google-authenticator-rails 0.0.9 → 0.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +8 -8
- data/README.md +13 -2
- data/lib/google-authenticator-rails.rb +2 -2
- data/lib/google-authenticator-rails/active_record/acts_as_google_authenticated.rb +5 -1
- data/lib/google-authenticator-rails/active_record/helpers.rb +1 -1
- data/lib/google-authenticator-rails/version.rb +1 -1
- data/spec/google_authenticator_spec.rb +30 -6
- data/spec/spec_helper.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
---
|
|
2
2
|
!binary "U0hBMQ==":
|
|
3
3
|
metadata.gz: !binary |-
|
|
4
|
-
|
|
4
|
+
OTdiODQ2YThiMzlmM2Q4ODFhMDQ3MGViY2ZhZjdlNTU2Yjc1ZjIxOQ==
|
|
5
5
|
data.tar.gz: !binary |-
|
|
6
|
-
|
|
6
|
+
ZmRmMTcxZTYxMmFjN2MwMzA4MWQ4Yzc2NWQzMWVlN2E5YTczYjJhOA==
|
|
7
7
|
SHA512:
|
|
8
8
|
metadata.gz: !binary |-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
MDIzYjRmOWM2NjFjNjM2MGFmMGNmYzI0YzE5MDUzNDQwM2ViNTUwZGYyNDQ5
|
|
10
|
+
M2M1Yzg4NzNiNDRkZDkyNGViNDlhMTdiMjRiMWJmNGI2MzY5ZGIyYjlmMmMx
|
|
11
|
+
MDNjMDBiYjZmYWRmYzEwMzkzYWZmOTYyZjY3YjczZmY0MzJiMWM=
|
|
12
12
|
data.tar.gz: !binary |-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
13
|
+
MTZmNjY5MWE5ZWRiMjEyMWM3ZTgyNWUxNGRiMDg0ZDNkYmY2YmQzMGE1ZmRh
|
|
14
|
+
NzI5NGM3ZDAzYzAzMzYzOWRkNThmOWMyOTYyNjg2Zjg5ZGFjMTI0NzM5MGRk
|
|
15
|
+
MzEyMzRjNGU1Njk3ODg5NTNlMmJkNGQxYzc1YjJmZTZlNThjZjA=
|
data/README.md
CHANGED
|
@@ -99,6 +99,17 @@ end
|
|
|
99
99
|
@user.mfa_secret # => "56ahi483"
|
|
100
100
|
```
|
|
101
101
|
|
|
102
|
+
## Drift
|
|
103
|
+
|
|
104
|
+
You can specify a custom drift value. Drift is the number of seconds that the client
|
|
105
|
+
and server are allowed to drift apart. Default value is 5 seconds.
|
|
106
|
+
|
|
107
|
+
```ruby
|
|
108
|
+
class User
|
|
109
|
+
act_as_google_authenticated :drift => 31
|
|
110
|
+
end
|
|
111
|
+
```
|
|
112
|
+
|
|
102
113
|
## Lookup Token
|
|
103
114
|
|
|
104
115
|
You can also specify which column the appropriate `MfaSession` subclass should use to look up the record:
|
|
@@ -160,7 +171,7 @@ class UserMfaSession < GoogleAuthenticatorRails::Session::Base
|
|
|
160
171
|
end
|
|
161
172
|
|
|
162
173
|
# app/controllers/mfa_session_controller.rb
|
|
163
|
-
|
|
174
|
+
class MfaSessionController < ApplicationController
|
|
164
175
|
def create
|
|
165
176
|
UserMfaSession.create(user) # => Error: GoogleAuthenticatorRails::Session::Persistence::TokenNotFound
|
|
166
177
|
end
|
|
@@ -255,7 +266,7 @@ end
|
|
|
255
266
|
# app/controllers/user_mfa_session_controller.rb
|
|
256
267
|
|
|
257
268
|
class UserMfaSessionController < ApplicationController
|
|
258
|
-
|
|
269
|
+
|
|
259
270
|
def new
|
|
260
271
|
# load your view
|
|
261
272
|
end
|
|
@@ -37,8 +37,8 @@ module GoogleAuthenticatorRails
|
|
|
37
37
|
ROTP::TOTP.new(secret).now
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
def self.valid?(code, secret)
|
|
41
|
-
ROTP::TOTP.new(secret).verify_with_drift(code,
|
|
40
|
+
def self.valid?(code, secret, drift = DRIFT)
|
|
41
|
+
ROTP::TOTP.new(secret).verify_with_drift(code, drift)
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def self.generate_secret
|
|
@@ -77,6 +77,9 @@ module GoogleAuthenticatorRails # :nodoc:
|
|
|
77
77
|
# to "google_secret"
|
|
78
78
|
# [:lookup_token] the column to use to find the record from the DB, defaults
|
|
79
79
|
# to "persistence_token"
|
|
80
|
+
# [:drift] drift the number of seconds that the client and server are
|
|
81
|
+
# allowed to drift apart. Default value is 6.
|
|
82
|
+
#
|
|
80
83
|
# [:issuer] the name of the issuer to appear in the app (optional), defaults
|
|
81
84
|
# to ""
|
|
82
85
|
def acts_as_google_authenticated(options = {})
|
|
@@ -84,11 +87,12 @@ module GoogleAuthenticatorRails # :nodoc:
|
|
|
84
87
|
@google_label_method = options[:method] || :default_google_label_method
|
|
85
88
|
@google_secret_column = options[:google_secret_column] || :google_secret
|
|
86
89
|
@google_lookup_token = options[:lookup_token] || :persistence_token
|
|
90
|
+
@google_drift = options[:drift] || GoogleAuthenticatorRails::DRIFT
|
|
87
91
|
@google_issuer = options[:issuer]
|
|
88
92
|
|
|
89
93
|
puts ":skip_attr_accessible is no longer required. Called from #{Kernel.caller[0]}}" if options.has_key?(:skip_attr_accessible)
|
|
90
94
|
|
|
91
|
-
[:google_label_column, :google_label_method, :google_secret_column, :google_lookup_token, :google_issuer].each do |cattr|
|
|
95
|
+
[:google_label_column, :google_label_method, :google_secret_column, :google_lookup_token, :google_drift, :google_issuer].each do |cattr|
|
|
92
96
|
self.singleton_class.class_eval { attr_reader cattr }
|
|
93
97
|
end
|
|
94
98
|
|
|
@@ -37,17 +37,33 @@ describe GoogleAuthenticatorRails do
|
|
|
37
37
|
GoogleAuthenticatorRails::generate_secret.should == random32
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
context 'integration with ActiveRecord'
|
|
40
|
+
context 'integration with ActiveRecord' do
|
|
41
41
|
let(:original_time) { Time.parse("2012-08-07 11:11:00 AM +0700") }
|
|
42
42
|
let(:time) { original_time }
|
|
43
|
+
let(:user) { User.create(:email => "test@example.com", :user_name => "test_user") }
|
|
43
44
|
before do
|
|
44
45
|
Time.stub!(:now).and_return(time)
|
|
45
|
-
|
|
46
|
-
|
|
46
|
+
user.google_secret = "test"
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
context "custom drift" do
|
|
50
|
+
# 30 seconds drift
|
|
51
|
+
let(:user) { DriftUser.create(:email => "test@example.com", :user_name => "test_user") }
|
|
52
|
+
subject { user.google_authentic?(922511) }
|
|
53
|
+
|
|
54
|
+
context '6 seconds of drift' do
|
|
55
|
+
let(:time) { original_time + 36.seconds }
|
|
56
|
+
it { should be true }
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
context '30 seconds of drift' do
|
|
60
|
+
let(:time) { original_time + 61.seconds }
|
|
61
|
+
it { should be false }
|
|
62
|
+
end
|
|
47
63
|
end
|
|
48
64
|
|
|
49
65
|
context 'code validation' do
|
|
50
|
-
subject {
|
|
66
|
+
subject { user.google_authentic?(922511) }
|
|
51
67
|
|
|
52
68
|
it { should be true }
|
|
53
69
|
|
|
@@ -63,8 +79,8 @@ describe GoogleAuthenticatorRails do
|
|
|
63
79
|
end
|
|
64
80
|
|
|
65
81
|
it 'creates a secret' do
|
|
66
|
-
|
|
67
|
-
|
|
82
|
+
user.set_google_secret
|
|
83
|
+
user.google_secret.should == random32
|
|
68
84
|
end
|
|
69
85
|
|
|
70
86
|
context 'secret column' do
|
|
@@ -89,6 +105,14 @@ describe GoogleAuthenticatorRails do
|
|
|
89
105
|
it { should raise_error(NoMethodError) }
|
|
90
106
|
end
|
|
91
107
|
|
|
108
|
+
context "drift value" do
|
|
109
|
+
it { DriftUser.google_drift.should == 31 }
|
|
110
|
+
|
|
111
|
+
context "default value" do
|
|
112
|
+
it { User.google_drift.should == 6 }
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
|
|
92
116
|
context 'qr codes' do
|
|
93
117
|
let(:options) { { :email => "test@example.com", :user_name => "test_user" } }
|
|
94
118
|
let(:user) { User.create options }
|
data/spec/spec_helper.rb
CHANGED
|
@@ -101,6 +101,10 @@ class ColumnNameUser < BaseUser
|
|
|
101
101
|
acts_as_google_authenticated :column_name => :user_name
|
|
102
102
|
end
|
|
103
103
|
|
|
104
|
+
class DriftUser < BaseUser
|
|
105
|
+
acts_as_google_authenticated :drift => 31
|
|
106
|
+
end
|
|
107
|
+
|
|
104
108
|
class ProcUser < BaseUser
|
|
105
109
|
acts_as_google_authenticated :method => Proc.new { |user| "#{user.user_name}@futureadvisor-admin" }
|
|
106
110
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-authenticator-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jared McFarland
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-04-
|
|
11
|
+
date: 2014-04-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rotp
|