google-authenticator-rails 0.0.8 → 0.0.9

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- Y2MxMDMxMGNmZjZiYzgwNDc5NjAwNTFlMTYzOWJkZWE4NWMxNTM1OA==
4
+ NTVhNmM1YzE3YmNmNGQyZjVlNTQzNzYwZTJjMWJlZDUwOWVlNTE4Ng==
5
5
  data.tar.gz: !binary |-
6
- NjRkNGQzMGJjMjgzNmU1ZjEyM2NhNmU1ZjRjYmNmZmU0NWQwZTUxZQ==
6
+ Y2RlNzVmNWJhODkxZDFiNmVhNjgxZjljYWQ5MjJlNDE3M2JiOWFmZA==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- NDkyN2M5YmYwYmNkNmI0NjEwMWQ0ZTY5NzNlNGY4Yjk0ZmMyMjE2ODk1Yjgw
10
- OGFmZDQzY2M2ODcxYTA3NTllYjQyYmY1YzkxMThhYTI4MDlkODliZDc2ZmE0
11
- YWRiMjAxZWI5N2E0ODRlNzVmMDc5MDI3YTBhZTg2ZThlZmU1ZTY=
9
+ Yzg4NzU1Y2Q4Njc5YWQwYTgyODgxNDg3MzBiOGU1NDUyNjEwZDQ5MGYyNGMz
10
+ N2M5MjIxMDg5YWFkMTViYjNlZWQ4NWFmYTcwNTlkYjQ3ZGIwY2M2YjI4ZTdh
11
+ ZjAyNDc5Zjk3NDNjMzQyZjY5OGZkNGRmOGFkM2Q0NzA2NzJjN2E=
12
12
  data.tar.gz: !binary |-
13
- OTlkYmY5YmViYjgzZmNlNzZjYjgyYjU3ZDk2ZjkwZTU1Y2MwNmI2ZWJiNDIy
14
- NDAzOTUyYjU5NDMzYTUzMDc2YzZkMWU5MDIwYzBkZTg0YTYyZWE1MWFhNzQx
15
- YTFiNjUxZTU1MzA4NzM3ODcyNDE0NTUyNTNhNjFhYzliNzc5M2M=
13
+ YzM5NGU0NjUwYjU1NjZhNmE4ZWU1YWM3OGQ2M2U4NGMxNTU4MjhkZDM2YTJm
14
+ NzBjY2M5ZjIwZjY5YTJjODhiNmMyZDRjZjczN2JiODdlOTM1NDI0MGIyY2Fi
15
+ NjBlNGMyZDE0Y2FkODFjYjNiOWU1ZTM2NGFhZjhhZmIwNWI1ZDg=
data/.travis.yml CHANGED
@@ -1,7 +1,6 @@
1
1
  language: ruby
2
2
  rvm:
3
3
  - 1.8.7
4
- - 1.9.2
5
4
  - 1.9.3
6
5
  - 2.0.0
7
6
  - 2.1.0
data/README.md CHANGED
@@ -4,7 +4,7 @@
4
4
  [![Build Status](https://secure.travis-ci.org/jaredonline/google-authenticator.png)](http://travis-ci.org/jaredonline/google-authenticator)
5
5
  [![Code Climate](https://codeclimate.com/github/jaredonline/google-authenticator.png)](https://codeclimate.com/github/jaredonline/google-authenticator)
6
6
 
7
- Rails (ActiveRecord) integration with the Google Authenticator apps for Android and the iPhone. Uses the Authlogic style for cookie management.
7
+ Rails (ActiveRecord) integration with the Google Authenticator apps for [Android](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2) and the [iPhone](https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8). Uses the Authlogic style for cookie management.
8
8
 
9
9
  ## Installation
10
10
 
@@ -32,20 +32,19 @@ end
32
32
  @user = User.new
33
33
  @user.set_google_secret # => true
34
34
  @user.google_qr_uri # => http://path.to.google/qr?with=params
35
- @user.google_authentic?(123456) # => true
35
+ @user.google_authentic?(123456) # => true
36
36
  ```
37
37
 
38
- Google Labels
39
- When setting up an account with the GoogleAuthenticator you need to provide
40
- a label for that account (to distinguish it from other accounts).
38
+ ## Google Labels
41
39
 
42
- GoogleAuthenticatorRails allows you to customize how the record will create
43
- that label. There are three options:
44
- - The default just uses the column "email" on the model
45
- - You can specify a custom column with the :column_name option
40
+ When setting up an account with `GoogleAuthenticatorRails` you need to provide a label for that account (to distinguish it from other accounts).
41
+
42
+ `GoogleAuthenticatorRails` allows you to customize how the record will create that label. There are three options:
43
+ - The default just uses the column `email` on the model
44
+ - You can specify a custom column with the `:column_name` option
46
45
  - You can specify a custom method via a symbol or a proc
47
46
 
48
- Examples:
47
+ Example:
49
48
 
50
49
  ```ruby
51
50
  class User
@@ -78,6 +77,14 @@ end
78
77
  @user.google_label # => "TED@EXAMPLE.COM"
79
78
  ```
80
79
 
80
+ Here's what the labels look like in Google Authenticator for iPhone:
81
+
82
+ ![iPhone Label Screenshot](http://jaredonline.github.io/google-authenticator/images/gar-label.png)
83
+
84
+ ## Google Secret
85
+ The "google secret" is where `GoogleAuthenticatorRails` stores the
86
+ secret token used to generate the MFA code.
87
+
81
88
  You can also specify a column for storing the google secret. The default is `google_secret`.
82
89
 
83
90
  Example
@@ -92,6 +99,8 @@ end
92
99
  @user.mfa_secret # => "56ahi483"
93
100
  ```
94
101
 
102
+ ## Lookup Token
103
+
95
104
  You can also specify which column the appropriate `MfaSession` subclass should use to look up the record:
96
105
 
97
106
  Example
@@ -104,24 +113,112 @@ end
104
113
 
105
114
  The above will cause the `UserMfaSession` class to call `User.where(:salt => cookie_salt)` or `User.scoped(:conditions => { :salt => cookie_salt })` to find the appropriate record.
106
115
 
116
+ ### A note about record lookup
117
+
118
+ `GoogleAuthenticatorRails` makes one very large assumption when attempting to lookup a record. If your `MfaSession` subclass is named `UserMfaSession` it assumes you're trying to lookup a `User` record. Currently, there is no way to configure this, so if you're trying to lookup a `VeryLongModelNameForUser` you'll need to name your `MfaSession` subclass `VeryLongModelNameForUserMfaSession`.
119
+
120
+ For example:
121
+
122
+ ```ruby
123
+ # app/models/user.rb
124
+ class User < ActiveRecord::Base
125
+ acts_as_google_authentic
126
+ end
127
+
128
+ # app/models/user_mfa_session.rb
129
+ class UserMfaSession < GoogleAuthenticatorRails::Session::Base
130
+ end
131
+ ```
132
+
133
+ ### A note about cookie creation and `Session::Persistence::TokenNotFound`
134
+
135
+ `GoogleAuthenticatorRails` looks up the record based on the cookie created when you call `MfaSession#create`. The `#create` method looks into the record class (in our example, `User`) and looks at the configured `:lookup_token` option. It uses that option to save two pieces of information into the cookie, the `id` of the record and the token, which defaults to `persistence_token`. `persistence_token` is what Authlogic uses, which this gem was originally designed to work with.
136
+
137
+ This can cause a lot of headaches if the model isn't configured correctly, and will cause a `GoogleAuthenticatorRails::Session::Persistence::TokenNotFound` error.
138
+
139
+ This error appears for one of three reasons:
140
+
141
+ 1. `user` is `nil`
142
+ 2. `user` doesn't respond to `:persistence_token`
143
+ 3. `user.persistence_token` is blank
144
+
145
+ For example:
146
+
147
+ ```ruby
148
+ # app/models/user.rb
149
+ class User < ActiveRecord::Base
150
+ acts_as_google_authentic
151
+ end
152
+
153
+ # Model has attributes:
154
+ # id: integer
155
+ # name: string
156
+ # salt: string
157
+
158
+ # app/models/user_mfa_session.rb
159
+ class UserMfaSession < GoogleAuthenticatorRails::Session::Base
160
+ end
161
+
162
+ # app/controllers/mfa_session_controller.rb
163
+ def class MfaSessionController < ApplicationController
164
+ def create
165
+ UserMfaSession.create(user) # => Error: GoogleAuthenticatorRails::Session::Persistence::TokenNotFound
166
+ end
167
+ end
168
+ ```
169
+
170
+ The above example will fail because the `User` class doesn't have a `persistence_token` method. The fix for this is to configure `actions_as_google_authentic` to use the right column:
171
+
172
+ ```ruby
173
+ # app/models/user.rb
174
+ class User < ActiveRecord::Base
175
+ acts_as_google_authentic :lookup_token => :salt
176
+ end
177
+
178
+ # Model has attributes:
179
+ # id: integer
180
+ # name: string
181
+ # salt: string
182
+
183
+ # app/models/user_mfa_session.rb
184
+ class UserMfaSession < GoogleAuthenticatorRails::Session::Base
185
+ end
186
+
187
+ # app/controllers/mfa_session_controller.rb
188
+ def class MfaSessionController < ApplicationController
189
+ def create
190
+ UserMfaSession.create(user)
191
+ end
192
+ end
193
+ ```
194
+
195
+ This call to `#create` will succeed (as long as `user.salt` is not `nil`).
196
+
197
+
198
+ ## Issuer
199
+
107
200
  You can also specify a name for the 'issuer' (the name of the website) where the user is using this token:
108
201
 
109
202
  Example
110
203
 
111
204
  ```ruby
112
205
  class User
113
- acts_as_google_authenticated :issuer => 'your_site.com'
206
+ acts_as_google_authenticated :issuer => 'example.com'
114
207
  end
115
208
  ```
116
209
 
117
- By this way your user will have the name of your site at the authenticator card besides the current token.
210
+ This way your user will have the name of your site at the authenticator card besides the current token.
211
+
212
+ Here's what the issuers look like in Google Authenticator for iPhone:
213
+
214
+ ![iPhone Label Screenshot](http://jaredonline.github.io/google-authenticator/images/gar-issuer.png)
118
215
 
119
216
  ## Sample Rails Setup
120
217
 
121
- This is a very rough outline of how GoogleAuthenticatorRails is meant to manage the sessions and cookies for a Rails app.
218
+ This is a very rough outline of how `GoogleAuthenticatorRails` is meant to manage the sessions and cookies for a Rails app.
122
219
 
123
220
  ```ruby
124
- Gemfile
221
+ # Gemfile
125
222
 
126
223
  gem 'rails'
127
224
  gem 'google-authenticator-rails'
@@ -137,7 +234,7 @@ end
137
234
  ```
138
235
 
139
236
  ```ruby
140
- app/models/users.rb
237
+ # app/models/users.rb
141
238
 
142
239
  class User < ActiveRecord::Base
143
240
  acts_as_google_authenticated
@@ -147,7 +244,7 @@ end
147
244
  If you want to authenticate based on a model called `User`, then you should name your session object `UserMfaSession`.
148
245
 
149
246
  ```ruby
150
- app/models/user_mfa_session.rb
247
+ # app/models/user_mfa_session.rb
151
248
 
152
249
  class UserMfaSession < GoogleAuthenticatorRails::Session::Base
153
250
  # no real code needed here
@@ -155,7 +252,7 @@ end
155
252
  ```
156
253
 
157
254
  ```ruby
158
- app/controllers/user_mfa_session_controller.rb
255
+ # app/controllers/user_mfa_session_controller.rb
159
256
 
160
257
  class UserMfaSessionController < ApplicationController
161
258
 
@@ -178,7 +275,7 @@ end
178
275
  ```
179
276
 
180
277
  ```ruby
181
- app/controllers/application_controller.rb
278
+ # app/controllers/application_controller.rb
182
279
 
183
280
  class ApplicationController < ActionController::Base
184
281
  before_filter :check_mfa
@@ -192,9 +289,12 @@ class ApplicationController < ActionController::Base
192
289
  end
193
290
  ```
194
291
 
292
+ ## Other configuration
293
+
195
294
  By default, the cookie related to the MfaSession expires in 24 hours, but this can be changed:
295
+
196
296
  ```ruby
197
- config/initializers/google_authenticator_rails.rb
297
+ # config/initializers/google_authenticator_rails.rb
198
298
 
199
299
  GoogleAuthenticatorRails.time_until_expiration = 1.month
200
300
  ```
@@ -211,3 +311,4 @@ GoogleAuthenticatorRails.time_until_expiration = 1.month
211
311
  ## License
212
312
 
213
313
  MIT.
314
+
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- google-authenticator-rails (0.0.7)
4
+ google-authenticator-rails (0.0.9)
5
5
  actionpack
6
6
  activerecord (< 4.0.0)
7
7
  google-qr
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- google-authenticator-rails (0.0.7)
4
+ google-authenticator-rails (0.0.9)
5
5
  actionpack
6
6
  activerecord (< 4.0.0)
7
7
  google-qr
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- google-authenticator-rails (0.0.7)
4
+ google-authenticator-rails (0.0.9)
5
5
  actionpack
6
6
  activerecord (< 4.0.0)
7
7
  google-qr
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../
3
3
  specs:
4
- google-authenticator-rails (0.0.7)
4
+ google-authenticator-rails (0.0.9)
5
5
  actionpack
6
6
  activerecord (< 4.0.0)
7
7
  google-qr
@@ -77,7 +77,8 @@ module GoogleAuthenticatorRails # :nodoc:
77
77
  # to "google_secret"
78
78
  # [:lookup_token] the column to use to find the record from the DB, defaults
79
79
  # to "persistence_token"
80
- # [:issuer] the name of the issuer to appear at the app (is optional)
80
+ # [:issuer] the name of the issuer to appear in the app (optional), defaults
81
+ # to ""
81
82
  def acts_as_google_authenticated(options = {})
82
83
  @google_label_column = options[:column_name] || :email
83
84
  @google_label_method = options[:method] || :default_google_label_method
@@ -6,22 +6,10 @@ module GoogleAuthenticatorRails # :nodoc:
6
6
  save
7
7
  end
8
8
 
9
- # TODO: Remove this method in version 0.0.4
10
- def set_google_secret!
11
- put "DEPRECATION WARNING: #set_google_secret! is no longer being used, use #set_google_secret instead. #set_google_secret! will be removed in 0.0.4. Called from #{Kernel.caller[0]}"
12
- set_google_secret
13
- end
14
-
15
9
  def google_authentic?(code)
16
10
  GoogleAuthenticatorRails.valid?(code, google_secret_value)
17
11
  end
18
12
 
19
- # TODO: Remove this method in version 0.0.4
20
- def google_authenticate(code)
21
- put "DEPRECATION WARNING: #google_authenticate is no longer being used, use #google_authentic? instead. #google_authenticate will be removed in 0.0.4. Called from #{Kernel.caller[0]}"
22
- google_authentic?(code)
23
- end
24
-
25
13
  def google_qr_uri
26
14
  GoogleQR.new(:data => ROTP::TOTP.new(google_secret_value, :issuer => google_issuer).provisioning_uri(google_label), :size => "200x200").to_s
27
15
  end
@@ -1,7 +1,7 @@
1
1
  module Google
2
2
  module Authenticator
3
3
  module Rails
4
- VERSION = "0.0.8"
4
+ VERSION = "0.0.9"
5
5
  end
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-authenticator-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.8
4
+ version: 0.0.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jared McFarland
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-02-10 00:00:00.000000000 Z
11
+ date: 2014-04-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rotp