google-authenticator-rails 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed20f880010144ec35aeb9e7d97741e082a9e1d5
|
|
4
|
+
data.tar.gz: 1b48c9df0482d39d259fc763e48f23886c066e1d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e38d0a84b2a9d610ed5b3bc94124bc7e668cc1c7af5e0bee53071ad3270eb2109d589ea9b6a608137f61e519cc723c05e4996cb957dd1ac99c0a94bd4b3f144
|
|
7
|
+
data.tar.gz: 95b6fee3b5ecd00fdd804fc9a97f3e386a039504822852f0382d3dc1db951ecea9deef5701574a79e879d80eb79c100da8e034adb00d007eb97580ed07e0e43a
|
data/README.md
CHANGED
|
@@ -300,16 +300,25 @@ class ApplicationController < ActionController::Base
|
|
|
300
300
|
end
|
|
301
301
|
```
|
|
302
302
|
|
|
303
|
-
##
|
|
303
|
+
## Cookie options
|
|
304
304
|
|
|
305
|
-
|
|
305
|
+
You can configure the MfaSession cookie by creating an initializer:
|
|
306
306
|
|
|
307
307
|
```ruby
|
|
308
308
|
# config/initializers/google_authenticator_rails.rb
|
|
309
309
|
|
|
310
|
+
# The cookie normally expires in 24 hours, you can change this to 1 month
|
|
310
311
|
GoogleAuthenticatorRails.time_until_expiration = 1.month
|
|
312
|
+
|
|
313
|
+
# You can override the suffix of the cookie's key, by default this is mfa_credentials
|
|
314
|
+
GoogleAuthenticatorRails.cookie_key_suffix = 'mfa_credentials'
|
|
315
|
+
|
|
316
|
+
# Rails offers a few more cookie options, by default only :httponly is turned on, you can change it to HTTPS only:
|
|
317
|
+
GoogleAuthenticatorRails.cookie_options = { :httponly => true, :secure => true, :domain => :all }
|
|
311
318
|
```
|
|
312
319
|
|
|
320
|
+
Additional cookie option symbols can be found in the [Ruby on Rails guide](http://api.rubyonrails.org/classes/ActionDispatch/Cookies.html).
|
|
321
|
+
|
|
313
322
|
## Destroying the Cookie
|
|
314
323
|
|
|
315
324
|
If you want to manually destroy the MFA cookie (for example, when a user logs out), just call
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Stuff the gem
|
|
1
|
+
# Stuff the gem requires
|
|
2
2
|
#
|
|
3
3
|
require 'active_support'
|
|
4
4
|
require 'active_record'
|
|
@@ -20,15 +20,21 @@ GOOGLE_AUTHENTICATOR_RAILS_PATH = File.dirname(__FILE__) + "/google-authenticato
|
|
|
20
20
|
require GOOGLE_AUTHENTICATOR_RAILS_PATH + library
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
|
|
23
|
+
# Sets up some basic accessors for use with the ROTP module
|
|
24
24
|
#
|
|
25
25
|
module GoogleAuthenticatorRails
|
|
26
|
-
# Drift is set to 6 because ROTP drift is not inclusive.
|
|
26
|
+
# Drift is set to 6 because ROTP drift is not inclusive. This allows a drift of 5 seconds.
|
|
27
27
|
DRIFT = 6
|
|
28
28
|
|
|
29
29
|
# How long a Session::Persistence cookie should last.
|
|
30
30
|
@@time_until_expiration = 24.hours
|
|
31
31
|
|
|
32
|
+
# Last part of a Session::Persistence cookie's key
|
|
33
|
+
@@cookie_key_suffix = nil
|
|
34
|
+
|
|
35
|
+
# Additional configuration passed to a Session::Persistence cookie.
|
|
36
|
+
@@cookie_options = { :httponly => true }
|
|
37
|
+
|
|
32
38
|
def self.generate_password(secret, iteration)
|
|
33
39
|
ROTP::HOTP.new(secret).at(iteration)
|
|
34
40
|
end
|
|
@@ -52,4 +58,20 @@ module GoogleAuthenticatorRails
|
|
|
52
58
|
def self.time_until_expiration=(time_until_expiration)
|
|
53
59
|
@@time_until_expiration = time_until_expiration
|
|
54
60
|
end
|
|
61
|
+
|
|
62
|
+
def self.cookie_key_suffix
|
|
63
|
+
@@cookie_key_suffix
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def self.cookie_key_suffix=(suffix)
|
|
67
|
+
@@cookie_key_suffix = suffix
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
def self.cookie_options
|
|
71
|
+
@@cookie_options
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def self.cookie_options=(options)
|
|
75
|
+
@@cookie_options = options
|
|
76
|
+
end
|
|
55
77
|
end
|
|
@@ -59,14 +59,16 @@ module GoogleAuthenticatorRails
|
|
|
59
59
|
|
|
60
60
|
def create_cookie(token, user_id)
|
|
61
61
|
value = [token, user_id].join('::')
|
|
62
|
-
{
|
|
62
|
+
options = GoogleAuthenticatorRails.cookie_options || {}
|
|
63
|
+
options.merge(
|
|
63
64
|
:value => value,
|
|
64
65
|
:expires => GoogleAuthenticatorRails.time_until_expiration.from_now
|
|
65
|
-
|
|
66
|
+
)
|
|
66
67
|
end
|
|
67
68
|
|
|
68
69
|
def cookie_key
|
|
69
|
-
"#{
|
|
70
|
+
suffix = "#{GoogleAuthenticatorRails.cookie_key_suffix}" || 'mfa_credentials'
|
|
71
|
+
"#{klass.to_s.downcase}_#{suffix}"
|
|
70
72
|
end
|
|
71
73
|
end
|
|
72
74
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-authenticator-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jared McFarland
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-05-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rotp
|