn feature off.\n" +
+        "  # To change the default, uncomment and change the below:\n" +
+        "  # config.ga_remembertime = 1.month\n\n" +
         "\n", :before => /end[ |\n|]+\Z/
       end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise_google_authenticator
 version: !ruby/object:Gem::Version
-  version: 0.3.7
+  version: 0.3.8
 platform: ruby
 authors:
 - Christian Frichot