RubyGems - onelogin - Versions diffs - 1.0.4 → 1.1.0 - Mend

onelogin 1.0.4 → 1.1.0

Files changed (99) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2c74691d3135978399a56be269994f8a02e10a2f
-  data.tar.gz: a0909bc388370abf18e914400a227828afe2cc27
+  metadata.gz: c0b09f92686da99fbe19429f8ae65da9962f97a0
+  data.tar.gz: 8fe313cf382979cc481a5bb26961ca4091a615d3
 SHA512:
-  metadata.gz: f90e4910a29c0606a8a267e65fc44b5c2a21bd55cb8745b38ad637f8adc6f85802187b5c766528e23a6ac88371a9fddfd7ac403430711d042c5b290dc56e3848
-  data.tar.gz: d46d28fa02a974e90dd88c419890de2b9e187f426a73008687d4356cb9bee327eafbac3c754e0b187dbc71b35ea3c55bb6c435981fbb67e55d227a453b1a9b4f
+  metadata.gz: feaa630f6e10bbeaac2f783dfa4af64fb19afabbe4c6781745be745dce0f5fe52863d9ce7e7202f8be86b61d286ec211074c524b54475d7ae178a26f90b65207
+  data.tar.gz: 9276fb49aa63b3d9f2cc04ff089eeb5decd8c6b5329d7fe57bbd70e371c3b1f4784bf8a5cc486c4abbf2baaa487487240904a22feabc59e56c1d7d117141ea22

data/README.md CHANGED Viewed

@@ -323,6 +323,9 @@ enrollment_response = client.activate_factor(user_id, device_id)
 # Verify an Authentication Factor
 result = client.verify_factor(user_id, device_id, otp_token="4242342423")
+# Remove a Factor
+result = client.remove_factor(user_id, device_id)
 # Generate Invite Link
 url_link = client.generate_invite_link("user@example.com")

data/examples/rails-custom-login-page/.gitignore ADDED Viewed

@@ -0,0 +1,45 @@
+*.rbc
+capybara-*.html
+.rspec
+/log
+/tmp
+/db/*.sqlite3
+/db/*.sqlite3-journal
+/public/system
+/coverage/
+/spec/tmp
+*.orig
+rerun.txt
+pickle-email-*.html
+# TODO Comment out this rule if you are OK with secrets being uploaded to the repo
+config/initializers/secret_token.rb
+# Only include if you have production secrets in this file, which is no longer a Rails default
+config/secrets.yml
+# dotenv
+# TODO Comment out this rule if environment variables can be committed
+.env
+## Environment normalization:
+/.bundle
+/vendor/bundle
+# these should all be checked in to normalize the environment:
+Gemfile.lock, .ruby-version, .ruby-gemset
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+# if using bower-rails ignore default bower_components path bower.json files
+/vendor/assets/bower_components
+*.bowerrc
+bower.json
+# Ignore pow environment settings
+.powenv
+# Ignore Byebug command history file.
+.byebug_history

data/examples/rails-custom-login-page/.ruby-version ADDED Viewed

	@@ -0,0 +1 @@
1	+ 2.2.5

data/examples/rails-custom-login-page/Gemfile ADDED Viewed

@@ -0,0 +1,57 @@
+source 'https://rubygems.org'
+git_source(:github) do |repo_name|
+  repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
+  "https://github.com/#{repo_name}.git"
+end
+# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
+gem 'rails', '~> 5.1.4'
+# Use sqlite3 as the database for Active Record
+gem 'sqlite3'
+# Use Puma as the app server
+gem 'puma', '~> 3.7'
+# Use SCSS for stylesheets
+gem 'sass-rails', '~> 5.0'
+# Use Uglifier as compressor for JavaScript assets
+gem 'uglifier', '>= 1.3.0'
+# See https://github.com/rails/execjs#readme for more supported runtimes
+# gem 'therubyracer', platforms: :ruby
+# Use CoffeeScript for .coffee assets and views
+gem 'coffee-rails', '~> 4.2'
+# Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
+gem 'turbolinks', '~> 5'
+# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
+gem 'jbuilder', '~> 2.5'
+# Use Redis adapter to run Action Cable in production
+# gem 'redis', '~> 3.0'
+# Use ActiveModel has_secure_password
+# gem 'bcrypt', '~> 3.1.7'
+# Use Capistrano for deployment
+# gem 'capistrano-rails', group: :development
+gem 'onelogin', '~> 1.0.4'
+gem 'jquery-rails'
+group :development, :test do
+  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
+  gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]
+  # Adds support for Capybara system testing and selenium driver
+  gem 'capybara', '~> 2.13'
+  gem 'selenium-webdriver'
+end
+group :development do
+  # Access an IRB console on exception pages or by using <%= console %> anywhere in the code.
+  gem 'web-console', '>= 3.3.0'
+  gem 'listen', '>= 3.0.5', '< 3.2'
+  # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
+  gem 'spring'
+  gem 'spring-watcher-listen', '~> 2.0.0'
+end
+# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
+gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]

data/examples/rails-custom-login-page/Gemfile.lock ADDED Viewed

@@ -0,0 +1,208 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (5.1.5)
+      actionpack (= 5.1.5)
+      nio4r (~> 2.0)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.1.5)
+      actionpack (= 5.1.5)
+      actionview (= 5.1.5)
+      activejob (= 5.1.5)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.1.5)
+      actionview (= 5.1.5)
+      activesupport (= 5.1.5)
+      rack (~> 2.0)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.1.5)
+      activesupport (= 5.1.5)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (5.1.5)
+      activesupport (= 5.1.5)
+      globalid (>= 0.3.6)
+    activemodel (5.1.5)
+      activesupport (= 5.1.5)
+    activerecord (5.1.5)
+      activemodel (= 5.1.5)
+      activesupport (= 5.1.5)
+      arel (~> 8.0)
+    activesupport (5.1.5)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    arel (8.0.0)
+    bindex (0.5.0)
+    builder (3.2.3)
+    byebug (10.0.1)
+    capybara (2.18.0)
+      addressable
+      mini_mime (>= 0.1.3)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (>= 2.0, < 4.0)
+    childprocess (0.9.0)
+      ffi (~> 1.0, >= 1.0.11)
+    coffee-rails (4.2.2)
+      coffee-script (>= 2.2.0)
+      railties (>= 4.0.0)
+    coffee-script (2.4.1)
+      coffee-script-source
+      execjs
+    coffee-script-source (1.12.2)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    erubi (1.7.1)
+    execjs (2.7.0)
+    ffi (1.9.23)
+    globalid (0.4.1)
+      activesupport (>= 4.2.0)
+    httparty (0.16.1)
+      multi_xml (>= 0.5.2)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    jbuilder (2.7.0)
+      activesupport (>= 4.2.0)
+      multi_json (>= 1.2)
+    jquery-rails (4.3.1)
+      rails-dom-testing (>= 1, < 3)
+      railties (>= 4.2.0)
+      thor (>= 0.14, < 2.0)
+    listen (3.1.5)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+      ruby_dep (~> 1.2)
+    loofah (2.2.2)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.0)
+      mini_mime (>= 0.1.1)
+    method_source (0.9.0)
+    mini_mime (1.0.0)
+    mini_portile2 (2.3.0)
+    minitest (5.11.3)
+    multi_json (1.13.1)
+    multi_xml (0.6.0)
+    nio4r (2.3.0)
+    nokogiri (1.8.2)
+      mini_portile2 (~> 2.3.0)
+    onelogin (1.0.4)
+      httparty (>= 0.13.7)
+      nokogiri (>= 1.6.3.1)
+    public_suffix (3.0.2)
+    puma (3.11.3)
+    rack (2.0.4)
+    rack-test (0.8.3)
+      rack (>= 1.0, < 3)
+    rails (5.1.5)
+      actioncable (= 5.1.5)
+      actionmailer (= 5.1.5)
+      actionpack (= 5.1.5)
+      actionview (= 5.1.5)
+      activejob (= 5.1.5)
+      activemodel (= 5.1.5)
+      activerecord (= 5.1.5)
+      activesupport (= 5.1.5)
+      bundler (>= 1.3.0)
+      railties (= 5.1.5)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
+    railties (5.1.5)
+      actionpack (= 5.1.5)
+      activesupport (= 5.1.5)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (12.3.1)
+    rb-fsevent (0.10.3)
+    rb-inotify (0.9.10)
+      ffi (>= 0.5.0, < 2)
+    ruby_dep (1.5.0)
+    rubyzip (1.2.1)
+    sass (3.5.5)
+      sass-listen (~> 4.0.0)
+    sass-listen (4.0.0)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+    sass-rails (5.0.7)
+      railties (>= 4.0.0, < 6)
+      sass (~> 3.1)
+      sprockets (>= 2.8, < 4.0)
+      sprockets-rails (>= 2.0, < 4.0)
+      tilt (>= 1.1, < 3)
+    selenium-webdriver (3.11.0)
+      childprocess (~> 0.5)
+      rubyzip (~> 1.2)
+    spring (2.0.2)
+      activesupport (>= 4.2)
+    spring-watcher-listen (2.0.1)
+      listen (>= 2.7, < 4.0)
+      spring (>= 1.2, < 3.0)
+    sprockets (3.7.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.3.13)
+    thor (0.20.0)
+    thread_safe (0.3.6)
+    tilt (2.0.8)
+    turbolinks (5.1.0)
+      turbolinks-source (~> 5.1)
+    turbolinks-source (5.1.0)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    uglifier (4.1.8)
+      execjs (>= 0.3.0, < 3)
+    web-console (3.5.1)
+      actionview (>= 5.0)
+      activemodel (>= 5.0)
+      bindex (>= 0.4.0)
+      railties (>= 5.0)
+    websocket-driver (0.6.5)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.3)
+    xpath (3.0.0)
+      nokogiri (~> 1.8)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  byebug
+  capybara (~> 2.13)
+  coffee-rails (~> 4.2)
+  jbuilder (~> 2.5)
+  jquery-rails
+  listen (>= 3.0.5, < 3.2)
+  onelogin (~> 1.0.4)
+  puma (~> 3.7)
+  rails (~> 5.1.4)
+  sass-rails (~> 5.0)
+  selenium-webdriver
+  spring
+  spring-watcher-listen (~> 2.0.0)
+  sqlite3
+  turbolinks (~> 5)
+  tzinfo-data
+  uglifier (>= 1.3.0)
+  web-console (>= 3.3.0)
+BUNDLED WITH
+   1.16.1

data/examples/rails-custom-login-page/README.md ADDED Viewed

@@ -0,0 +1,104 @@
+# Customized Login Page
+This sample is a default [Ruby on Rails 5](http://rubyonrails.org/) app that makes use of the OneLogin ruby sdk for authenticating users.
+It is the recommended approach when building a customized login flow where you want complete control
+over the look &amp; feel.
+The downside to this approach is that you have to implement MFA and password resets etc yourself. However we do have the APIs for these actions available and have demonstrated how to use them in this app.
+![Custom Login](https://s3.amazonaws.com/onelogin-screenshots/dev_site/images/custom-login-os.gif)
+If you want a standards based, out of the box way to authenticate users then we recommend you use [our OpenId Connect implementation](https://github.com/onelogin/onelogin-oidc-ruby).
+## Get Started
+The sample tries to keep everything as simple as possible so only
+implements
+* Login - Authenticate users in a single request to OneLogin with out any redirects
+* MFA - Does MFA verification if required
+* User Apps - List apps available to a user and provides SSO links
+* User Roles - Lists a users roles
+* Logout - destroying the local session and revoking the token at OneLogin
+In order to run this sample you need API credentials for a OneLogin account. If you don't have a OneLogin developer account [you can sign up here](https://www.onelogin.com/developer-signup).
+1. Clone this repo
+```sh
+git clone https://github.com/onelogin/onelogin-ruby-sdk.git
+```
+2. Move to the rails example and install the required gems
+```sh
+cd onelogin-ruby-sdk/examples/rails-custom-login-page && bundle install
+```
+3. Rename `config/secrets.yml.sample` to `config/secrets.yml` and update with your OneLogin API credentials, region and subdomain.
+```yaml
+development:
+  secret_key_base: xxx
+  ONELOGIN_CLIENT_ID: xxx
+  ONELOGIN_CLIENT_SECRET: xxx
+  ONELOGIN_REGION: us
+  ONELOGIN_SUBDOMAIN: xxx
+```
+4. Run the sample and browse to `http://localhost:3000`
+```sh
+rails s
+```
+The `/dashboard` route renders a protected page to prove the authentication works and creates a session. You will need to be authenticated to view it. If you are not authenticate you will be redirected back to the login page.
+### Authenticate the user
+*helpers/sessions_helper.rb*
+```ruby
+response = api_client.create_session_login_token({
+    'username_or_email' => username,
+    'password' => password,
+    'subdomain' => ONELOGIN_SUBDOMAIN,
+  },
+  request.base_url # included for CORS session cookie request
+)
+```
+### Verify MFA
+*helpers/sessions_helper.rb*
+```ruby
+response = api_client.get_session_token_verified(
+  device_id,
+  session[:state_token],
+  otp_token,
+  request.base_url
+)
+```
+### Destroy the session
+*helpers/sessions_helper.rb*
+```ruby
+api_client.log_user_out(current_user_id)
+session.delete(:user)
+```
+### Make CORS request to establish SSO session
+Using the `session_token` returned from the `session_controller` after a new login or successful MFA verification.
+*views/home/index.html.erb*
+```javascript
+function makeCors(session_token) {
+  var xhr = new XMLHttpRequest();
+  xhr.withCredentials = true;
+  method = "POST";
+  var url = "https://" + ONELOGIN_SUBDOMAIN + ".onelogin.com/session_via_api_token";
+  xhr.open(method, url, true);
+  xhr.setRequestHeader("Content-Type", "application/json");
+  body = {"session_token": session_token};
+  xhr.send(JSON.stringify(body));
+};
+```

data/examples/rails-custom-login-page/Rakefile ADDED Viewed

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+require_relative 'config/application'
+Rails.application.load_tasks

data/examples/rails-custom-login-page/app/assets/config/manifest.js ADDED Viewed

@@ -0,0 +1,3 @@
+//= link_tree ../images
+//= link_directory ../javascripts .js
+//= link_directory ../stylesheets .css

data/examples/rails-custom-login-page/app/assets/images/.keep ADDED Viewed

File without changes

data/examples/rails-custom-login-page/app/assets/javascripts/application.js ADDED Viewed

@@ -0,0 +1,18 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, or any plugin's
+// vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file. JavaScript code in this file should be added after the last require_* statement.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require rails-ujs
+//= require turbolinks
+//= require_tree .
+//= require jquery
+//= require jquery_ujs

data/examples/rails-custom-login-page/app/assets/javascripts/cable.js ADDED Viewed

@@ -0,0 +1,13 @@
+// Action Cable provides the framework to deal with WebSockets in Rails.
+// You can generate new channels where WebSocket features live using the `rails generate channel` command.
+//
+//= require action_cable
+//= require_self
+//= require_tree ./channels
+(function() {
+  this.App || (this.App = {});
+  App.cable = ActionCable.createConsumer();
+}).call(this);

data/examples/rails-custom-login-page/app/assets/javascripts/channels/.keep ADDED Viewed

File without changes

data/examples/rails-custom-login-page/app/assets/javascripts/dashboard.coffee ADDED Viewed

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

data/examples/rails-custom-login-page/app/assets/javascripts/home.coffee ADDED Viewed

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

data/examples/rails-custom-login-page/app/assets/javascripts/sessions.coffee ADDED Viewed

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

data/examples/rails-custom-login-page/app/assets/stylesheets/application.css ADDED Viewed

@@ -0,0 +1,63 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, or any plugin's
+ * vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */
+body {
+  padding: 20px;
+  font-family: Arial, Helvetica, sans-serif
+}
+.alert, .error {
+  color: red;
+  text-align: center;
+}
+.row {
+  padding: 5px 0px;
+}
+.row span {
+  display: inline-block;
+  font-weight: bold;
+}
+.login-form, .mfa-form {
+  width: 300px;
+  margin: 0 auto;
+  text-align: center;
+  padding: 50px;
+  background: green; /* For browsers that do not support gradients */
+  background: -webkit-linear-gradient(left, orange , yellow, green, cyan, blue, violet); /* For Safari 5.1 to 6.0 */
+  background: -o-linear-gradient(right, orange, yellow, green, cyan, blue, violet); /* For Opera 11.1 to 12.0 */
+  background: -moz-linear-gradient(right, orange, yellow, green, cyan, blue, violet); /* For Firefox 3.6 to 15 */
+  background: linear-gradient(to right, orange , yellow, green, cyan, blue, violet); /* Standard syntax (must be last) */
+}
+.login-form input, .mfa-form input {
+  width: 90%;
+  padding: 5px;
+  margin: 5px;
+}
+.login-form h1, .mfa-form h1 {
+  color: #fff;
+}
+.login-footer {
+  width: 300px;
+  margin: 50px auto;
+  text-align: center;
+}

data/examples/rails-custom-login-page/app/assets/stylesheets/dashboard.scss ADDED Viewed

@@ -0,0 +1,3 @@
+// Place all the styles related to the Dashboard controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

data/examples/rails-custom-login-page/app/assets/stylesheets/home.scss ADDED Viewed

@@ -0,0 +1,3 @@
+// Place all the styles related to the Home controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

data/examples/rails-custom-login-page/app/assets/stylesheets/sessions.scss ADDED Viewed

@@ -0,0 +1,3 @@
+// Place all the styles related to the Sessions controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

data/examples/rails-custom-login-page/app/channels/application_cable/channel.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module ApplicationCable
+  class Channel < ActionCable::Channel::Base
+  end
+end

data/examples/rails-custom-login-page/app/channels/application_cable/connection.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+  end
+end

data/examples/rails-custom-login-page/app/controllers/application_controller.rb ADDED Viewed

@@ -0,0 +1,23 @@
+require 'onelogin'
+class ApplicationController < ActionController::Base
+  protect_from_forgery with: :exception
+  include SessionsHelper
+  def require_current_user
+    if current_user
+      return true
+    else
+      redirect_to root_url, error: "Please sign in."
+      return false
+    end
+  end
+  def api_client
+    @api_client ||= OneLogin::Api::Client.new(
+      client_id: ONELOGIN_CLIENT_ID,
+      client_secret: ONELOGIN_CLIENT_SECRET,
+      region: ONELOGIN_REGION
+    )
+  end
+end

data/examples/rails-custom-login-page/app/controllers/concerns/.keep ADDED Viewed

File without changes

data/examples/rails-custom-login-page/app/controllers/dashboard_controller.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class DashboardController < ApplicationController
+  include DashboardHelper
+  before_action :require_current_user
+  def index
+    @apps = user_apps
+    @roles = user_roles
+  end
+end

data/examples/rails-custom-login-page/app/controllers/home_controller.rb ADDED Viewed

@@ -0,0 +1,4 @@
+class HomeController < ApplicationController
+  def index
+  end
+end

data/examples/rails-custom-login-page/app/controllers/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class SessionsController < ApplicationController
+  def new
+    response = log_in(params['username'], params['password'])
+    status = response ? :ok : :unauthorized
+    render json: response, status: status
+  end
+  def verify
+    response = verify_mfa(params['device_id'], params['otp_token'])
+    status = response ? :ok : :unauthorized
+    render json: response, status: status
+  end
+  def destroy
+    log_out
+    redirect_to root_url
+  end
+end

data/examples/rails-custom-login-page/app/helpers/application_helper.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ module ApplicationHelper
2	+ end