devise_twilio_two_factor 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 7b1ecc275a6e5ae2ca9c0cad512fc307cdf6bc46e374f231266f700a1a09fe71
+  data.tar.gz: 774d26123c2f820cab0babc3a049ebe78df4572cb386a9357dd1a8d6b14f62b6
+SHA512:
+  metadata.gz: 722b23fa02287db9b63ee3bfef7cb3326d04d866befe62af8456a1c3d6df2ff8f20469de862e2fd93e76f5064896ff60d6f968c642f9d98ded90359fb29658e3
+  data.tar.gz: 44e29e36e736438b7d648085698d0e11fa710edc052be66ccf7b0e4e052783ed45a0008888904951addb41ea14e345c0f2f8f01cc27bae118d98de6cf950e966

data/.github/workflows/main.yml

@@ -0,0 +1,27 @@
+name: Ruby
+
+on:
+  push:
+    branches:
+      - main
+
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: Ruby ${{ matrix.ruby }}
+    strategy:
+      matrix:
+        ruby:
+          - '3.1.2'
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+        bundler-cache: true
+    - name: Run the default task
+      run: bundle exec rake

data/.gitignore

@@ -0,0 +1,11 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2023-03-15
+
+- Initial release

data/Gemfile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in devise_twilio_two_factor.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+
+gem "rspec", "~> 3.0"

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2023 TODO: Write your name
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,59 @@
+# Devise Twilio Two Factor
+
+The "Devise Twilio Two-Factor Authentication Gem" is an integration solution that brings together the robust security features of the Devise gem and the reliable functionality of Twilio APIs. With this solution, incorporating two-factor authentication for user authentication in your application has never been easier. By leveraging the power of Devise and Twilio together, your application can offer enhanced security measures to your users, reducing the likelihood of unauthorized access and potential data breaches.
+
+## Installation
+
+Add devise_twilio_two_factor to your Gemfile with:
+
+```ruby
+# Gemfile
+
+gem 'devise_twilio_two_factor', '~> 0.1.0'
+```
+
+## Usage
+
+To integrate the Devise Twilio Two-Factor Authentication Gem, you'll need:
+
+- The [Devise gem](https://github.com/heartcombo/devise), set up according to their instructions.
+- A [Twilio](https://github.com/heartcombo/devise) account with the account_sid and auth token from the console.
+- A Verify Service with its ID.
+
+Add them to your devise.rb
+```ruby
+  config.twilio_account_sid = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+  config.twilio_auth_token = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+  config.twilio_verify_service_sid = "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+```
+
+From here, the generator should get you the rest of the way (you can skip the rest of the section):
+```bash
+./bin/rails generate devise_two_factor MODEL
+```
+
+To add two-factor authentication to a model, simply add the Devise Twilio Two-Factor Authenticatable module and specify two options:
+
+1) The otp_destination option should represent the field containing the phone number or email address where the OTP code will be sent.
+2) The communication_type option should be set to either "sms" or "email" depending on the desired mode of communication.
+
+Ex. for a user with a phone field -> user.phone = '+18001234567'
+```ruby
+  devise :twilio_two_factor_authenticatable, otp_destination: 'phone', communication_type: "sms"
+```
+
+lastly, just create a migration to add  `otp_required_for_login:boolean` to the table of the resource you wish to add 2fa to.
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/devise_twilio_two_factor.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/app/controllers/devise/twilio_two_factor_controller.rb

@@ -0,0 +1,83 @@
+require 'devise/version'
+
+class Devise::TwilioTwoFactorController < DeviseController
+  prepend_before_action :authenticate_scope!
+  before_action :prepare_and_validate, :handle_two_factor_authentication
+
+  def authenticate_scope!
+    self.resource = send("current_#{resource_name}")
+  end
+
+  def show
+  end
+
+  def update
+    render :show and return if params[:code].nil?
+
+    if resource.verify_otp_code(params[:code])
+      after_two_factor_success_for(resource)
+    else
+      after_two_factor_fail_for(resource)
+    end
+  end
+
+  def resend_code
+    resource.send_otp_code
+    redirect_to send("#{resource_name}_twilio_two_factor_path"), notice: I18n.t('devise.twilio_two_factor.code_has_been_sent')
+  end
+
+  private
+
+  def after_two_factor_success_for(resource)
+    set_remember_two_factor_cookie(resource)
+
+    warden.session(resource_name)[TwoFactorAuthentication::NEED_AUTHENTICATION] = false
+
+    if respond_to?(:bypass_sign_in)
+      bypass_sign_in(resource, scope: resource_name)
+    else
+      sign_in(resource_name, resource, bypass: true)
+    end
+    set_flash_message :notice, :success
+    resource.update_attribute(:failed_attempts, 0)
+
+    redirect_to after_two_factor_success_path_for(resource)
+  end
+
+  def after_two_factor_fail_for(resource)
+    resource.failed_attempts += 1
+    resource.save
+    set_flash_message :alert, :attempt_failed, now: true
+
+    if resource.login_attempts_exceeded?
+      sign_out(resource)
+      redirect_to :root
+    else
+      render :show
+    end
+  end
+
+  def set_remember_two_factor_cookie(resource)
+    expires_seconds = resource.class.remember_otp_session_for_seconds
+
+    if expires_seconds && expires_seconds > 0
+      cookies.signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME] = {
+          value: "#{resource.class}-#{resource.public_send(Devise.second_factor_resource_id)}",
+          expires: expires_seconds.seconds.from_now
+      }
+    end
+  end
+
+  def after_two_factor_success_path_for(resource)
+    stored_location_for(resource_name) || :root
+  end
+
+  def prepare_and_validate
+    redirect_to :root and return if resource.nil?
+
+    if resource.login_attempts_exceeded?
+      sign_out(resource)
+      redirect_to :root
+    end
+  end
+end

data/app/views/devise/twilio_two_factor/show.html.erb

@@ -0,0 +1,10 @@
+<h2>Enter OTP Code</h2>
+
+<p><%= flash[:notice] %></p>
+
+<%= form_tag([resource_name, :two_factor_authentication], :method => :put) do %>
+  <%= text_field_tag :code, '', autofocus: true %>
+  <%= submit_tag "Submit" %>
+<% end %>
+<%= link_to "Resend Code", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
+<%= link_to "Sign out", send("destroy_#{resource_name}_session_path"), :method => :delete %>

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "devise_twilio_two_factor"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/config/locales/de.yml

@@ -0,0 +1,8 @@
+de:
+  devise:
+    twilio_two_factor:
+      success: "Ihre Zwei-Faktor-Authentifizierung war erfolgreich."
+      attempt_failed: "Authentifizierungsversuch fehlgeschlagen."
+      max_login_attempts_reached: "Ihr Zugang wurde ganz verweigert, da Sie Ihr Versuchslimit erreicht haben."
+      contact_administrator: "Kontaktieren Sie bitte einen Ihrer Administratoren."
+      code_has_been_sent: "Ihr Einmal-Passwort wurde verschickt."

data/config/locales/en.yml

@@ -0,0 +1,8 @@
+en:
+  devise:
+    twilio_two_factor:
+      success: "Two factor authentication successful."
+      attempt_failed: "Attempt failed."
+      max_login_attempts_reached: "Access completely denied as you have reached your attempts limit"
+      contact_administrator: "Please contact your system administrator."
+      code_has_been_sent: "Your authentication code has been sent."

data/config/locales/es.yml

@@ -0,0 +1,8 @@
+es:
+  devise:
+    twilio_two_factor:
+      success: "Autenticación multi-factor realizada exitosamente."
+      attempt_failed: "La autenticación ha fallado."
+      max_login_attempts_reached: "Has llegado al límite de intentos fallidos, acceso denegado."
+      contact_administrator: "Contacte a su administrador de sistema."
+      code_has_been_sent: "El código de autenticación ha sido enviado."

data/config/locales/fr.yml

@@ -0,0 +1,8 @@
+fr:
+  devise:
+    twilio_two_factor:
+      success: "Validation en deux étapes effectuée avec succès."
+      attempt_failed: "La connexion a échoué."
+      max_login_attempts_reached: "Limite de tentatives atteinte, accès refusé."
+      contact_administrator: "Merci de contacter votre administrateur système."
+      code_has_been_sent: "Votre code de validation envoyé."

data/config/locales/ru.yml

@@ -0,0 +1,8 @@
+ru:
+  devise:
+    twilio_two_factor:
+      success: "Двухфакторная авторизация успешно пройдена."
+      attempt_failed: "Неверный код."
+      max_login_attempts_reached: "Доступ заблокирован. Превышено число попыток авторизации"
+      contact_administrator: "Пожалуйста, свяжитесь с системным администратором."
+      code_has_been_sent: "Ваш персональный код был отправлен."

data/devise_twilio_two_factor.gemspec

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require_relative 'lib/devise_twilio_two_factor/version'
+
+Gem::Specification.new do |spec|
+  spec.name = 'devise_twilio_two_factor'
+  spec.version = DeviseTwilioTwoFactor::VERSION
+  spec.authors     = ['John Livingston']
+  spec.email       = 'jclivingston316@gmail.com'
+
+
+  spec.platform    = Gem::Platform::RUBY
+  spec.licenses    = ['MIT']
+  spec.summary     = 'Devise Twilio Verify Two Factor Authentication'
+  spec.homepage    = 'https://github.com/jliv316/devise-twilio-two-factor'
+  spec.description = 'Devise Twilio Verify Two Factor Authentication'
+  spec.required_ruby_version = '>= 2.6.0'
+
+  # spec.metadata['allowed_push_host'] = "TODO: Set to your gem server 'https://example.com'"
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/Jliv316/devise_twilio_two_factor'
+  # spec.metadata['changelog_uri'] = "TODO: Put your gem's CHANGELOG.md URL here."
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(__dir__) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
+  end
+  spec.bindir = 'exe'
+  spec.files         = `git ls-files`.split("\n")
+  spec.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+
+
+  spec.add_runtime_dependency 'railties',       '>= 4.1.0'
+  spec.add_runtime_dependency 'devise',         '~> 4.8.1'
+  spec.add_runtime_dependency 'twilio-ruby',    '~> 5.66.0'
+
+  spec.add_development_dependency 'bundler',    '> 1.0'
+  spec.add_development_dependency 'rspec',      '> 3'
+  spec.add_development_dependency 'activemodel'
+  spec.add_development_dependency 'pry'
+end

data/lib/devise_twilio_two_factor/callbacks/twilio_two_factor_authenticatable.rb

@@ -0,0 +1,17 @@
+Warden::Manager.after_authentication do |user, auth, options|
+  if auth.env["action_dispatch.cookies"]
+    expected_cookie_value = "#{user.class}-#{user.public_send(Devise.second_factor_resource_id)}"
+      actual_cookie_value = auth.env["action_dispatch.cookies"].signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME]
+    bypass_by_cookie = actual_cookie_value == expected_cookie_value
+  end
+
+  if user.respond_to?(:otp_required_for_login) && !bypass_by_cookie
+     if auth.session(options[:scope])[TwoFactorAuthentication::NEED_AUTHENTICATION] = user.need_two_factor_authentication?(auth.request)
+       user.send_otp_code if user.send_new_otp_after_login?
+     end
+  end
+end
+
+Warden::Manager.before_logout do |user, auth, _options|
+  auth.cookies.delete TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME if Devise.delete_cookie_on_logout
+end

data/lib/devise_twilio_two_factor/callbacks.rb

@@ -0,0 +1 @@
+require_relative "callbacks/twilio_two_factor_authenticatable"

data/lib/devise_twilio_two_factor/controllers/helpers.rb

@@ -0,0 +1,54 @@
+module DeviseTwilioTwoFactor
+  module Controllers
+    module Helpers
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :handle_two_factor_authentication
+      end
+
+      private
+
+      def handle_two_factor_authentication
+        unless devise_controller?
+          Devise.mappings.keys.flatten.any? do |scope|
+            if signed_in?(scope) && warden.session(scope)[TwoFactorAuthentication::NEED_AUTHENTICATION]
+              handle_failed_second_factor(scope)
+            end
+          end
+        end
+      end
+
+      def handle_failed_second_factor(scope)
+        if request.format.present?
+          if request.format.html?
+            session["#{scope}_return_to"] = request.original_fullpath if request.get?
+            redirect_to twilio_two_factor_path_for(scope)
+          elsif request.format.json?
+            session["#{scope}_return_to"] = root_path(format: :html)
+            render json: { redirect_to: twilio_two_factor_path_for(scope) }, status: :unauthorized
+          end
+        else
+          head :unauthorized
+        end
+      end
+
+      def twilio_two_factor_path_for(resource_or_scope = nil)
+        scope = Devise::Mapping.find_scope!(resource_or_scope)
+        change_path = "#{scope}_twilio_two_factor_path"
+        send(change_path)
+      end
+
+    end
+  end
+end
+
+module Devise
+  module Controllers
+    module Helpers
+      def is_fully_authenticated?
+        !session["warden.user.user.session"].try(:[], TwoFactorAuthentication::NEED_AUTHENTICATION)
+      end
+    end
+  end
+end

data/lib/devise_twilio_two_factor/controllers.rb

@@ -0,0 +1 @@
+require_relative "controllers/helpers.rb"

data/lib/devise_twilio_two_factor/models/twilio_two_factor_authenticatable.rb

@@ -0,0 +1,44 @@
+module Devise
+  module Models
+    module TwilioTwoFactorAuthenticatable
+      extend ActiveSupport::Concern
+
+      def send_otp_code
+        twilio_client.send_code
+      end
+
+      def verify_otp_code(code)
+        twilio_client.verify_code(code)
+      end
+
+      def login_attempts_exceeded?
+        self.failed_attempts.to_i >= Devise.maximum_attempts
+      end
+
+      def need_two_factor_authentication?(request)
+        self.otp_required_for_login
+      end
+
+      def send_new_otp_after_login?
+        self.otp_required_for_login
+      end
+
+      private def twilio_client
+        @twilio_client ||= TwilioTwoFactorAuthClient.new(self)
+      end
+
+      protected
+      module ClassMethods
+        Devise::Models.config(self, 
+                              :otp_code_length, 
+                              :otp_destination,
+                              :communication_type, 
+                              :remember_otp_session_for_seconds,
+                              :second_factor_resource_id,
+                              :twilio_verify_service_sid,
+                              :twilio_auth_token, 
+                              :twilio_account_sid)
+      end
+    end
+  end
+end

data/lib/devise_twilio_two_factor/models.rb

@@ -0,0 +1 @@
+require_relative "models/twilio_two_factor_authenticatable"

data/lib/devise_twilio_two_factor/rails.rb

@@ -0,0 +1,7 @@
+module DeviseTwilioTwoFactor
+  class Engine < ::Rails::Engine
+    ActiveSupport.on_load(:action_controller) do
+      include DeviseTwilioTwoFactor::Controllers::Helpers
+    end
+  end
+end

data/lib/devise_twilio_two_factor/routes.rb

@@ -0,0 +1,11 @@
+module ActionDispatch::Routing
+  class Mapper
+    protected
+
+    def devise_twilio_two_factor(mapping, controllers)
+      resource :twilio_two_factor, :only => [:show, :update, :resend_code], :path => mapping.path_names[:twilio_two_factor], :controller => controllers[:twilio_two_factor] do
+        collection { get "resend_code" }
+      end
+    end
+  end
+end

data/lib/devise_twilio_two_factor/services/twilio_two_factor_client.rb

@@ -0,0 +1,41 @@
+class TwilioTwoFactorAuthClient
+  STATUS_PENDING = "pending"
+  STATUS_APPROVED = "approved"
+
+  def initialize(resource)
+    @resource = resource
+    @client = Twilio::REST::Client.new(resource.class.twilio_account_sid, resource.class.twilio_auth_token)
+  end
+
+  def send_code
+    begin
+      response = @client.verify
+        .v2
+        .services(@resource.class.twilio_verify_service_sid)
+        .verifications
+        .create(to: @resource.send(@resource.class.otp_destination), channel: @resource.class.communication_type)
+
+      return true if response.status == STATUS_PENDING
+      return false
+    rescue Twilio::REST::RestError => e
+      puts e.message
+      return false
+    end
+  end
+
+  def verify_code(code)
+    begin
+      response = @client.verify
+        .v2
+        .services(@resource.class.twilio_verify_service_sid)
+        .verification_checks
+        .create(to: @resource.send(@resource.class.otp_destination), code: code)
+      return true if response.status == STATUS_APPROVED
+      return false
+    rescue Twilio::REST::RestError => e
+      puts e.message
+      return false
+    end
+  end
+end
+

data/lib/devise_twilio_two_factor/services.rb

@@ -0,0 +1 @@
+require_relative "services/twilio_two_factor_client"

data/lib/devise_twilio_two_factor/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module DeviseTwilioTwoFactor
+  VERSION = "0.1.1"
+end

data/lib/devise_twilio_two_factor.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+require "rubygems"
+require "devise"
+require "twilio-ruby"
+require_relative "devise_twilio_two_factor/version"
+require_relative "devise_twilio_two_factor/models"
+require_relative "devise_twilio_two_factor/callbacks"
+require_relative "devise_twilio_two_factor/services"
+require_relative "devise_twilio_two_factor/rails"
+require_relative "devise_twilio_two_factor/routes"
+require_relative "devise_twilio_two_factor/controllers"
+
+module Devise
+  mattr_accessor :otp_code_length
+  @@otp_code_length = 6
+
+  mattr_accessor :twilio_account_sid
+  @@twilio_account_sid = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+
+  mattr_accessor :twilio_auth_token
+  @@twilio_auth_token = "token"
+
+  mattr_accessor :twilio_verify_service_sid
+  @@twilio_verify_service_sid = "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+
+  mattr_accessor :second_factor_resource_id
+  @@second_factor_resource_id = "id"
+
+  mattr_accessor :remember_otp_session_for_seconds
+  @@remember_otp_session_for_seconds = 30.minutes
+
+  mattr_accessor :delete_cookie_on_logout
+  @@delete_cookie_on_logout = true
+end
+
+module TwoFactorAuthentication
+  NEED_AUTHENTICATION = "otp_required_for_login"
+  REMEMBER_TFA_COOKIE_NAME = "remember_tfa"
+
+  module Controllers
+    autoload :Helpers, "devise_twilio_two_factor/controllers/helpers"
+  end
+end
+
+Devise.add_module(:twilio_two_factor_authenticatable, :route => :twilio_two_factor,
+                  :controller => :twilio_two_factor, :model => true)

data/lib/generators/devise_twilio_two_factor/devise_twilio_two_factor_generator.rb

@@ -0,0 +1,46 @@
+require 'rails/generators'
+
+module DeviseTwilioTwoFactor
+  module Generators
+    class DeviseTwilioTwoFactorGenerator < Rails::Generators::NamedBase
+      desc 'Creates a migration to add the required attributes to NAME, and ' \
+           'adds the necessary Devise directives to the model'
+
+      def install_devise_twilio_two_factor
+        create_devise_twilio_two_factor_migration
+        inject_devise_directives_into_model
+      end
+
+    private
+
+      def create_devise_twilio_two_factor_migration
+        migration_arguments = [
+                                "add_devise_twilio_two_factor_to_#{plural_name}",
+                                "otp_required_for_login:boolean",
+                              ]
+
+        Rails::Generators.invoke('active_record:migration', migration_arguments)
+      end
+
+      def inject_devise_directives_into_model
+        model_path = File.join('app', 'models', "#{file_path}.rb")
+
+        class_path = if namespaced?
+          class_name.to_s.split("::")
+        else
+          [class_name]
+        end
+
+        indent_depth = class_path.size
+
+        content = [
+                    "devise :twilio_two_factor_authenticatable"
+                  ]
+
+        content = content.map { |line| "  " * indent_depth + line }.join("\n") << "\n"
+
+        inject_into_class(model_path, class_path.last, content)
+      end
+    end
+  end
+end

data/sig/devise_twilio_two_factor.rbs

@@ -0,0 +1,4 @@
+module DeviseTwilioTwoFactor
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

data/spec/models/twilio_two_factor_authenticatable_spec.rb

@@ -0,0 +1,89 @@
+require 'spec_helper'
+
+class TwilioTwoFactorAuthenticatableDouble
+  extend ::ActiveModel::Callbacks
+  include ::ActiveModel::Validations::Callbacks
+  extend  ::Devise::Models
+
+  devise :twilio_two_factor_authenticatable, otp_destination: "phone", communication_type: "sms"
+end
+
+RSpec.describe ::Devise::Models::TwilioTwoFactorAuthenticatable do
+  context 'When included in a class' do
+    subject { TwilioTwoFactorAuthenticatableDouble.new }
+
+    it 'creates class variables with the options passed' do
+      expect(subject.class.otp_destination).to eq("phone")
+      expect(subject.class.communication_type).to eq("sms")
+    end
+
+    it 'has access to class variables defined in Devise' do
+      expect(subject.class.otp_code_length).to eq(6)
+      expect(subject.class.twilio_account_sid).to eq("ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")
+      expect(subject.class.twilio_auth_token).to eq("token")
+      expect(subject.class.twilio_verify_service_sid).to eq("VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")
+      expect(subject.class.second_factor_resource_id).to eq("id")
+      expect(subject.class.remember_otp_session_for_seconds).to eq(30.minutes)
+    end
+
+    describe ".send_otp_code" do
+      let(:twilio_client) { instance_double(TwilioTwoFactorAuthClient) }
+      before do
+        allow_any_instance_of(TwilioTwoFactorAuthClient).to receive(:send_code) { true }
+        allow(TwilioTwoFactorAuthClient).to receive(:new).and_return(twilio_client)
+      end
+
+      it 'instanciates twilio client and tells client to send code' do
+        expect(TwilioTwoFactorAuthClient).to receive(:new).with(subject)
+        expect(twilio_client).to receive(:send_code)
+
+        subject.send_otp_code
+      end
+    end
+
+    describe '.verify_otp_code' do
+      let(:twilio_client) { instance_double(TwilioTwoFactorAuthClient) }
+      let(:code) { "123456" }
+      before do
+        allow_any_instance_of(TwilioTwoFactorAuthClient).to receive(:verify_code).with(code) { true }
+        allow(TwilioTwoFactorAuthClient).to receive(:new).and_return(twilio_client)
+      end
+
+      it 'instantiates twilio client and calls verify_code' do
+        expect(TwilioTwoFactorAuthClient).to receive(:new).with(subject)
+        expect(twilio_client).to receive(:verify_code).with(code)
+
+        subject.verify_otp_code(code)
+      end
+    end
+
+    describe '.login_attempts_exceeded?' do
+      it 'should return false unless locked_at is defined' do
+        allow_any_instance_of(TwilioTwoFactorAuthenticatableDouble).to receive(:failed_attempts) { 0 }
+        expect(subject.login_attempts_exceeded?).to eq(false)
+      end
+
+      it 'should return true if login_attempts exceeds max login attempts' do
+        allow_any_instance_of(TwilioTwoFactorAuthenticatableDouble).to receive(:failed_attempts) { 100 }
+
+        expect(subject.login_attempts_exceeded?).to eq(true)
+      end
+    end
+
+    describe '.send_new_otp_after_login?' do
+      it 'should return false if otp_required_for_login is false' do
+        allow_any_instance_of(TwilioTwoFactorAuthenticatableDouble).to receive(:otp_required_for_login) { false }
+
+        expect(subject.send_new_otp_after_login?).to eq(false)
+      end
+
+      it 'should return true if otp_required_for_login is true' do
+        allow_any_instance_of(TwilioTwoFactorAuthenticatableDouble).to receive(:otp_required_for_login) { true }
+
+        expect(subject.send_new_otp_after_login?).to eq(true)
+      end
+    end
+  end
+end
+
+

data/spec/services/twilio_two_factor_auth_client_spec.rb

@@ -0,0 +1,78 @@
+require 'spec_helper'
+
+class TwilioTwoFactorAuthenticatableDouble
+  extend ::ActiveModel::Callbacks
+  include ::ActiveModel::Validations::Callbacks
+  extend  ::Devise::Models
+
+  devise :twilio_two_factor_authenticatable, otp_destination: "phone", communication_type: "sms"
+end
+
+RSpec.describe TwilioTwoFactorAuthClient, type: :service do
+  let(:twilio_client) { instance_double(Twilio::REST::Client) }
+  let(:mock_number) { "+16309437616" }
+  let(:mock_twilio_response) { instance_double("twilio_response") }
+  let(:mock_code) { "123456" }
+
+  before do
+    allow_any_instance_of(TwilioTwoFactorAuthenticatableDouble).to receive(:phone).and_return(mock_number)
+    allow(Twilio::REST::Client).to receive(:new).and_return(twilio_client)
+  end
+
+  describe 'new' do
+    it 'should instantiate twilio client' do
+      expect(Twilio::REST::Client).to receive(:new).and_return(twilio_client)
+
+      TwilioTwoFactorAuthClient.new(TwilioTwoFactorAuthenticatableDouble.new)
+    end
+  end
+
+  describe '#send_code' do
+    describe 'code was send successfully' do
+      it 'should have status pending and return true' do
+        allow(mock_twilio_response).to receive(:status).and_return("pending")
+        allow(twilio_client).to receive_message_chain(:verify, :v2, :services, :verifications, :create).and_return(mock_twilio_response) 
+        expect(twilio_client).to receive_message_chain(:verify, :v2, :services, :verifications, :create) 
+
+        response = TwilioTwoFactorAuthClient.new(TwilioTwoFactorAuthenticatableDouble.new).send_code
+        expect(response).to eq(true)
+      end
+    end
+
+    describe 'failed to send code' do
+      it 'it should have status cancelled and return false' do
+        allow(mock_twilio_response).to receive(:status).and_return("cancelled")
+        allow(twilio_client).to receive_message_chain(:verify, :v2, :services, :verifications, :create).and_return(mock_twilio_response) 
+        expect(twilio_client).to receive_message_chain(:verify, :v2, :services, :verifications, :create) 
+
+        response = TwilioTwoFactorAuthClient.new(TwilioTwoFactorAuthenticatableDouble.new).send_code
+        expect(response).to eq(false)
+      end
+    end
+  end
+
+  describe '#verify_code' do
+    describe 'code was verified' do
+      it 'should return a status of approved and true' do
+        allow(mock_twilio_response).to receive(:status).and_return("approved")
+        allow(twilio_client).to receive_message_chain(:verify, :v2, :services, :verification_checks, :create).and_return(mock_twilio_response) 
+        expect(twilio_client).to receive_message_chain(:verify, :v2, :services, :verification_checks, :create) 
+
+        response = TwilioTwoFactorAuthClient.new(TwilioTwoFactorAuthenticatableDouble.new).verify_code(mock_code)
+        expect(response).to eq(true)
+      end
+    end
+
+    describe 'code could not be verified' do
+      it 'should return a status of pending and false' do
+        allow(mock_twilio_response).to receive(:status).and_return("pending")
+        allow(twilio_client).to receive_message_chain(:verify, :v2, :services, :verification_checks, :create).and_return(mock_twilio_response) 
+        expect(twilio_client).to receive_message_chain(:verify, :v2, :services, :verification_checks, :create) 
+
+        response = TwilioTwoFactorAuthClient.new(TwilioTwoFactorAuthenticatableDouble.new).verify_code(mock_code)
+        expect(response).to eq(false)
+      end
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require "devise_twilio_two_factor"
+require 'active_model'
+require 'devise'
+
+RSpec.configure do |config|
+  # Enable flags like --only-failures and --next-failure
+  config.example_status_persistence_file_path = ".rspec_status"
+
+  # Disable RSpec exposing methods globally on `Module` and `main`
+  config.disable_monkey_patching!
+
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+end

metadata

@@ -0,0 +1,180 @@
+--- !ruby/object:Gem::Specification
+name: devise_twilio_two_factor
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- John Livingston
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2023-03-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.0
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.8.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.8.1
+- !ruby/object:Gem::Dependency
+  name: twilio-ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.66.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.66.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Devise Twilio Verify Two Factor Authentication
+email: jclivingston316@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/main.yml"
+- ".gitignore"
+- ".rspec"
+- CHANGELOG.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- app/controllers/devise/twilio_two_factor_controller.rb
+- app/views/devise/twilio_two_factor/show.html.erb
+- bin/console
+- bin/setup
+- config/locales/de.yml
+- config/locales/en.yml
+- config/locales/es.yml
+- config/locales/fr.yml
+- config/locales/ru.yml
+- devise_twilio_two_factor.gemspec
+- lib/devise_twilio_two_factor.rb
+- lib/devise_twilio_two_factor/callbacks.rb
+- lib/devise_twilio_two_factor/callbacks/twilio_two_factor_authenticatable.rb
+- lib/devise_twilio_two_factor/controllers.rb
+- lib/devise_twilio_two_factor/controllers/helpers.rb
+- lib/devise_twilio_two_factor/models.rb
+- lib/devise_twilio_two_factor/models/twilio_two_factor_authenticatable.rb
+- lib/devise_twilio_two_factor/rails.rb
+- lib/devise_twilio_two_factor/routes.rb
+- lib/devise_twilio_two_factor/services.rb
+- lib/devise_twilio_two_factor/services/twilio_two_factor_client.rb
+- lib/devise_twilio_two_factor/version.rb
+- lib/generators/devise_twilio_two_factor/devise_twilio_two_factor_generator.rb
+- sig/devise_twilio_two_factor.rbs
+- spec/models/twilio_two_factor_authenticatable_spec.rb
+- spec/services/twilio_two_factor_auth_client_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/jliv316/devise-twilio-two-factor
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/jliv316/devise-twilio-two-factor
+  source_code_uri: https://github.com/Jliv316/devise_twilio_two_factor
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.7
+signing_key:
+specification_version: 4
+summary: Devise Twilio Verify Two Factor Authentication
+test_files:
+- spec/models/twilio_two_factor_authenticatable_spec.rb
+- spec/services/twilio_two_factor_auth_client_spec.rb
+- spec/spec_helper.rb