quo_vadis 1.3.2 → 2.0.1

data/test/models/recovery_code_test.rb

@@ -0,0 +1,54 @@
+require 'test_helper'
+
+class RecoveryCodeTest < ActiveSupport::TestCase
+
+  setup do
+    @user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    @rc = QuoVadis::RecoveryCode.new(account: @user.qv_account).tap &:save!
+  end
+
+
+  test 'code can be retrieved initially' do
+    assert_equal 11, @rc.code.length
+  end
+
+
+  test 'code does not change' do
+    code = @rc.code
+    @rc.valid?
+    assert_equal code, @rc.code
+  end
+
+
+  test 'code not available after finding' do
+    rc = QuoVadis::RecoveryCode.find @rc.id
+    assert_nil rc.code
+  end
+
+
+  test 'authenticate' do
+    code = @rc.code
+    refute @rc.authenticate_code 'wrong'
+    assert @rc.authenticate_code code
+  end
+
+
+  test 'recovery code is destroyed after successful use' do
+    code = @rc.code
+    assert @rc.authenticate_code code
+    assert @rc.destroyed?
+  end
+
+  test 'generate a fresh set of codes' do
+    account = @user.qv_account
+    codes = []
+    assert_difference 'QuoVadis::RecoveryCode.count', 5 do
+      codes = account.generate_recovery_codes
+    end
+    assert_equal 5, codes.length
+    codes.each do |code|
+      assert_instance_of String, code
+    end
+  end
+
+end

data/test/models/session_test.rb

@@ -0,0 +1,67 @@
+require 'test_helper'
+
+class SessionTest < ActiveSupport::TestCase
+
+  test 'expired?' do
+    refute QuoVadis::Session.new.expired?
+    assert QuoVadis::Session.new(lifetime_expires_at: 1.day.ago).expired?
+    refute QuoVadis::Session.new(lifetime_expires_at: 1.day.from_now).expired?
+
+    QuoVadis.session_idle_timeout 5.minutes
+    refute QuoVadis::Session.new(lifetime_expires_at: 1.day.from_now, last_seen_at: 1.minute.ago).expired?
+    assert QuoVadis::Session.new(lifetime_expires_at: 1.day.from_now, last_seen_at: 10.minutes.ago).expired?
+  end
+
+
+  test 'logout_other_sessions' do
+    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    account = user.qv_account
+    s0 = account.sessions.create! ip: 'ip', user_agent: 'useragent'
+    s1 = account.sessions.create! ip: 'ip', user_agent: 'useragent'
+
+    s0.logout_other_sessions
+
+    refute s0.destroyed?
+    assert s1.destroyed?
+  end
+
+
+  test 'reset authenticated with second factor' do
+    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    account = user.qv_account
+    session = account.sessions.create! ip: 'ip', user_agent: 'useragent'
+
+    refute session.second_factor_authenticated?
+    session.authenticated_with_second_factor
+    assert session.second_factor_authenticated?
+    session.reset_authenticated_with_second_factor
+    refute session.second_factor_authenticated?
+  end
+
+
+  test 'replace' do
+    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    account = user.qv_account
+
+    session = account.sessions.create! ip: 'ip', user_agent: 'useragent'
+    sess = session.replace
+
+    assert_instance_of QuoVadis::Session, sess
+    assert session.destroyed?
+    refute_equal session.id, sess.id
+
+    refute_includes account.sessions, session
+    assert_includes account.sessions, sess
+
+    session
+      .attributes
+      .reject { |name, _| %w[id created_at created_on updated_at updated_on].include? name }
+      .each do |name, value|
+        if value.nil?
+          assert_nil sess.send(name)
+        else
+          assert_equal value, sess.send(name)
+        end
+      end
+  end
+end

data/test/models/token_test.rb

@@ -0,0 +1,70 @@
+require 'test_helper'
+
+class TokenTest < ActiveSupport::TestCase
+
+  setup do
+    u = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    @account = u.qv_account
+  end
+
+
+  test 'account confirmation' do
+    token = QuoVadis::AccountConfirmationToken.generate @account
+    assert_match /^\d+-\d+--\h+$/, token
+    assert_equal @account, QuoVadis::AccountConfirmationToken.find_account(token)
+  end
+
+  test 'account confirmation expired' do
+    token = QuoVadis::AccountConfirmationToken.generate @account
+    travel QuoVadis.account_confirmation_token_lifetime + 1.second
+    assert_nil QuoVadis::AccountConfirmationToken.find_account(token)
+  end
+
+  test 'account confirmation already done' do
+    token = QuoVadis::AccountConfirmationToken.generate @account
+    @account.confirmed!
+    assert_nil QuoVadis::AccountConfirmationToken.find_account(token)
+  end
+
+  test 'account confirmation token tampered with' do
+    assert_nil QuoVadis::AccountConfirmationToken.find_account(nil)
+    assert_nil QuoVadis::AccountConfirmationToken.find_account('')
+    assert_nil QuoVadis::AccountConfirmationToken.find_account('asdf')
+
+    token = QuoVadis::AccountConfirmationToken.generate @account
+    id, expires_at, hash = token.match(/^(\d+)-(\d+)--(\h+)$/).captures
+    fake_token = "#{id}-#{expires_at.to_i + 1}--#{hash}"
+    assert_nil QuoVadis::AccountConfirmationToken.find_account(fake_token)
+  end
+
+
+  test 'password reset' do
+    token = QuoVadis::PasswordResetToken.generate @account
+    assert_match /^\d+-\d+--\h+$/, token
+    assert_equal @account, QuoVadis::PasswordResetToken.find_account(token)
+  end
+
+  test 'password reset expired' do
+    token = QuoVadis::PasswordResetToken.generate @account
+    travel QuoVadis.password_reset_token_lifetime + 1.second
+    assert_nil QuoVadis::PasswordResetToken.find_account(token)
+  end
+
+  test 'password reset already done' do
+    token = QuoVadis::PasswordResetToken.generate @account
+    @account.password.update password: 'secretsecret'
+    assert_nil QuoVadis::PasswordResetToken.find_account(token)
+  end
+
+  test 'password reset token tampered with' do
+    assert_nil QuoVadis::PasswordResetToken.find_account(nil)
+    assert_nil QuoVadis::PasswordResetToken.find_account('')
+    assert_nil QuoVadis::PasswordResetToken.find_account('asdf')
+
+    token = QuoVadis::PasswordResetToken.generate @account
+    id, expires_at, hash = token.match(/^(\d+)-(\d+)--(\h+)$/).captures
+    fake_token = "#{id}-#{expires_at.to_i + 1}--#{hash}"
+    assert_nil QuoVadis::PasswordResetToken.find_account(fake_token)
+  end
+
+end

data/test/models/totp_test.rb

@@ -0,0 +1,68 @@
+require 'test_helper'
+
+class TotpTest < ActiveSupport::TestCase
+
+  test 'key changes for each new object' do
+    totp = QuoVadis::Totp.new
+    refute_empty totp.key
+
+    totp2 = QuoVadis::Totp.new
+    refute_empty totp2.key
+
+    refute_equal totp.key, totp2.key
+  end
+
+
+  test 'key is encrypted in database' do
+    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    totp = user.qv_account.create_totp last_used_at: 1.minute.ago
+    refute_equal totp.key, totp.read_attribute_before_type_cast(:key)
+  end
+
+
+  test 'validates provided hmac' do
+    totp = QuoVadis::Totp.new account: QuoVadis::Account.new
+    hmac = totp.hmac_key
+    assert totp.valid?
+
+    totp.provided_hmac_key = 'wrong'
+    refute totp.valid?
+    refute_empty totp.errors[:key]
+
+    totp.provided_hmac_key = hmac
+    assert totp.valid?
+  end
+
+
+  test 'verify' do
+    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+
+    qv_totp = QuoVadis::Totp.new account: user.qv_account
+    totp = ROTP::TOTP.new qv_totp.key
+
+    otp = totp.now
+
+    assert qv_totp.verify otp  # one time
+    refute qv_totp.verify otp
+
+    travel 30.seconds
+    otp2 = totp.now
+    refute_equal otp, otp2
+    assert qv_totp.verify otp2
+  end
+
+
+  test 'reused?' do
+    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+
+    qv_totp = QuoVadis::Totp.new account: user.qv_account
+    totp = ROTP::TOTP.new qv_totp.key
+
+    otp = totp.now
+
+    assert qv_totp.verify otp  # one time
+    refute qv_totp.verify otp
+    assert qv_totp.reused? otp
+  end
+
+end

data/test/quo_vadis_test.rb

@@ -1,7 +1,43 @@
-require 'test_helper'
+require "test_helper"
 
 class QuoVadisTest < ActiveSupport::TestCase
-  test 'Sanity test' do
-    assert_kind_of Module, QuoVadis
+
+  def test_that_it_has_a_version_number
+    assert QuoVadis::VERSION
+  end
+
+
+  test 'translate' do
+    assert_equal 'Welcome back!', QuoVadis.translate('flash.login.success')
+    assert_equal 'You have 3 recovery codes left.', QuoVadis.translate('flash.recovery_code.success', count: 3)
+    assert_nil QuoVadis.translate('does_not_exist')
+  end
+
+
+  test 'identifier' do
+    assert_equal :email, QuoVadis.identifier('User')
+  end
+
+
+  test 'humanise_identifier' do
+    assert_equal 'Email', QuoVadis.humanise_identifier('User')
   end
+
+
+  test 'identifiers' do
+    assert_equal [:username, :email], QuoVadis.send(:identifiers)
+  end
+
+
+  test 'detect_identifier' do
+    assert_equal 'email', QuoVadis.send(:detect_identifier, ['foo', 'email', 'commit'])
+  end
+
+
+  test 'find_account_by_identifier_in_params' do
+    u = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    assert_equal u.qv_account,
+      QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => 'bob@example.com', 'commit' => 'Save'})
+  end
+
 end

data/test/test_helper.rb

@@ -1,88 +1,58 @@
-# Configure Rails Envinronment
 ENV["RAILS_ENV"] = "test"
 
-require File.expand_path("../dummy/config/environment.rb",  __FILE__)
+require_relative "../test/dummy/config/environment"
+ActiveRecord::Migrator.migrations_paths = [File.expand_path("../test/dummy/db/migrate", __dir__)]
+ActiveRecord::Migrator.migrations_paths << File.expand_path('../db/migrate', __dir__)
 require "rails/test_help"
 
-ActionMailer::Base.delivery_method = :test
-ActionMailer::Base.perform_deliveries = true
-ActionMailer::Base.default_url_options[:host] = "www.example.com"
+require 'capybara/rails'
+require 'capybara/minitest'
 
-Rails.backtrace_cleaner.remove_silencers!
-
-# Configure capybara for integration testing
-require "capybara/rails"
-Capybara.default_driver   = :rack_test
-Capybara.default_selector = :css
-
-# Run any available migration
-ActiveRecord::Migrator.migrate File.expand_path("../dummy/db/migrate/", __FILE__)
-
-# Load support files
-Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
-
-#
-# Common methods
+# integration tests or system tests?
 #
+# system ones use a real browser and can therefore test css layout and js
+# but integration ones are faster
+class IntegrationTest < ActionDispatch::IntegrationTest
+  # include Capybara::DSL
+  # include Capybara::Minitest::Assertions
 
-def sign_in_as(username, password)
-  visit sign_in_path
-  fill_in 'username', :with => username
-  fill_in 'password', :with => password
-  click_button 'Sign in'
-end
+  # include QuoVadis::Engine.routes.url_helpers
 
-def submit_forgotten_details(username)
-  visit forgotten_sign_in_path
-  fill_in 'username', :with => username
-  click_button 'Send me that email'
-end
-
-def user_factory(name, username, password, email = nil)
-  User.create! :name => name, :username => username, :password => password, :email => email
-end
-
-def person_factory(name, username, password, email = nil)
-  Person.create! :name => name, :username => username, :password => password, :email => email
-end
+  # setup do
+  #   @routes = QuoVadis::Engine.routes
+  # end
 
-def reset_quo_vadis_configuration
-  QuoVadis.signed_in_url         = :root
-  QuoVadis.cookie_domain         = :all
-  QuoVadis.override_original_url = false
-  QuoVadis.signed_out_url        = :root
-  QuoVadis.signed_in_hook        = nil
-  QuoVadis.failed_sign_in_hook   = nil
-  QuoVadis.signed_out_hook       = nil
-  QuoVadis.layout                = 'application'
-  QuoVadis.from                  = 'noreply@example.com'
-  QuoVadis.subject_change_password = 'Change your password'
-  QuoVadis.subject_invitation    = 'Activate your account'
-  QuoVadis.remember_for          = 2.weeks
-  QuoVadis.blocked               = false
-end
+  teardown do
+    Capybara.reset_session!
+    Capybara.use_default_driver
+  end
 
+  # https://philna.sh/blog/2020/01/15/test-signed-cookies-in-rails
+  #
+  # ActionDispatch::IntegrationTest's `cookies` is a Rack::Test::CookieJar
+  # not an ActionDispatch::Cookies::CookieJar, and doesn't have the #encrypted
+  # or #signed methods.  So construct an ActionDispatch cookie jar.
+  def jar(_session = nil)
+    _request, _cookies = if _session
+                           [_session.request, _session.cookies]
+                         else
+                           [@request, cookies]
+                         end
+
+    ActionDispatch::Cookies::CookieJar.build(_request, _cookies.to_hash)
+  end
 
-#
-# Code below from https://github.com/nruth/show_me_the_cookies
-#
 
-def delete_cookie(cookie_name)
-  cookie_jar.instance_variable_get(:@cookies).reject! do |existing_cookie|
-    existing_cookie.name.downcase == cookie_name
-  end
-end
+  def assert_session_replaced(&block)
+    id = jar.encrypted[QuoVadis.cookie_name]
 
-def get_cookie(cookie_name)
-  cookie_jar.instance_variable_get(:@cookies).select do |existing_cookie|
-    existing_cookie.name.downcase == cookie_name
-  end.first
-end
+    yield
 
-def cookie_jar
-  Capybara.current_session.driver.browser.current_session.instance_variable_get(:@rack_mock_session).cookie_jar
-end
+    _id = jar.encrypted[QuoVadis.cookie_name]
 
-def close_browser
-  delete_cookie Rails.application.config.session_options[:key]
+    refute_equal id, _id
+    refute QuoVadis::Session.exists? id
+    assert QuoVadis::Session.exists? _id
+    assert controller.logged_in?
+  end
 end

metadata

@@ -1,106 +1,72 @@
 --- !ruby/object:Gem::Specification
 name: quo_vadis
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 2.0.1
 platform: ruby
 authors:
 - Andy Stewart
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-07-22 00:00:00.000000000 Z
+date: 2021-05-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">"
-      - !ruby/object:Gem::Version
-        version: 3.0.4
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">"
-      - !ruby/object:Gem::Version
-        version: 3.0.4
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '6'
 - !ruby/object:Gem::Dependency
-  name: bcrypt-ruby
+  name: bcrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 3.1.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 3.1.7
 - !ruby/object:Gem::Dependency
-  name: sqlite3-ruby
+  name: rotp
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+        version: '6'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6'
 - !ruby/object:Gem::Dependency
-  name: capybara
+  name: rqrcode
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
-  type: :development
+        version: '2.0'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
-- !ruby/object:Gem::Dependency
-  name: launchy
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-description: Simple username/password authentication for Rails 3.
+        version: '2.0'
+description:
 email:
 - boss@airbladesoftware.com
 executables: []
@@ -110,100 +76,139 @@ files:
 - ".gitignore"
 - CHANGELOG.md
 - Gemfile
+- LICENSE.txt
 - README.md
 - Rakefile
-- app/controllers/controller_mixin.rb
+- app/controllers/quo_vadis/confirmations_controller.rb
+- app/controllers/quo_vadis/logs_controller.rb
+- app/controllers/quo_vadis/password_resets_controller.rb
+- app/controllers/quo_vadis/passwords_controller.rb
+- app/controllers/quo_vadis/recovery_codes_controller.rb
 - app/controllers/quo_vadis/sessions_controller.rb
-- app/mailers/quo_vadis/notifier.rb
-- app/models/model_mixin.rb
+- app/controllers/quo_vadis/totps_controller.rb
+- app/controllers/quo_vadis/twofas_controller.rb
+- app/mailers/quo_vadis/mailer.rb
+- app/models/quo_vadis/account.rb
+- app/models/quo_vadis/account_confirmation_token.rb
+- app/models/quo_vadis/log.rb
+- app/models/quo_vadis/password.rb
+- app/models/quo_vadis/password_reset_token.rb
+- app/models/quo_vadis/recovery_code.rb
+- app/models/quo_vadis/session.rb
+- app/models/quo_vadis/token.rb
+- app/models/quo_vadis/totp.rb
+- bin/console
+- bin/rails
+- bin/setup
 - config/locales/quo_vadis.en.yml
 - config/routes.rb
+- db/migrate/202102150904_setup.rb
 - lib/generators/quo_vadis/install_generator.rb
-- lib/generators/quo_vadis/templates/migration.rb.erb
-- lib/generators/quo_vadis/templates/quo_vadis.rb.erb
 - lib/quo_vadis.rb
+- lib/quo_vadis/controller.rb
+- lib/quo_vadis/crypt.rb
+- lib/quo_vadis/current_request_details.rb
+- lib/quo_vadis/defaults.rb
+- lib/quo_vadis/encrypted_type.rb
 - lib/quo_vadis/engine.rb
+- lib/quo_vadis/hmacable.rb
+- lib/quo_vadis/ip_masking.rb
+- lib/quo_vadis/model.rb
 - lib/quo_vadis/version.rb
 - quo_vadis.gemspec
-- test/dummy/.gitignore
+- test/dummy/README.markdown
 - test/dummy/Rakefile
 - test/dummy/app/controllers/application_controller.rb
 - test/dummy/app/controllers/articles_controller.rb
+- test/dummy/app/controllers/sign_ups_controller.rb
 - test/dummy/app/controllers/users_controller.rb
-- test/dummy/app/helpers/application_helper.rb
-- test/dummy/app/helpers/articles_helper.rb
+- test/dummy/app/models/application_record.rb
 - test/dummy/app/models/article.rb
 - test/dummy/app/models/person.rb
 - test/dummy/app/models/user.rb
+- test/dummy/app/views/articles/also_secret.html.erb
 - test/dummy/app/views/articles/index.html.erb
-- test/dummy/app/views/articles/new.html.erb
+- test/dummy/app/views/articles/secret.html.erb
+- test/dummy/app/views/articles/very_secret.html.erb
 - test/dummy/app/views/layouts/application.html.erb
-- test/dummy/app/views/layouts/sessions.html.erb
-- test/dummy/app/views/quo_vadis/notifier/change_password.text.erb
-- test/dummy/app/views/quo_vadis/notifier/invite.text.erb
-- test/dummy/app/views/sessions/edit.html.erb
-- test/dummy/app/views/sessions/forgotten.html.erb
-- test/dummy/app/views/sessions/invite.html.erb
-- test/dummy/app/views/sessions/new.html.erb
+- test/dummy/app/views/quo_vadis/confirmations/edit.html.erb
+- test/dummy/app/views/quo_vadis/confirmations/index.html.erb
+- test/dummy/app/views/quo_vadis/confirmations/new.html.erb
+- test/dummy/app/views/quo_vadis/logs/index.html.erb
+- test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb
+- test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb
+- test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb
+- test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb
+- test/dummy/app/views/quo_vadis/password_resets/edit.html.erb
+- test/dummy/app/views/quo_vadis/password_resets/index.html.erb
+- test/dummy/app/views/quo_vadis/password_resets/new.html.erb
+- test/dummy/app/views/quo_vadis/passwords/edit.html.erb
+- test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb
+- test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb
+- test/dummy/app/views/quo_vadis/sessions/index.html.erb
+- test/dummy/app/views/quo_vadis/sessions/new.html.erb
+- test/dummy/app/views/quo_vadis/totps/challenge.html.erb
+- test/dummy/app/views/quo_vadis/totps/new.html.erb
+- test/dummy/app/views/quo_vadis/twofas/show.html.erb
+- test/dummy/app/views/sign_ups/new.html.erb
+- test/dummy/app/views/sign_ups/show.html.erb
 - test/dummy/app/views/users/new.html.erb
 - test/dummy/config.ru
 - test/dummy/config/application.rb
 - test/dummy/config/boot.rb
 - test/dummy/config/database.yml
 - test/dummy/config/environment.rb
-- test/dummy/config/environments/development.rb
-- test/dummy/config/environments/production.rb
-- test/dummy/config/environments/test.rb
-- test/dummy/config/initializers/backtrace_silencers.rb
-- test/dummy/config/initializers/inflections.rb
-- test/dummy/config/initializers/mime_types.rb
 - test/dummy/config/initializers/quo_vadis.rb
-- test/dummy/config/initializers/rack_patch.rb
-- test/dummy/config/initializers/secret_token.rb
-- test/dummy/config/initializers/session_store.rb
-- test/dummy/config/locales/en.yml
-- test/dummy/config/locales/quo_vadis.en.yml
 - test/dummy/config/routes.rb
-- test/dummy/db/migrate/20110124125037_create_users.rb
-- test/dummy/db/migrate/20110124131535_create_articles.rb
-- test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb
-- test/dummy/db/migrate/20111004112209_create_people.rb
-- test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb
+- test/dummy/db/migrate/202102121932_create_users.rb
+- test/dummy/db/migrate/202102121935_create_people.rb
 - test/dummy/db/schema.rb
-- test/dummy/public/404.html
-- test/dummy/public/422.html
-- test/dummy/public/500.html
 - test/dummy/public/favicon.ico
-- test/dummy/public/javascripts/application.js
-- test/dummy/public/javascripts/controls.js
-- test/dummy/public/javascripts/dragdrop.js
-- test/dummy/public/javascripts/effects.js
-- test/dummy/public/javascripts/prototype.js
-- test/dummy/public/javascripts/rails.js
-- test/dummy/public/stylesheets/.gitkeep
-- test/dummy/script/rails
-- test/integration/activation_test.rb
-- test/integration/authenticate_test.rb
-- test/integration/blocked_test.rb
-- test/integration/config_test.rb
-- test/integration/cookie_test.rb
-- test/integration/csrf_test.rb
-- test/integration/forgotten_test.rb
-- test/integration/helper_test.rb
-- test/integration/locale_test.rb
-- test/integration/navigation_test.rb
-- test/integration/sign_in_person_test.rb
-- test/integration/sign_in_test.rb
-- test/integration/sign_out_test.rb
+- test/fixtures/quo_vadis/mailer/account_confirmation.text
+- test/fixtures/quo_vadis/mailer/email_change_notification.text
+- test/fixtures/quo_vadis/mailer/identifier_change_notification.text
+- test/fixtures/quo_vadis/mailer/password_change_notification.text
+- test/fixtures/quo_vadis/mailer/password_reset_notification.text
+- test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text
+- test/fixtures/quo_vadis/mailer/reset_password.text
+- test/fixtures/quo_vadis/mailer/totp_reuse_notification.text
+- test/fixtures/quo_vadis/mailer/totp_setup_notification.text
+- test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text
+- test/integration/account_confirmation_test.rb
+- test/integration/controller_test.rb
+- test/integration/logging_test.rb
+- test/integration/password_change_test.rb
+- test/integration/password_login_test.rb
+- test/integration/password_reset_test.rb
+- test/integration/recovery_codes_test.rb
+- test/integration/sessions_test.rb
 - test/integration/sign_up_test.rb
+- test/integration/totps_test.rb
+- test/integration/twofa_test.rb
+- test/mailers/mailer_test.rb
+- test/models/account_test.rb
+- test/models/crypt_test.rb
+- test/models/log_test.rb
+- test/models/mask_ip_test.rb
+- test/models/model_test.rb
+- test/models/password_test.rb
+- test/models/recovery_code_test.rb
+- test/models/session_test.rb
+- test/models/token_test.rb
+- test/models/totp_test.rb
 - test/quo_vadis_test.rb
-- test/support/integration_case.rb
 - test/test_helper.rb
-- test/unit/user_test.rb
 homepage: https://github.com/airblade/quo_vadis
-licenses: []
+licenses:
+- MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -218,84 +223,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: quo_vadis
-rubygems_version: 2.2.2
-signing_key: 
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
-summary: Simple username/password authentication for Rails 3.
-test_files:
-- test/dummy/.gitignore
-- test/dummy/Rakefile
-- test/dummy/app/controllers/application_controller.rb
-- test/dummy/app/controllers/articles_controller.rb
-- test/dummy/app/controllers/users_controller.rb
-- test/dummy/app/helpers/application_helper.rb
-- test/dummy/app/helpers/articles_helper.rb
-- test/dummy/app/models/article.rb
-- test/dummy/app/models/person.rb
-- test/dummy/app/models/user.rb
-- test/dummy/app/views/articles/index.html.erb
-- test/dummy/app/views/articles/new.html.erb
-- test/dummy/app/views/layouts/application.html.erb
-- test/dummy/app/views/layouts/sessions.html.erb
-- test/dummy/app/views/quo_vadis/notifier/change_password.text.erb
-- test/dummy/app/views/quo_vadis/notifier/invite.text.erb
-- test/dummy/app/views/sessions/edit.html.erb
-- test/dummy/app/views/sessions/forgotten.html.erb
-- test/dummy/app/views/sessions/invite.html.erb
-- test/dummy/app/views/sessions/new.html.erb
-- test/dummy/app/views/users/new.html.erb
-- test/dummy/config.ru
-- test/dummy/config/application.rb
-- test/dummy/config/boot.rb
-- test/dummy/config/database.yml
-- test/dummy/config/environment.rb
-- test/dummy/config/environments/development.rb
-- test/dummy/config/environments/production.rb
-- test/dummy/config/environments/test.rb
-- test/dummy/config/initializers/backtrace_silencers.rb
-- test/dummy/config/initializers/inflections.rb
-- test/dummy/config/initializers/mime_types.rb
-- test/dummy/config/initializers/quo_vadis.rb
-- test/dummy/config/initializers/rack_patch.rb
-- test/dummy/config/initializers/secret_token.rb
-- test/dummy/config/initializers/session_store.rb
-- test/dummy/config/locales/en.yml
-- test/dummy/config/locales/quo_vadis.en.yml
-- test/dummy/config/routes.rb
-- test/dummy/db/migrate/20110124125037_create_users.rb
-- test/dummy/db/migrate/20110124131535_create_articles.rb
-- test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb
-- test/dummy/db/migrate/20111004112209_create_people.rb
-- test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb
-- test/dummy/db/schema.rb
-- test/dummy/public/404.html
-- test/dummy/public/422.html
-- test/dummy/public/500.html
-- test/dummy/public/favicon.ico
-- test/dummy/public/javascripts/application.js
-- test/dummy/public/javascripts/controls.js
-- test/dummy/public/javascripts/dragdrop.js
-- test/dummy/public/javascripts/effects.js
-- test/dummy/public/javascripts/prototype.js
-- test/dummy/public/javascripts/rails.js
-- test/dummy/public/stylesheets/.gitkeep
-- test/dummy/script/rails
-- test/integration/activation_test.rb
-- test/integration/authenticate_test.rb
-- test/integration/blocked_test.rb
-- test/integration/config_test.rb
-- test/integration/cookie_test.rb
-- test/integration/csrf_test.rb
-- test/integration/forgotten_test.rb
-- test/integration/helper_test.rb
-- test/integration/locale_test.rb
-- test/integration/navigation_test.rb
-- test/integration/sign_in_person_test.rb
-- test/integration/sign_in_test.rb
-- test/integration/sign_out_test.rb
-- test/integration/sign_up_test.rb
-- test/quo_vadis_test.rb
-- test/support/integration_case.rb
-- test/test_helper.rb
-- test/unit/user_test.rb
+summary: Multifactor authentication for Rails 6.
+test_files: []