RubyGems - devise_xfactor_authentication - Versions diffs - 2.2.19 → 2.2.20 - Mend

devise_xfactor_authentication 2.2.19 → 2.2.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +26 -45
data/lib/devise_xfactor_authentication/models/devise_xfactor_authenticatable.rb +8 -4
data/lib/devise_xfactor_authentication/routes.rb +5 -1
data/lib/devise_xfactor_authentication/version.rb +1 -1
data/lib/devise_xfactor_authentication.rb +6 -0
metadata +69 -7

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 07d925008b1426aea691e15f43314e88f5f6ed578b1428c69f65dc53cce50f37
-  data.tar.gz: c1582a960c45683b155e98c2c2094a50c52931a1efbb11250e4ffb1c470fc7f6
+  metadata.gz: c2e0e41652b583da294f118a3a832491cabaedb746a2c4c829b7c08f144c996c
+  data.tar.gz: d49e9d7a75151ddcd14de47c686f04c1766002af5c6c8736b467564cda8ac10e
 SHA512:
-  metadata.gz: ac60b5f7f6937780f24cb67769f06ae04eccd775f2248fff627ed9e7c7739e07ef1adcaf2aea01c7f2d234866003a9b9a42fa7a3a328bf9cc3725f2853d3be2d
-  data.tar.gz: 1d77aab90c81599f6b9684d0777244540014ebb102d8196776a6e3bc4dd781097def9570781fa79b43aedaaf1e9e3062f975d26c164d0f0fb3a6c4ee5ed3a7a9
+  metadata.gz: 92ea75d1ec6728611935c4e648c1991605904da1e1a88903f026b8569d6d053678bd6e3a37a8e9a475b06aefa001325d86ac6a6d094cf25cc8481932a0e987b1
+  data.tar.gz: 251983220403608b5623fcff740dbd0704cb5ccc38cf63f7fc2e86681dd1ad65fbb6200bbcacf8ba445470558672894423ed15290552f58cb8c1a2a78ba2bc2f

data/README.md CHANGED Viewed

@@ -1,35 +1,40 @@
 # Two factor authentication for Devise
+## This is a fork of the orignal two_factor_authentication plugin for devise from Houdini/two_factor_authentication
+## It is currently under recombobulation, so a some of the below documentation is incorrect.
+## I will attept to have the readme redone on some level by 11/21/2022 - JP
+<!---
 [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/Houdini/two_factor_authentication?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 [![Build Status](https://travis-ci.org/Houdini/two_factor_authentication.svg?branch=master)](https://travis-ci.org/Houdini/two_factor_authentication)
 [![Code Climate](https://codeclimate.com/github/Houdini/two_factor_authentication.svg)](https://codeclimate.com/github/Houdini/two_factor_authentication)
+--->
-## Features
-* Support for 2 types of OTP codes
+## Features
+* Currently Supports sending of OTP codes directly to the user
+* Ability to turn on second factor autnenication on a per user basis
+<!-- * Support for 2 types of OTP codes
  1. Codes delivered directly to the user
- 2. TOTP (Google Authenticator) codes based on a shared secret (HMAC)
+ 2. TOTP (Google Authenticator) codes based on a shared secret (HMAC) -->
 * Configurable OTP code digit length
 * Configurable max login attempts
-* Customizable logic to determine if a user needs two factor authentication
+<!-- * Customizable logic to determine if a user needs two factor authentication -->
 * Configurable period where users won't be asked for 2FA again
-* Option to encrypt the TOTP secret in the database, with iv and salt
+<!--* Option to encrypt the TOTP secret in the database, with iv and salt -->
 ## Configuration
 ### Initial Setup
+Devise must be installed and set up.
 In a Rails environment, require the gem in your Gemfile:
-    gem 'two_factor_authentication'
+    gem 'devise_xfactor_authentication'
 Once that's done, run:
     bundle install
-Note that Ruby 2.1 or greater is required.
 ### Installation
 #### Automatic initial setup
@@ -37,10 +42,9 @@ Note that Ruby 2.1 or greater is required.
 To set up the model and database migration file automatically, run the
 following command:
-    bundle exec rails g two_factor_authentication MODEL
+  rails g two_factor_authentication MODEL
 Where MODEL is your model name (e.g. User or Admin). This generator will add
-`:two_factor_authenticatable` to your model's Devise options and create a
+`:devise_xfactor_authenticatable` to your model's Devise options and create a
 migration in `db/migrate/`, which will add the following columns to your table:
 - `:second_factor_attempts_count`
@@ -50,37 +54,10 @@ migration in `db/migrate/`, which will add the following columns to your table:
 - `:direct_otp`
 - `:direct_otp_sent_at`
 - `:totp_timestamp`
+- `:otp_secret_key`
+- `:uses_two_factor`
-#### Manual initial setup
-If you prefer to set up the model and migration manually, add the
-`:two_factor_authenticatable` option to your existing devise options, such as:
-```ruby
-devise :database_authenticatable, :registerable, :recoverable, :rememberable,
-       :trackable, :validatable, :two_factor_authenticatable
-```
-Then create your migration file using the Rails generator, such as:
-```
-rails g migration AddTwoFactorFieldsToUsers second_factor_attempts_count:integer encrypted_otp_secret_key:string:index encrypted_otp_secret_key_iv:string encrypted_otp_secret_key_salt:string direct_otp:string direct_otp_sent_at:datetime totp_timestamp:timestamp
-```
-Open your migration file (it will be in the `db/migrate` directory and will be
-named something like `20151230163930_add_two_factor_fields_to_users.rb`), and
-add `unique: true` to the `add_index` line so that it looks like this:
-```ruby
-add_index :users, :encrypted_otp_secret_key, unique: true
-```
-Save the file.
-#### Complete the setup
-Run the migration with:
-    bundle exec rake db:migrate
+  run: rake db:migrate
 Add the following line to your model to fully enable two-factor auth:
@@ -99,6 +76,11 @@ config.otp_secret_encryption_key = ENV['OTP_SECRET_ENCRYPTION_KEY']
 config.second_factor_resource_id = 'id' # Field or method name used to set value for 2fA remember cookie
 config.delete_cookie_on_logout = false # Delete cookie when user signs out, to force 2fA again on login
 ```
+You an also set some of them in your controller as follows an example for a User model:
+<!--
 The `otp_secret_encryption_key` must be a random key that is not stored in the
 DB, and is not checked in to your repo. It is recommended to store it in an
 environment variable, and you can generate it with `bundle exec rake secret`.
@@ -400,6 +382,5 @@ to set TOTP to DISABLED for a user account:
    current_user.direct_otp? => false
    current_user.totp_enabled? => false
    ```
+-->

data/lib/devise_xfactor_authentication/models/devise_xfactor_authenticatable.rb CHANGED Viewed

@@ -11,12 +11,14 @@ module Devise
         def has_one_time_password(options = {})
           include InstanceMethodsOnActivation
           include EncryptionInstanceMethods if options[:encrypted] == true
         end
         ::Devise::Models.config(
           self, :max_login_attempts, :allowed_otp_drift_seconds, :otp_length,
           :remember_otp_session_for_seconds, :otp_secret_encryption_key,
-          :direct_otp_length, :direct_otp_valid_for, :totp_timestamp, :delete_cookie_on_logout
+          :direct_otp_length, :direct_otp_valid_for, :totp_timestamp, :delete_cookie_on_logout,
+          :twilio_account_sid, :twilio_auth_token
         )
       end
@@ -104,6 +106,10 @@ module Devise
           )
         end
+        def direct_otp_expired?
+          Time.now.utc > direct_otp_sent_at + self.class.direct_otp_valid_for
+        end
         private
         def without_spaces(code)
@@ -114,9 +120,7 @@ module Devise
           SecureRandom.random_number(10**digits).to_s.rjust(digits, '0')
         end
-        def direct_otp_expired?
-          Time.now.utc > direct_otp_sent_at + self.class.direct_otp_valid_for
-        end
         def clear_direct_otp
           update(direct_otp: nil, direct_otp_sent_at: nil)

data/lib/devise_xfactor_authentication/routes.rb CHANGED Viewed

@@ -3,8 +3,12 @@ module ActionDispatch::Routing
     protected
       def devise_devise_xfactor_authentication(mapping, controllers)
-        resource :devise_xfactor_authentication, :only => [:show, :update, :resend_code], :path => mapping.path_names[:devise_xfactor_authentication], :controller => controllers[:devise_xfactor_authentication] do
+        resource :devise_xfactor_authentication,
+        :only => [:show, :update, :resend_code],
+        :path => mapping.path_names[:devise_xfactor_authentication],
+        :controller => controllers[:devise_xfactor_authentication] do
           collection { get "resend_code" }
+          collection { get "bob"}
         end
       end
   end

data/lib/devise_xfactor_authentication/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeviseXfactorAuthentication
-  VERSION = "2.2.19".freeze
+  VERSION = "2.2.20".freeze
 end

data/lib/devise_xfactor_authentication.rb CHANGED Viewed

@@ -32,6 +32,12 @@ module Devise
   mattr_accessor :delete_cookie_on_logout
   @@delete_cookie_on_logout = false
+  mattr_accessor :twilio_account_sid
+  @@twilio_account_sid = ''
+  mattr_accessor :twilio_auth_token
+  @@twilio_auth_token = ''
 end
 module DeviseXfactorAuthentication

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_xfactor_authentication
 version: !ruby/object:Gem::Version
-  version: 2.2.19
+  version: 2.2.20
 platform: ruby
 authors:
 - Jonathon Pickett
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-09 00:00:00.000000000 Z
+date: 2022-11-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -271,7 +271,7 @@ files:
 homepage: https://github.com/jpickett76/devise_xfactor_authentication
 licenses: []
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -286,8 +286,70 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: Two factor authentication plugin for devise forked from Houdini/two_factor_authentication
-test_files: []
+test_files:
+- spec/controllers/devise_xfactor_authentication_controller_spec.rb
+- spec/features/devise_xfactor_authenticatable_spec.rb
+- spec/generators/active_record/devise_xfactor_authentication_generator_spec.rb
+- spec/lib/devise_xfactor_authentication/models/devise_xfactor_authenticatable_spec.rb
+- spec/rails_app/.gitignore
+- spec/rails_app/README.md
+- spec/rails_app/Rakefile
+- spec/rails_app/app/assets/javascripts/application.js
+- spec/rails_app/app/assets/stylesheets/application.css
+- spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/home_controller.rb
+- spec/rails_app/app/helpers/application_helper.rb
+- spec/rails_app/app/mailers/.gitkeep
+- spec/rails_app/app/models/.gitkeep
+- spec/rails_app/app/models/admin.rb
+- spec/rails_app/app/models/encrypted_user.rb
+- spec/rails_app/app/models/guest_user.rb
+- spec/rails_app/app/models/user.rb
+- spec/rails_app/app/views/home/dashboard.html.erb
+- spec/rails_app/app/views/home/index.html.erb
+- spec/rails_app/app/views/layouts/application.html.erb
+- spec/rails_app/config.ru
+- spec/rails_app/config/application.rb
+- spec/rails_app/config/boot.rb
+- spec/rails_app/config/database.yml
+- spec/rails_app/config/environment.rb
+- spec/rails_app/config/environments/development.rb
+- spec/rails_app/config/environments/production.rb
+- spec/rails_app/config/environments/test.rb
+- spec/rails_app/config/initializers/backtrace_silencers.rb
+- spec/rails_app/config/initializers/cookies_serializer.rb
+- spec/rails_app/config/initializers/devise.rb
+- spec/rails_app/config/initializers/inflections.rb
+- spec/rails_app/config/initializers/mime_types.rb
+- spec/rails_app/config/initializers/secret_token.rb
+- spec/rails_app/config/initializers/session_store.rb
+- spec/rails_app/config/initializers/wrap_parameters.rb
+- spec/rails_app/config/locales/devise.en.yml
+- spec/rails_app/config/locales/en.yml
+- spec/rails_app/config/routes.rb
+- spec/rails_app/db/migrate/20140403184646_devise_create_users.rb
+- spec/rails_app/db/migrate/20140407172619_devise_xfactor_authentication_add_to_users.rb
+- spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb
+- spec/rails_app/db/migrate/20151224171231_add_encrypted_columns_to_user.rb
+- spec/rails_app/db/migrate/20151224180310_populate_otp_column.rb
+- spec/rails_app/db/migrate/20151228230340_remove_otp_secret_key_from_user.rb
+- spec/rails_app/db/migrate/20160209032439_devise_create_admins.rb
+- spec/rails_app/db/schema.rb
+- spec/rails_app/lib/assets/.gitkeep
+- spec/rails_app/lib/sms_provider.rb
+- spec/rails_app/public/404.html
+- spec/rails_app/public/422.html
+- spec/rails_app/public/500.html
+- spec/rails_app/public/favicon.ico
+- spec/rails_app/script/rails
+- spec/spec_helper.rb
+- spec/support/authenticated_model_helper.rb
+- spec/support/capybara.rb
+- spec/support/controller_helper.rb
+- spec/support/features_spec_helper.rb
+- spec/support/sms_provider.rb
+- spec/support/totp_helper.rb