devise_userbin 0.3.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/devise/devise_userbin_controller.rb +27 -18
- data/app/views/devise/two_factor_authentication/{show.html.erb → edit.html.erb} +3 -3
- data/lib/devise_userbin/controllers/helpers.rb +11 -57
- data/lib/devise_userbin/hooks.rb +12 -8
- data/lib/devise_userbin/routes.rb +1 -3
- data/lib/devise_userbin/version.rb +1 -1
- data/lib/generators/devise_userbin/views_generator.rb +0 -1
- metadata +3 -5
- data/app/controllers/devise/two_factor_recovery_controller.rb +0 -3
- data/app/views/devise/two_factor_recovery/show.html.erb +0 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7d51caed08ebe567de0412fb638d349a83008481
|
4
|
+
data.tar.gz: 13cef542ac371d9e65dafc5d27017e9010bf0455
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 758e64f1d08563a3b0fac3200f6a9961ab1cde7bc7d4524b9433e32d5fed4d2b694e41e40dbfe8b30d6bf819a419e005fdb2b369207d93a40757a1897205a510
|
7
|
+
data.tar.gz: 74013028367c4bf340f526d7b7f88533a480d8c96082e9fdefacb8d251d457bb917483660fcb57eb05a136d3ba9f647ed5e0e5fb52131e8d2f0159b5051fdeb9
|
@@ -1,35 +1,36 @@
|
|
1
1
|
class Devise::DeviseUserbinController < DeviseController
|
2
2
|
include Devise::Controllers::Helpers
|
3
3
|
|
4
|
+
before_filter :return_not_found, except: :new
|
5
|
+
|
4
6
|
before_filter do
|
5
|
-
|
6
|
-
unless env['userbin'].two_factor_in_progress?
|
7
|
-
redirect_to after_sign_in_path_for(resource_name)
|
8
|
-
end
|
7
|
+
env['userbin.skip_authorization'] = true
|
9
8
|
end
|
10
9
|
|
11
|
-
def
|
10
|
+
def new
|
11
|
+
challenge = env['userbin'].challenges.create
|
12
|
+
redirect_to edit_user_two_factor_authentication_path(challenge.id) # todo:
|
13
|
+
end
|
14
|
+
|
15
|
+
def edit
|
16
|
+
@challenge = env['userbin'].challenges.find(params[:id])
|
17
|
+
|
18
|
+
# Prevent "undefined method `errors' for nil:NilClass"
|
12
19
|
self.resource = resource_class.new
|
13
20
|
end
|
14
21
|
|
15
22
|
def update
|
16
|
-
|
23
|
+
challenge_id = params.require(:challenge_id)
|
24
|
+
code = params.require(:code)
|
17
25
|
|
18
|
-
|
19
|
-
|
20
|
-
env['userbin'].two_factor_verify(params[:code])
|
26
|
+
begin
|
27
|
+
env['userbin'].challenges.verify(challenge_id, response: code)
|
21
28
|
|
22
|
-
|
29
|
+
Devise.mappings.keys.flatten.any? do |scope|
|
23
30
|
redirect_to after_sign_in_path_for(scope)
|
24
|
-
rescue Userbin::UserUnauthorizedError => error
|
25
|
-
set_flash_message :alert, :failed
|
26
|
-
self.resource = resource_class.new
|
27
|
-
respond_with_navigational(resource_name) { render :show }
|
28
|
-
rescue Userbin::ForbiddenError => error
|
29
|
-
sign_out_with_message(:no_retries_remaining, :alert)
|
30
|
-
rescue Userbin::Error => error
|
31
|
-
sign_out_with_message(:error, :alert)
|
32
31
|
end
|
32
|
+
rescue Userbin::Error => error
|
33
|
+
sign_out_with_message(:no_retries_remaining, :alert)
|
33
34
|
end
|
34
35
|
end
|
35
36
|
|
@@ -41,4 +42,12 @@ class Devise::DeviseUserbinController < DeviseController
|
|
41
42
|
redirect_to after_sign_out_path_for(resource_name)
|
42
43
|
end
|
43
44
|
|
45
|
+
private
|
46
|
+
|
47
|
+
def return_not_found
|
48
|
+
unless env['userbin'].mfa_in_progress?
|
49
|
+
redirect_to after_sign_in_path_for(resource_name)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
44
53
|
end
|
@@ -5,9 +5,9 @@
|
|
5
5
|
<%= form_tag([resource_name, :two_factor_authentication], :method => :put) do %>
|
6
6
|
<%= devise_error_messages! %>
|
7
7
|
<p><%= label_tag :code, t("devise.two_factor_authentication.show.code_label") %><br />
|
8
|
-
<%= text_field_tag :code
|
8
|
+
<%= text_field_tag :code %>
|
9
|
+
<%= hidden_field_tag(:challenge_id, @challenge.id) %>
|
9
10
|
<p><%= submit_tag t("devise.two_factor_authentication.show.submit_button") %></p>
|
10
11
|
<% end -%>
|
11
12
|
|
12
|
-
<p><%= t "devise.two_factor_authentication.show.recovery_message"
|
13
|
-
<%= link_to t("devise.two_factor_authentication.show.recovery_action"), [resource_name, :two_factor_recovery] %></p>
|
13
|
+
<p><%= t "devise.two_factor_authentication.show.recovery_message" %>
|
@@ -4,72 +4,26 @@ module DeviseUserbin
|
|
4
4
|
extend ActiveSupport::Concern
|
5
5
|
|
6
6
|
included do
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
private
|
12
|
-
|
13
|
-
def authorize_resource
|
14
|
-
Devise.mappings.keys.flatten.any? do |scope|
|
15
|
-
if signed_in?(scope)
|
16
|
-
begin
|
17
|
-
env['userbin'].authorize
|
18
|
-
rescue Userbin::RequestError
|
19
|
-
# ignore that the API is unreachable
|
20
|
-
rescue Userbin::Error
|
21
|
-
warden.logout(scope)
|
22
|
-
throw :warden, :scope => scope, :message => :signed_out
|
23
|
-
end
|
7
|
+
rescue_from Userbin::UserUnauthorizedError do |error|
|
8
|
+
Devise.mappings.keys.flatten.any? do |scope|
|
9
|
+
warden.logout(scope)
|
10
|
+
throw :warden, :scope => scope, :message => :signed_out
|
24
11
|
end
|
25
12
|
end
|
26
|
-
end
|
27
13
|
|
28
|
-
|
29
|
-
if !devise_controller?
|
14
|
+
rescue_from Userbin::ChallengeRequiredError do |error|
|
30
15
|
Devise.mappings.keys.flatten.any? do |scope|
|
31
|
-
if
|
32
|
-
|
33
|
-
#
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
warden.logout(scope)
|
38
|
-
throw :warden, :scope => scope
|
39
|
-
end
|
40
|
-
|
41
|
-
begin
|
42
|
-
factor = env['userbin'].two_factor_authenticate!
|
43
|
-
|
44
|
-
# Show form and message specific to the current factor
|
45
|
-
case factor
|
46
|
-
when :authenticator, :yubikey
|
47
|
-
handle_required_two_factor_authentication(scope)
|
48
|
-
end
|
49
|
-
rescue Userbin::Error
|
50
|
-
warden.logout(scope)
|
51
|
-
throw :warden, :scope => scope, :message => :signed_out
|
52
|
-
end
|
16
|
+
if request.format.present? and request.format.html?
|
17
|
+
session["#{scope}_return_to"] = request.path if request.get?
|
18
|
+
# todo: doesn't seem to work
|
19
|
+
redirect_to send("new_#{scope}_two_factor_authentication_path")
|
20
|
+
else
|
21
|
+
render nothing: true, status: :unauthorized
|
53
22
|
end
|
54
23
|
end
|
55
24
|
end
|
56
25
|
end
|
57
26
|
|
58
|
-
def handle_required_two_factor_authentication(scope)
|
59
|
-
if request.format.present? and request.format.html?
|
60
|
-
session["#{scope}_return_to"] = request.path if request.get?
|
61
|
-
redirect_to two_factor_authentication_path_for(scope)
|
62
|
-
else
|
63
|
-
render nothing: true, status: :unauthorized
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
def two_factor_authentication_path_for(resource_or_scope = nil)
|
68
|
-
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
69
|
-
change_path = "#{scope}_two_factor_authentication_path"
|
70
|
-
send(change_path)
|
71
|
-
end
|
72
|
-
|
73
27
|
end
|
74
28
|
end
|
75
29
|
end
|
data/lib/devise_userbin/hooks.rb
CHANGED
@@ -2,18 +2,22 @@ Warden::Manager.on_request do |warden|
|
|
2
2
|
warden.request.env['userbin'] = Userbin::Client.new(warden.request)
|
3
3
|
end
|
4
4
|
|
5
|
-
Warden::Manager.
|
5
|
+
Warden::Manager.before_logout do |record, warden, opts|
|
6
6
|
if record.respond_to?(:userbin_id)
|
7
|
-
warden.request.env['userbin'].
|
8
|
-
record._userbin_id, email: record.email)
|
7
|
+
warden.request.env['userbin'].logout
|
9
8
|
end
|
10
9
|
end
|
11
10
|
|
12
|
-
Warden::Manager.
|
11
|
+
Warden::Manager.after_set_user :except => :fetch do |record, warden, opts|
|
12
|
+
if record.respond_to?(:userbin_id)
|
13
|
+
env = warden.request.env
|
14
|
+
env['userbin'].login(record._userbin_id, email: record.email)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
Warden::Manager.after_set_user do |record, warden, opts|
|
13
19
|
if record.respond_to?(:userbin_id)
|
14
|
-
|
15
|
-
|
16
|
-
userbin.logout
|
17
|
-
rescue Userbin::Error; end
|
20
|
+
env = warden.request.env
|
21
|
+
env['userbin'].authorize! unless env['userbin.skip_authorization']
|
18
22
|
end
|
19
23
|
end
|
@@ -3,9 +3,7 @@ module ActionDispatch::Routing
|
|
3
3
|
protected
|
4
4
|
|
5
5
|
def devise_userbin(mapping, controllers)
|
6
|
-
|
7
|
-
|
8
|
-
resource :two_factor_recovery, :only => [:show, :update], :path => mapping.path_names[:two_factor_recovery], :controller => controllers[:two_factor_recovery]
|
6
|
+
resources :two_factor_authentication, :only => [:new, :show, :update, :edit], :path => mapping.path_names[:two_factor_authentication], :controller => controllers[:two_factor_authentication]
|
9
7
|
|
10
8
|
resource :security_settings, :only => [:show], :path => mapping.path_names[:security_settings], :controller => controllers[:security_settings]
|
11
9
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_userbin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Johan Brissmyr
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-10-
|
11
|
+
date: 2014-10-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: devise
|
@@ -90,9 +90,7 @@ files:
|
|
90
90
|
- app/controllers/devise/devise_userbin_controller.rb
|
91
91
|
- app/controllers/devise/security_settings_controller.rb
|
92
92
|
- app/controllers/devise/two_factor_authentication_controller.rb
|
93
|
-
- app/
|
94
|
-
- app/views/devise/two_factor_authentication/show.html.erb
|
95
|
-
- app/views/devise/two_factor_recovery/show.html.erb
|
93
|
+
- app/views/devise/two_factor_authentication/edit.html.erb
|
96
94
|
- lib/devise_userbin.rb
|
97
95
|
- lib/devise_userbin/controllers/helpers.rb
|
98
96
|
- lib/devise_userbin/controllers/view_helpers.rb
|
@@ -1,10 +0,0 @@
|
|
1
|
-
<h2><%= t "devise.two_factor_recovery.show.header" %></h2>
|
2
|
-
|
3
|
-
<%= form_tag([resource_name, :two_factor_recovery], :method => :put) do %>
|
4
|
-
<%= devise_error_messages! %>
|
5
|
-
<p><%= label_tag :code, t("devise.two_factor_recovery.show.code_label")%><br />
|
6
|
-
<%= text_field_tag :code %></p>
|
7
|
-
<p><%= submit_tag t("devise.two_factor_recovery.show.submit_button") %></p>
|
8
|
-
<% end -%>
|
9
|
-
|
10
|
-
<p><%= t "devise.two_factor_recovery.show.message" %></p>
|