devise_userbin 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c04e4b8c1e1975622215e92d66d36465d27557e2
4
- data.tar.gz: 40416f06a0627fe5056b020c80d41c34eede76b5
3
+ metadata.gz: 7d51caed08ebe567de0412fb638d349a83008481
4
+ data.tar.gz: 13cef542ac371d9e65dafc5d27017e9010bf0455
5
5
  SHA512:
6
- metadata.gz: 7aa9ee588470e15e19fdd4e23efdf6fcbc8eb323293cb507267a23afb044866dfb2c1934ad93e208ca24f1918e0990792a930480d39719c389797749d8428f01
7
- data.tar.gz: 446bcad60762fd4338bf3bfa6c3dd4cbda2d05412cdddc4f77722a27332caa5fc0fd42f40e53434fff7f84c6e00f9f030dad0d01f622e550170dd916ce40b082
6
+ metadata.gz: 758e64f1d08563a3b0fac3200f6a9961ab1cde7bc7d4524b9433e32d5fed4d2b694e41e40dbfe8b30d6bf819a419e005fdb2b369207d93a40757a1897205a510
7
+ data.tar.gz: 74013028367c4bf340f526d7b7f88533a480d8c96082e9fdefacb8d251d457bb917483660fcb57eb05a136d3ba9f647ed5e0e5fb52131e8d2f0159b5051fdeb9
@@ -1,35 +1,36 @@
1
1
  class Devise::DeviseUserbinController < DeviseController
2
2
  include Devise::Controllers::Helpers
3
3
 
4
+ before_filter :return_not_found, except: :new
5
+
4
6
  before_filter do
5
- # This controller should only be reachable when two-factor is in progress
6
- unless env['userbin'].two_factor_in_progress?
7
- redirect_to after_sign_in_path_for(resource_name)
8
- end
7
+ env['userbin.skip_authorization'] = true
9
8
  end
10
9
 
11
- def show
10
+ def new
11
+ challenge = env['userbin'].challenges.create
12
+ redirect_to edit_user_two_factor_authentication_path(challenge.id) # todo:
13
+ end
14
+
15
+ def edit
16
+ @challenge = env['userbin'].challenges.find(params[:id])
17
+
18
+ # Prevent "undefined method `errors' for nil:NilClass"
12
19
  self.resource = resource_class.new
13
20
  end
14
21
 
15
22
  def update
16
- render :show and return if params[:code].nil?
23
+ challenge_id = params.require(:challenge_id)
24
+ code = params.require(:code)
17
25
 
18
- Devise.mappings.keys.flatten.any? do |scope|
19
- begin
20
- env['userbin'].two_factor_verify(params[:code])
26
+ begin
27
+ env['userbin'].challenges.verify(challenge_id, response: code)
21
28
 
22
- set_flash_message :notice, :success
29
+ Devise.mappings.keys.flatten.any? do |scope|
23
30
  redirect_to after_sign_in_path_for(scope)
24
- rescue Userbin::UserUnauthorizedError => error
25
- set_flash_message :alert, :failed
26
- self.resource = resource_class.new
27
- respond_with_navigational(resource_name) { render :show }
28
- rescue Userbin::ForbiddenError => error
29
- sign_out_with_message(:no_retries_remaining, :alert)
30
- rescue Userbin::Error => error
31
- sign_out_with_message(:error, :alert)
32
31
  end
32
+ rescue Userbin::Error => error
33
+ sign_out_with_message(:no_retries_remaining, :alert)
33
34
  end
34
35
  end
35
36
 
@@ -41,4 +42,12 @@ class Devise::DeviseUserbinController < DeviseController
41
42
  redirect_to after_sign_out_path_for(resource_name)
42
43
  end
43
44
 
45
+ private
46
+
47
+ def return_not_found
48
+ unless env['userbin'].mfa_in_progress?
49
+ redirect_to after_sign_in_path_for(resource_name)
50
+ end
51
+ end
52
+
44
53
  end
@@ -5,9 +5,9 @@
5
5
  <%= form_tag([resource_name, :two_factor_authentication], :method => :put) do %>
6
6
  <%= devise_error_messages! %>
7
7
  <p><%= label_tag :code, t("devise.two_factor_authentication.show.code_label") %><br />
8
- <%= text_field_tag :code %></p>
8
+ <%= text_field_tag :code %>
9
+ <%= hidden_field_tag(:challenge_id, @challenge.id) %>
9
10
  <p><%= submit_tag t("devise.two_factor_authentication.show.submit_button") %></p>
10
11
  <% end -%>
11
12
 
12
- <p><%= t "devise.two_factor_authentication.show.recovery_message" %><br />
13
- <%= link_to t("devise.two_factor_authentication.show.recovery_action"), [resource_name, :two_factor_recovery] %></p>
13
+ <p><%= t "devise.two_factor_authentication.show.recovery_message" %>
@@ -4,72 +4,26 @@ module DeviseUserbin
4
4
  extend ActiveSupport::Concern
5
5
 
6
6
  included do
7
- before_filter :authorize_resource
8
- before_filter :handle_two_factor_authentication
9
- end
10
-
11
- private
12
-
13
- def authorize_resource
14
- Devise.mappings.keys.flatten.any? do |scope|
15
- if signed_in?(scope)
16
- begin
17
- env['userbin'].authorize
18
- rescue Userbin::RequestError
19
- # ignore that the API is unreachable
20
- rescue Userbin::Error
21
- warden.logout(scope)
22
- throw :warden, :scope => scope, :message => :signed_out
23
- end
7
+ rescue_from Userbin::UserUnauthorizedError do |error|
8
+ Devise.mappings.keys.flatten.any? do |scope|
9
+ warden.logout(scope)
10
+ throw :warden, :scope => scope, :message => :signed_out
24
11
  end
25
12
  end
26
- end
27
13
 
28
- def handle_two_factor_authentication
29
- if !devise_controller?
14
+ rescue_from Userbin::ChallengeRequiredError do |error|
30
15
  Devise.mappings.keys.flatten.any? do |scope|
31
- if signed_in?(scope) && env['userbin'].authorized?
32
-
33
- # Log out if leaving the two-factor page
34
- if env['userbin'].two_factor_in_progress? &&
35
- controller_name != 'two_factor_authentication' &&
36
- controller_name != 'two_factor_recovery'
37
- warden.logout(scope)
38
- throw :warden, :scope => scope
39
- end
40
-
41
- begin
42
- factor = env['userbin'].two_factor_authenticate!
43
-
44
- # Show form and message specific to the current factor
45
- case factor
46
- when :authenticator, :yubikey
47
- handle_required_two_factor_authentication(scope)
48
- end
49
- rescue Userbin::Error
50
- warden.logout(scope)
51
- throw :warden, :scope => scope, :message => :signed_out
52
- end
16
+ if request.format.present? and request.format.html?
17
+ session["#{scope}_return_to"] = request.path if request.get?
18
+ # todo: doesn't seem to work
19
+ redirect_to send("new_#{scope}_two_factor_authentication_path")
20
+ else
21
+ render nothing: true, status: :unauthorized
53
22
  end
54
23
  end
55
24
  end
56
25
  end
57
26
 
58
- def handle_required_two_factor_authentication(scope)
59
- if request.format.present? and request.format.html?
60
- session["#{scope}_return_to"] = request.path if request.get?
61
- redirect_to two_factor_authentication_path_for(scope)
62
- else
63
- render nothing: true, status: :unauthorized
64
- end
65
- end
66
-
67
- def two_factor_authentication_path_for(resource_or_scope = nil)
68
- scope = Devise::Mapping.find_scope!(resource_or_scope)
69
- change_path = "#{scope}_two_factor_authentication_path"
70
- send(change_path)
71
- end
72
-
73
27
  end
74
28
  end
75
29
  end
@@ -2,18 +2,22 @@ Warden::Manager.on_request do |warden|
2
2
  warden.request.env['userbin'] = Userbin::Client.new(warden.request)
3
3
  end
4
4
 
5
- Warden::Manager.after_authentication do |record, warden, opts|
5
+ Warden::Manager.before_logout do |record, warden, opts|
6
6
  if record.respond_to?(:userbin_id)
7
- warden.request.env['userbin'].login(
8
- record._userbin_id, email: record.email)
7
+ warden.request.env['userbin'].logout
9
8
  end
10
9
  end
11
10
 
12
- Warden::Manager.before_logout do |record, warden, opts|
11
+ Warden::Manager.after_set_user :except => :fetch do |record, warden, opts|
12
+ if record.respond_to?(:userbin_id)
13
+ env = warden.request.env
14
+ env['userbin'].login(record._userbin_id, email: record.email)
15
+ end
16
+ end
17
+
18
+ Warden::Manager.after_set_user do |record, warden, opts|
13
19
  if record.respond_to?(:userbin_id)
14
- begin
15
- userbin = warden.request.env['userbin']
16
- userbin.logout
17
- rescue Userbin::Error; end
20
+ env = warden.request.env
21
+ env['userbin'].authorize! unless env['userbin.skip_authorization']
18
22
  end
19
23
  end
@@ -3,9 +3,7 @@ module ActionDispatch::Routing
3
3
  protected
4
4
 
5
5
  def devise_userbin(mapping, controllers)
6
- resource :two_factor_authentication, :only => [:show, :update], :path => mapping.path_names[:two_factor_authentication], :controller => controllers[:two_factor_authentication]
7
-
8
- resource :two_factor_recovery, :only => [:show, :update], :path => mapping.path_names[:two_factor_recovery], :controller => controllers[:two_factor_recovery]
6
+ resources :two_factor_authentication, :only => [:new, :show, :update, :edit], :path => mapping.path_names[:two_factor_authentication], :controller => controllers[:two_factor_authentication]
9
7
 
10
8
  resource :security_settings, :only => [:show], :path => mapping.path_names[:security_settings], :controller => controllers[:security_settings]
11
9
  end
@@ -1,3 +1,3 @@
1
1
  module DeviseUserbin
2
- VERSION = "0.3.0".freeze
2
+ VERSION = "0.5.0".freeze
3
3
  end
@@ -12,7 +12,6 @@ module DeviseUserbin
12
12
  source_root File.expand_path("../../../../app/views/devise", __FILE__)
13
13
  def copy_views
14
14
  view_directory :two_factor_authentication
15
- view_directory :two_factor_recovery
16
15
  end
17
16
  end
18
17
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_userbin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Brissmyr
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-10-02 00:00:00.000000000 Z
11
+ date: 2014-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -90,9 +90,7 @@ files:
90
90
  - app/controllers/devise/devise_userbin_controller.rb
91
91
  - app/controllers/devise/security_settings_controller.rb
92
92
  - app/controllers/devise/two_factor_authentication_controller.rb
93
- - app/controllers/devise/two_factor_recovery_controller.rb
94
- - app/views/devise/two_factor_authentication/show.html.erb
95
- - app/views/devise/two_factor_recovery/show.html.erb
93
+ - app/views/devise/two_factor_authentication/edit.html.erb
96
94
  - lib/devise_userbin.rb
97
95
  - lib/devise_userbin/controllers/helpers.rb
98
96
  - lib/devise_userbin/controllers/view_helpers.rb
@@ -1,3 +0,0 @@
1
- module Devise
2
- class TwoFactorRecoveryController < DeviseUserbinController; end
3
- end
@@ -1,10 +0,0 @@
1
- <h2><%= t "devise.two_factor_recovery.show.header" %></h2>
2
-
3
- <%= form_tag([resource_name, :two_factor_recovery], :method => :put) do %>
4
- <%= devise_error_messages! %>
5
- <p><%= label_tag :code, t("devise.two_factor_recovery.show.code_label")%><br />
6
- <%= text_field_tag :code %></p>
7
- <p><%= submit_tag t("devise.two_factor_recovery.show.submit_button") %></p>
8
- <% end -%>
9
-
10
- <p><%= t "devise.two_factor_recovery.show.message" %></p>