devise_userbin 0.3.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c04e4b8c1e1975622215e92d66d36465d27557e2
4
- data.tar.gz: 40416f06a0627fe5056b020c80d41c34eede76b5
3
+ metadata.gz: 7d51caed08ebe567de0412fb638d349a83008481
4
+ data.tar.gz: 13cef542ac371d9e65dafc5d27017e9010bf0455
5
5
  SHA512:
6
- metadata.gz: 7aa9ee588470e15e19fdd4e23efdf6fcbc8eb323293cb507267a23afb044866dfb2c1934ad93e208ca24f1918e0990792a930480d39719c389797749d8428f01
7
- data.tar.gz: 446bcad60762fd4338bf3bfa6c3dd4cbda2d05412cdddc4f77722a27332caa5fc0fd42f40e53434fff7f84c6e00f9f030dad0d01f622e550170dd916ce40b082
6
+ metadata.gz: 758e64f1d08563a3b0fac3200f6a9961ab1cde7bc7d4524b9433e32d5fed4d2b694e41e40dbfe8b30d6bf819a419e005fdb2b369207d93a40757a1897205a510
7
+ data.tar.gz: 74013028367c4bf340f526d7b7f88533a480d8c96082e9fdefacb8d251d457bb917483660fcb57eb05a136d3ba9f647ed5e0e5fb52131e8d2f0159b5051fdeb9
@@ -1,35 +1,36 @@
1
1
  class Devise::DeviseUserbinController < DeviseController
2
2
  include Devise::Controllers::Helpers
3
3
 
4
+ before_filter :return_not_found, except: :new
5
+
4
6
  before_filter do
5
- # This controller should only be reachable when two-factor is in progress
6
- unless env['userbin'].two_factor_in_progress?
7
- redirect_to after_sign_in_path_for(resource_name)
8
- end
7
+ env['userbin.skip_authorization'] = true
9
8
  end
10
9
 
11
- def show
10
+ def new
11
+ challenge = env['userbin'].challenges.create
12
+ redirect_to edit_user_two_factor_authentication_path(challenge.id) # todo:
13
+ end
14
+
15
+ def edit
16
+ @challenge = env['userbin'].challenges.find(params[:id])
17
+
18
+ # Prevent "undefined method `errors' for nil:NilClass"
12
19
  self.resource = resource_class.new
13
20
  end
14
21
 
15
22
  def update
16
- render :show and return if params[:code].nil?
23
+ challenge_id = params.require(:challenge_id)
24
+ code = params.require(:code)
17
25
 
18
- Devise.mappings.keys.flatten.any? do |scope|
19
- begin
20
- env['userbin'].two_factor_verify(params[:code])
26
+ begin
27
+ env['userbin'].challenges.verify(challenge_id, response: code)
21
28
 
22
- set_flash_message :notice, :success
29
+ Devise.mappings.keys.flatten.any? do |scope|
23
30
  redirect_to after_sign_in_path_for(scope)
24
- rescue Userbin::UserUnauthorizedError => error
25
- set_flash_message :alert, :failed
26
- self.resource = resource_class.new
27
- respond_with_navigational(resource_name) { render :show }
28
- rescue Userbin::ForbiddenError => error
29
- sign_out_with_message(:no_retries_remaining, :alert)
30
- rescue Userbin::Error => error
31
- sign_out_with_message(:error, :alert)
32
31
  end
32
+ rescue Userbin::Error => error
33
+ sign_out_with_message(:no_retries_remaining, :alert)
33
34
  end
34
35
  end
35
36
 
@@ -41,4 +42,12 @@ class Devise::DeviseUserbinController < DeviseController
41
42
  redirect_to after_sign_out_path_for(resource_name)
42
43
  end
43
44
 
45
+ private
46
+
47
+ def return_not_found
48
+ unless env['userbin'].mfa_in_progress?
49
+ redirect_to after_sign_in_path_for(resource_name)
50
+ end
51
+ end
52
+
44
53
  end
@@ -5,9 +5,9 @@
5
5
  <%= form_tag([resource_name, :two_factor_authentication], :method => :put) do %>
6
6
  <%= devise_error_messages! %>
7
7
  <p><%= label_tag :code, t("devise.two_factor_authentication.show.code_label") %><br />
8
- <%= text_field_tag :code %></p>
8
+ <%= text_field_tag :code %>
9
+ <%= hidden_field_tag(:challenge_id, @challenge.id) %>
9
10
  <p><%= submit_tag t("devise.two_factor_authentication.show.submit_button") %></p>
10
11
  <% end -%>
11
12
 
12
- <p><%= t "devise.two_factor_authentication.show.recovery_message" %><br />
13
- <%= link_to t("devise.two_factor_authentication.show.recovery_action"), [resource_name, :two_factor_recovery] %></p>
13
+ <p><%= t "devise.two_factor_authentication.show.recovery_message" %>
@@ -4,72 +4,26 @@ module DeviseUserbin
4
4
  extend ActiveSupport::Concern
5
5
 
6
6
  included do
7
- before_filter :authorize_resource
8
- before_filter :handle_two_factor_authentication
9
- end
10
-
11
- private
12
-
13
- def authorize_resource
14
- Devise.mappings.keys.flatten.any? do |scope|
15
- if signed_in?(scope)
16
- begin
17
- env['userbin'].authorize
18
- rescue Userbin::RequestError
19
- # ignore that the API is unreachable
20
- rescue Userbin::Error
21
- warden.logout(scope)
22
- throw :warden, :scope => scope, :message => :signed_out
23
- end
7
+ rescue_from Userbin::UserUnauthorizedError do |error|
8
+ Devise.mappings.keys.flatten.any? do |scope|
9
+ warden.logout(scope)
10
+ throw :warden, :scope => scope, :message => :signed_out
24
11
  end
25
12
  end
26
- end
27
13
 
28
- def handle_two_factor_authentication
29
- if !devise_controller?
14
+ rescue_from Userbin::ChallengeRequiredError do |error|
30
15
  Devise.mappings.keys.flatten.any? do |scope|
31
- if signed_in?(scope) && env['userbin'].authorized?
32
-
33
- # Log out if leaving the two-factor page
34
- if env['userbin'].two_factor_in_progress? &&
35
- controller_name != 'two_factor_authentication' &&
36
- controller_name != 'two_factor_recovery'
37
- warden.logout(scope)
38
- throw :warden, :scope => scope
39
- end
40
-
41
- begin
42
- factor = env['userbin'].two_factor_authenticate!
43
-
44
- # Show form and message specific to the current factor
45
- case factor
46
- when :authenticator, :yubikey
47
- handle_required_two_factor_authentication(scope)
48
- end
49
- rescue Userbin::Error
50
- warden.logout(scope)
51
- throw :warden, :scope => scope, :message => :signed_out
52
- end
16
+ if request.format.present? and request.format.html?
17
+ session["#{scope}_return_to"] = request.path if request.get?
18
+ # todo: doesn't seem to work
19
+ redirect_to send("new_#{scope}_two_factor_authentication_path")
20
+ else
21
+ render nothing: true, status: :unauthorized
53
22
  end
54
23
  end
55
24
  end
56
25
  end
57
26
 
58
- def handle_required_two_factor_authentication(scope)
59
- if request.format.present? and request.format.html?
60
- session["#{scope}_return_to"] = request.path if request.get?
61
- redirect_to two_factor_authentication_path_for(scope)
62
- else
63
- render nothing: true, status: :unauthorized
64
- end
65
- end
66
-
67
- def two_factor_authentication_path_for(resource_or_scope = nil)
68
- scope = Devise::Mapping.find_scope!(resource_or_scope)
69
- change_path = "#{scope}_two_factor_authentication_path"
70
- send(change_path)
71
- end
72
-
73
27
  end
74
28
  end
75
29
  end
@@ -2,18 +2,22 @@ Warden::Manager.on_request do |warden|
2
2
  warden.request.env['userbin'] = Userbin::Client.new(warden.request)
3
3
  end
4
4
 
5
- Warden::Manager.after_authentication do |record, warden, opts|
5
+ Warden::Manager.before_logout do |record, warden, opts|
6
6
  if record.respond_to?(:userbin_id)
7
- warden.request.env['userbin'].login(
8
- record._userbin_id, email: record.email)
7
+ warden.request.env['userbin'].logout
9
8
  end
10
9
  end
11
10
 
12
- Warden::Manager.before_logout do |record, warden, opts|
11
+ Warden::Manager.after_set_user :except => :fetch do |record, warden, opts|
12
+ if record.respond_to?(:userbin_id)
13
+ env = warden.request.env
14
+ env['userbin'].login(record._userbin_id, email: record.email)
15
+ end
16
+ end
17
+
18
+ Warden::Manager.after_set_user do |record, warden, opts|
13
19
  if record.respond_to?(:userbin_id)
14
- begin
15
- userbin = warden.request.env['userbin']
16
- userbin.logout
17
- rescue Userbin::Error; end
20
+ env = warden.request.env
21
+ env['userbin'].authorize! unless env['userbin.skip_authorization']
18
22
  end
19
23
  end
@@ -3,9 +3,7 @@ module ActionDispatch::Routing
3
3
  protected
4
4
 
5
5
  def devise_userbin(mapping, controllers)
6
- resource :two_factor_authentication, :only => [:show, :update], :path => mapping.path_names[:two_factor_authentication], :controller => controllers[:two_factor_authentication]
7
-
8
- resource :two_factor_recovery, :only => [:show, :update], :path => mapping.path_names[:two_factor_recovery], :controller => controllers[:two_factor_recovery]
6
+ resources :two_factor_authentication, :only => [:new, :show, :update, :edit], :path => mapping.path_names[:two_factor_authentication], :controller => controllers[:two_factor_authentication]
9
7
 
10
8
  resource :security_settings, :only => [:show], :path => mapping.path_names[:security_settings], :controller => controllers[:security_settings]
11
9
  end
@@ -1,3 +1,3 @@
1
1
  module DeviseUserbin
2
- VERSION = "0.3.0".freeze
2
+ VERSION = "0.5.0".freeze
3
3
  end
@@ -12,7 +12,6 @@ module DeviseUserbin
12
12
  source_root File.expand_path("../../../../app/views/devise", __FILE__)
13
13
  def copy_views
14
14
  view_directory :two_factor_authentication
15
- view_directory :two_factor_recovery
16
15
  end
17
16
  end
18
17
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_userbin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Brissmyr
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-10-02 00:00:00.000000000 Z
11
+ date: 2014-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -90,9 +90,7 @@ files:
90
90
  - app/controllers/devise/devise_userbin_controller.rb
91
91
  - app/controllers/devise/security_settings_controller.rb
92
92
  - app/controllers/devise/two_factor_authentication_controller.rb
93
- - app/controllers/devise/two_factor_recovery_controller.rb
94
- - app/views/devise/two_factor_authentication/show.html.erb
95
- - app/views/devise/two_factor_recovery/show.html.erb
93
+ - app/views/devise/two_factor_authentication/edit.html.erb
96
94
  - lib/devise_userbin.rb
97
95
  - lib/devise_userbin/controllers/helpers.rb
98
96
  - lib/devise_userbin/controllers/view_helpers.rb
@@ -1,3 +0,0 @@
1
- module Devise
2
- class TwoFactorRecoveryController < DeviseUserbinController; end
3
- end
@@ -1,10 +0,0 @@
1
- <h2><%= t "devise.two_factor_recovery.show.header" %></h2>
2
-
3
- <%= form_tag([resource_name, :two_factor_recovery], :method => :put) do %>
4
- <%= devise_error_messages! %>
5
- <p><%= label_tag :code, t("devise.two_factor_recovery.show.code_label")%><br />
6
- <%= text_field_tag :code %></p>
7
- <p><%= submit_tag t("devise.two_factor_recovery.show.submit_button") %></p>
8
- <% end -%>
9
-
10
- <p><%= t "devise.two_factor_recovery.show.message" %></p>