devise_userbin 0.2.0 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 71f002bedf94193a3be8c19a48c92c1e31288c5e
4
- data.tar.gz: cd8ee013cb8ff1c4915b29bc7fcf4761db799aff
3
+ metadata.gz: 35015f1621c2543741995220d6fe872bdead9bd2
4
+ data.tar.gz: 5cefc818af46d4e8583260a33156e400064b8f59
5
5
  SHA512:
6
- metadata.gz: 58e57d7da0e13a6d88e06f007f73e26e8deefc865e24a4ec2baf2777ab3949e0a16719790b23bf043833bb1d884d879246483a888433dfbe37db82ecb405704b
7
- data.tar.gz: f0b4b273c918a6c5812dc0da9c9d8313dac3b06be65261f6bbee05a3a867aae9f8a6c1b6ec88b02e72702cab36687ca80f8b1726a0152bb5c151642364e403cc
6
+ metadata.gz: 9157e336e309ec819ab20e8bd6d59bb1459d04caf2dfaf0cac7111007e4d933437313b2ec51d9f2deb8976ec600b2796af0bfc66698481f7b3eda03e10853048
7
+ data.tar.gz: b2e40e0014f884cee4801450fe6f937f0e7574274513d51beb8318ce5116c27608e9445cf67241936b73cd2fe22beb4d0f4b5a87d545dc74f90cbb629ad690f2
@@ -1,6 +1,13 @@
1
1
  class Devise::DeviseUserbinController < DeviseController
2
2
  include Devise::Controllers::Helpers
3
3
 
4
+ before_filter do
5
+ # This controller should only be reachable when two-factor is in progress
6
+ unless env['userbin'].two_factor_in_progress?
7
+ redirect_to after_sign_in_path_for(resource_name)
8
+ end
9
+ end
10
+
4
11
  def show
5
12
  self.resource = resource_class.new
6
13
  end
@@ -10,7 +17,6 @@ class Devise::DeviseUserbinController < DeviseController
10
17
 
11
18
  Devise.mappings.keys.flatten.any? do |scope|
12
19
  begin
13
- send("current_#{scope_name}") # initialize after_set_user in warden
14
20
  env['userbin'].two_factor_verify(params[:code])
15
21
 
16
22
  set_flash_message :notice, :success
@@ -19,7 +25,7 @@ class Devise::DeviseUserbinController < DeviseController
19
25
  set_flash_message :alert, :failed
20
26
  self.resource = resource_class.new
21
27
  respond_with_navigational(resource_name) { render :show }
22
- rescue Userbin::Forbidden => error
28
+ rescue Userbin::ForbiddenError => error
23
29
  sign_out_with_message(:no_retries_remaining, :alert)
24
30
  rescue Userbin::Error => error
25
31
  sign_out_with_message(:error, :alert)
@@ -11,5 +11,3 @@
11
11
 
12
12
  <p><%= t "devise.two_factor_authentication.show.recovery_message" %><br />
13
13
  <%= link_to t("devise.two_factor_authentication.show.recovery_action"), [resource_name, :two_factor_recovery] %></p>
14
-
15
- <%= link_to "Sign out", destroy_session_path(resource_name), :method => Devise.sign_out_via %>
@@ -4,15 +4,41 @@ module DeviseUserbin
4
4
  extend ActiveSupport::Concern
5
5
 
6
6
  included do
7
+ before_filter :authorize_resource
7
8
  before_filter :handle_two_factor_authentication
8
9
  end
9
10
 
10
11
  private
11
12
 
13
+ def authorize_resource
14
+ Devise.mappings.keys.flatten.any? do |scope|
15
+ if signed_in?(scope)
16
+ resource = send("current_#{scope}")
17
+
18
+ begin
19
+ env['userbin'].authorize!(
20
+ resource._userbin_id, email: resource.email)
21
+ rescue Userbin::Error
22
+ warden.logout(scope)
23
+ throw :warden, :scope => scope, :message => :signed_out
24
+ end
25
+ end
26
+ end
27
+ end
28
+
12
29
  def handle_two_factor_authentication
13
- if !devise_controller? && env['userbin'].authorized?
30
+ if !devise_controller?
14
31
  Devise.mappings.keys.flatten.any? do |scope|
15
- if signed_in?(scope)
32
+ if signed_in?(scope) && env['userbin'].authorized?
33
+
34
+ # Log out if leaving the two-factor page
35
+ if env['userbin'].two_factor_in_progress? &&
36
+ controller_name != 'two_factor_authentication' &&
37
+ controller_name != 'two_factor_recovery'
38
+ warden.logout(scope)
39
+ throw :warden, :scope => scope
40
+ end
41
+
16
42
  begin
17
43
  factor = env['userbin'].two_factor_authenticate!
18
44
 
@@ -21,7 +47,9 @@ module DeviseUserbin
21
47
  when :authenticator
22
48
  handle_required_two_factor_authentication(scope)
23
49
  end
24
- rescue Userbin::Error # ignore for now
50
+ rescue Userbin::Error
51
+ warden.logout(scope)
52
+ throw :warden, :scope => scope, :message => :signed_out
25
53
  end
26
54
  end
27
55
  end
@@ -2,20 +2,6 @@ Warden::Manager.on_request do |warden|
2
2
  warden.request.env['userbin'] = Userbin::Client.new(warden.request)
3
3
  end
4
4
 
5
- # Everytime current_<scope> is prepared
6
- #
7
- Warden::Manager.after_set_user :only => :fetch do |record, warden, opts|
8
- if record.respond_to?(:_userbin_id)
9
- begin
10
- userbin = warden.request.env['userbin']
11
- userbin.authorize!(record._userbin_id, { email: record.email })
12
- rescue Userbin::Error
13
- warden.logout(opts[:scope])
14
- throw :warden, :scope => opts[:scope], :message => :timeout
15
- end
16
- end
17
- end
18
-
19
5
  Warden::Manager.before_logout do |record, warden, opts|
20
6
  if record.respond_to?(:userbin_id)
21
7
  begin
@@ -1,3 +1,3 @@
1
1
  module DeviseUserbin
2
- VERSION = "0.2.0".freeze
2
+ VERSION = "0.2.2".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_userbin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Brissmyr
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-07-12 00:00:00.000000000 Z
11
+ date: 2014-07-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.1.1
33
+ version: 1.1.2
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.1.1
40
+ version: 1.1.2
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bundler
43
43
  requirement: !ruby/object:Gem::Requirement