devise_userbin 0.2.0 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/devise/devise_userbin_controller.rb +8 -2
- data/app/views/devise/two_factor_authentication/show.html.erb +0 -2
- data/lib/devise_userbin/controllers/helpers.rb +31 -3
- data/lib/devise_userbin/hooks.rb +0 -14
- data/lib/devise_userbin/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 35015f1621c2543741995220d6fe872bdead9bd2
|
|
4
|
+
data.tar.gz: 5cefc818af46d4e8583260a33156e400064b8f59
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9157e336e309ec819ab20e8bd6d59bb1459d04caf2dfaf0cac7111007e4d933437313b2ec51d9f2deb8976ec600b2796af0bfc66698481f7b3eda03e10853048
|
|
7
|
+
data.tar.gz: b2e40e0014f884cee4801450fe6f937f0e7574274513d51beb8318ce5116c27608e9445cf67241936b73cd2fe22beb4d0f4b5a87d545dc74f90cbb629ad690f2
|
|
@@ -1,6 +1,13 @@
|
|
|
1
1
|
class Devise::DeviseUserbinController < DeviseController
|
|
2
2
|
include Devise::Controllers::Helpers
|
|
3
3
|
|
|
4
|
+
before_filter do
|
|
5
|
+
# This controller should only be reachable when two-factor is in progress
|
|
6
|
+
unless env['userbin'].two_factor_in_progress?
|
|
7
|
+
redirect_to after_sign_in_path_for(resource_name)
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
|
|
4
11
|
def show
|
|
5
12
|
self.resource = resource_class.new
|
|
6
13
|
end
|
|
@@ -10,7 +17,6 @@ class Devise::DeviseUserbinController < DeviseController
|
|
|
10
17
|
|
|
11
18
|
Devise.mappings.keys.flatten.any? do |scope|
|
|
12
19
|
begin
|
|
13
|
-
send("current_#{scope_name}") # initialize after_set_user in warden
|
|
14
20
|
env['userbin'].two_factor_verify(params[:code])
|
|
15
21
|
|
|
16
22
|
set_flash_message :notice, :success
|
|
@@ -19,7 +25,7 @@ class Devise::DeviseUserbinController < DeviseController
|
|
|
19
25
|
set_flash_message :alert, :failed
|
|
20
26
|
self.resource = resource_class.new
|
|
21
27
|
respond_with_navigational(resource_name) { render :show }
|
|
22
|
-
rescue Userbin::
|
|
28
|
+
rescue Userbin::ForbiddenError => error
|
|
23
29
|
sign_out_with_message(:no_retries_remaining, :alert)
|
|
24
30
|
rescue Userbin::Error => error
|
|
25
31
|
sign_out_with_message(:error, :alert)
|
|
@@ -11,5 +11,3 @@
|
|
|
11
11
|
|
|
12
12
|
<p><%= t "devise.two_factor_authentication.show.recovery_message" %><br />
|
|
13
13
|
<%= link_to t("devise.two_factor_authentication.show.recovery_action"), [resource_name, :two_factor_recovery] %></p>
|
|
14
|
-
|
|
15
|
-
<%= link_to "Sign out", destroy_session_path(resource_name), :method => Devise.sign_out_via %>
|
|
@@ -4,15 +4,41 @@ module DeviseUserbin
|
|
|
4
4
|
extend ActiveSupport::Concern
|
|
5
5
|
|
|
6
6
|
included do
|
|
7
|
+
before_filter :authorize_resource
|
|
7
8
|
before_filter :handle_two_factor_authentication
|
|
8
9
|
end
|
|
9
10
|
|
|
10
11
|
private
|
|
11
12
|
|
|
13
|
+
def authorize_resource
|
|
14
|
+
Devise.mappings.keys.flatten.any? do |scope|
|
|
15
|
+
if signed_in?(scope)
|
|
16
|
+
resource = send("current_#{scope}")
|
|
17
|
+
|
|
18
|
+
begin
|
|
19
|
+
env['userbin'].authorize!(
|
|
20
|
+
resource._userbin_id, email: resource.email)
|
|
21
|
+
rescue Userbin::Error
|
|
22
|
+
warden.logout(scope)
|
|
23
|
+
throw :warden, :scope => scope, :message => :signed_out
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
12
29
|
def handle_two_factor_authentication
|
|
13
|
-
if !devise_controller?
|
|
30
|
+
if !devise_controller?
|
|
14
31
|
Devise.mappings.keys.flatten.any? do |scope|
|
|
15
|
-
if signed_in?(scope)
|
|
32
|
+
if signed_in?(scope) && env['userbin'].authorized?
|
|
33
|
+
|
|
34
|
+
# Log out if leaving the two-factor page
|
|
35
|
+
if env['userbin'].two_factor_in_progress? &&
|
|
36
|
+
controller_name != 'two_factor_authentication' &&
|
|
37
|
+
controller_name != 'two_factor_recovery'
|
|
38
|
+
warden.logout(scope)
|
|
39
|
+
throw :warden, :scope => scope
|
|
40
|
+
end
|
|
41
|
+
|
|
16
42
|
begin
|
|
17
43
|
factor = env['userbin'].two_factor_authenticate!
|
|
18
44
|
|
|
@@ -21,7 +47,9 @@ module DeviseUserbin
|
|
|
21
47
|
when :authenticator
|
|
22
48
|
handle_required_two_factor_authentication(scope)
|
|
23
49
|
end
|
|
24
|
-
rescue Userbin::Error
|
|
50
|
+
rescue Userbin::Error
|
|
51
|
+
warden.logout(scope)
|
|
52
|
+
throw :warden, :scope => scope, :message => :signed_out
|
|
25
53
|
end
|
|
26
54
|
end
|
|
27
55
|
end
|
data/lib/devise_userbin/hooks.rb
CHANGED
|
@@ -2,20 +2,6 @@ Warden::Manager.on_request do |warden|
|
|
|
2
2
|
warden.request.env['userbin'] = Userbin::Client.new(warden.request)
|
|
3
3
|
end
|
|
4
4
|
|
|
5
|
-
# Everytime current_<scope> is prepared
|
|
6
|
-
#
|
|
7
|
-
Warden::Manager.after_set_user :only => :fetch do |record, warden, opts|
|
|
8
|
-
if record.respond_to?(:_userbin_id)
|
|
9
|
-
begin
|
|
10
|
-
userbin = warden.request.env['userbin']
|
|
11
|
-
userbin.authorize!(record._userbin_id, { email: record.email })
|
|
12
|
-
rescue Userbin::Error
|
|
13
|
-
warden.logout(opts[:scope])
|
|
14
|
-
throw :warden, :scope => opts[:scope], :message => :timeout
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
5
|
Warden::Manager.before_logout do |record, warden, opts|
|
|
20
6
|
if record.respond_to?(:userbin_id)
|
|
21
7
|
begin
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_userbin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Johan Brissmyr
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-07-
|
|
11
|
+
date: 2014-07-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 1.1.
|
|
33
|
+
version: 1.1.2
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 1.1.
|
|
40
|
+
version: 1.1.2
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: bundler
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|