google-authenticator-rails 0.0.9 → 0.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/README.md +13 -2
- data/lib/google-authenticator-rails.rb +2 -2
- data/lib/google-authenticator-rails/active_record/acts_as_google_authenticated.rb +5 -1
- data/lib/google-authenticator-rails/active_record/helpers.rb +1 -1
- data/lib/google-authenticator-rails/version.rb +1 -1
- data/spec/google_authenticator_spec.rb +30 -6
- data/spec/spec_helper.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
---
|
|
2
2
|
!binary "U0hBMQ==":
|
|
3
3
|
metadata.gz: !binary |-
|
|
4
|
-
|
|
4
|
+
OTdiODQ2YThiMzlmM2Q4ODFhMDQ3MGViY2ZhZjdlNTU2Yjc1ZjIxOQ==
|
|
5
5
|
data.tar.gz: !binary |-
|
|
6
|
-
|
|
6
|
+
ZmRmMTcxZTYxMmFjN2MwMzA4MWQ4Yzc2NWQzMWVlN2E5YTczYjJhOA==
|
|
7
7
|
SHA512:
|
|
8
8
|
metadata.gz: !binary |-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
MDIzYjRmOWM2NjFjNjM2MGFmMGNmYzI0YzE5MDUzNDQwM2ViNTUwZGYyNDQ5
|
|
10
|
+
M2M1Yzg4NzNiNDRkZDkyNGViNDlhMTdiMjRiMWJmNGI2MzY5ZGIyYjlmMmMx
|
|
11
|
+
MDNjMDBiYjZmYWRmYzEwMzkzYWZmOTYyZjY3YjczZmY0MzJiMWM=
|
|
12
12
|
data.tar.gz: !binary |-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
13
|
+
MTZmNjY5MWE5ZWRiMjEyMWM3ZTgyNWUxNGRiMDg0ZDNkYmY2YmQzMGE1ZmRh
|
|
14
|
+
NzI5NGM3ZDAzYzAzMzYzOWRkNThmOWMyOTYyNjg2Zjg5ZGFjMTI0NzM5MGRk
|
|
15
|
+
MzEyMzRjNGU1Njk3ODg5NTNlMmJkNGQxYzc1YjJmZTZlNThjZjA=
|
data/README.md
CHANGED
|
@@ -99,6 +99,17 @@ end
|
|
|
99
99
|
@user.mfa_secret # => "56ahi483"
|
|
100
100
|
```
|
|
101
101
|
|
|
102
|
+
## Drift
|
|
103
|
+
|
|
104
|
+
You can specify a custom drift value. Drift is the number of seconds that the client
|
|
105
|
+
and server are allowed to drift apart. Default value is 5 seconds.
|
|
106
|
+
|
|
107
|
+
```ruby
|
|
108
|
+
class User
|
|
109
|
+
act_as_google_authenticated :drift => 31
|
|
110
|
+
end
|
|
111
|
+
```
|
|
112
|
+
|
|
102
113
|
## Lookup Token
|
|
103
114
|
|
|
104
115
|
You can also specify which column the appropriate `MfaSession` subclass should use to look up the record:
|
|
@@ -160,7 +171,7 @@ class UserMfaSession < GoogleAuthenticatorRails::Session::Base
|
|
|
160
171
|
end
|
|
161
172
|
|
|
162
173
|
# app/controllers/mfa_session_controller.rb
|
|
163
|
-
|
|
174
|
+
class MfaSessionController < ApplicationController
|
|
164
175
|
def create
|
|
165
176
|
UserMfaSession.create(user) # => Error: GoogleAuthenticatorRails::Session::Persistence::TokenNotFound
|
|
166
177
|
end
|
|
@@ -255,7 +266,7 @@ end
|
|
|
255
266
|
# app/controllers/user_mfa_session_controller.rb
|
|
256
267
|
|
|
257
268
|
class UserMfaSessionController < ApplicationController
|
|
258
|
-
|
|
269
|
+
|
|
259
270
|
def new
|
|
260
271
|
# load your view
|
|
261
272
|
end
|
|
@@ -37,8 +37,8 @@ module GoogleAuthenticatorRails
|
|
|
37
37
|
ROTP::TOTP.new(secret).now
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
def self.valid?(code, secret)
|
|
41
|
-
ROTP::TOTP.new(secret).verify_with_drift(code,
|
|
40
|
+
def self.valid?(code, secret, drift = DRIFT)
|
|
41
|
+
ROTP::TOTP.new(secret).verify_with_drift(code, drift)
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def self.generate_secret
|
|
@@ -77,6 +77,9 @@ module GoogleAuthenticatorRails # :nodoc:
|
|
|
77
77
|
# to "google_secret"
|
|
78
78
|
# [:lookup_token] the column to use to find the record from the DB, defaults
|
|
79
79
|
# to "persistence_token"
|
|
80
|
+
# [:drift] drift the number of seconds that the client and server are
|
|
81
|
+
# allowed to drift apart. Default value is 6.
|
|
82
|
+
#
|
|
80
83
|
# [:issuer] the name of the issuer to appear in the app (optional), defaults
|
|
81
84
|
# to ""
|
|
82
85
|
def acts_as_google_authenticated(options = {})
|
|
@@ -84,11 +87,12 @@ module GoogleAuthenticatorRails # :nodoc:
|
|
|
84
87
|
@google_label_method = options[:method] || :default_google_label_method
|
|
85
88
|
@google_secret_column = options[:google_secret_column] || :google_secret
|
|
86
89
|
@google_lookup_token = options[:lookup_token] || :persistence_token
|
|
90
|
+
@google_drift = options[:drift] || GoogleAuthenticatorRails::DRIFT
|
|
87
91
|
@google_issuer = options[:issuer]
|
|
88
92
|
|
|
89
93
|
puts ":skip_attr_accessible is no longer required. Called from #{Kernel.caller[0]}}" if options.has_key?(:skip_attr_accessible)
|
|
90
94
|
|
|
91
|
-
[:google_label_column, :google_label_method, :google_secret_column, :google_lookup_token, :google_issuer].each do |cattr|
|
|
95
|
+
[:google_label_column, :google_label_method, :google_secret_column, :google_lookup_token, :google_drift, :google_issuer].each do |cattr|
|
|
92
96
|
self.singleton_class.class_eval { attr_reader cattr }
|
|
93
97
|
end
|
|
94
98
|
|
|
@@ -37,17 +37,33 @@ describe GoogleAuthenticatorRails do
|
|
|
37
37
|
GoogleAuthenticatorRails::generate_secret.should == random32
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
context 'integration with ActiveRecord'
|
|
40
|
+
context 'integration with ActiveRecord' do
|
|
41
41
|
let(:original_time) { Time.parse("2012-08-07 11:11:00 AM +0700") }
|
|
42
42
|
let(:time) { original_time }
|
|
43
|
+
let(:user) { User.create(:email => "test@example.com", :user_name => "test_user") }
|
|
43
44
|
before do
|
|
44
45
|
Time.stub!(:now).and_return(time)
|
|
45
|
-
|
|
46
|
-
|
|
46
|
+
user.google_secret = "test"
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
context "custom drift" do
|
|
50
|
+
# 30 seconds drift
|
|
51
|
+
let(:user) { DriftUser.create(:email => "test@example.com", :user_name => "test_user") }
|
|
52
|
+
subject { user.google_authentic?(922511) }
|
|
53
|
+
|
|
54
|
+
context '6 seconds of drift' do
|
|
55
|
+
let(:time) { original_time + 36.seconds }
|
|
56
|
+
it { should be true }
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
context '30 seconds of drift' do
|
|
60
|
+
let(:time) { original_time + 61.seconds }
|
|
61
|
+
it { should be false }
|
|
62
|
+
end
|
|
47
63
|
end
|
|
48
64
|
|
|
49
65
|
context 'code validation' do
|
|
50
|
-
subject {
|
|
66
|
+
subject { user.google_authentic?(922511) }
|
|
51
67
|
|
|
52
68
|
it { should be true }
|
|
53
69
|
|
|
@@ -63,8 +79,8 @@ describe GoogleAuthenticatorRails do
|
|
|
63
79
|
end
|
|
64
80
|
|
|
65
81
|
it 'creates a secret' do
|
|
66
|
-
|
|
67
|
-
|
|
82
|
+
user.set_google_secret
|
|
83
|
+
user.google_secret.should == random32
|
|
68
84
|
end
|
|
69
85
|
|
|
70
86
|
context 'secret column' do
|
|
@@ -89,6 +105,14 @@ describe GoogleAuthenticatorRails do
|
|
|
89
105
|
it { should raise_error(NoMethodError) }
|
|
90
106
|
end
|
|
91
107
|
|
|
108
|
+
context "drift value" do
|
|
109
|
+
it { DriftUser.google_drift.should == 31 }
|
|
110
|
+
|
|
111
|
+
context "default value" do
|
|
112
|
+
it { User.google_drift.should == 6 }
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
|
|
92
116
|
context 'qr codes' do
|
|
93
117
|
let(:options) { { :email => "test@example.com", :user_name => "test_user" } }
|
|
94
118
|
let(:user) { User.create options }
|
data/spec/spec_helper.rb
CHANGED
|
@@ -101,6 +101,10 @@ class ColumnNameUser < BaseUser
|
|
|
101
101
|
acts_as_google_authenticated :column_name => :user_name
|
|
102
102
|
end
|
|
103
103
|
|
|
104
|
+
class DriftUser < BaseUser
|
|
105
|
+
acts_as_google_authenticated :drift => 31
|
|
106
|
+
end
|
|
107
|
+
|
|
104
108
|
class ProcUser < BaseUser
|
|
105
109
|
acts_as_google_authenticated :method => Proc.new { |user| "#{user.user_name}@futureadvisor-admin" }
|
|
106
110
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-authenticator-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jared McFarland
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-04-
|
|
11
|
+
date: 2014-04-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rotp
|