quo_vadis 1.4.0 → 2.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (191) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +11 -7
  3. data/CHANGELOG.md +22 -0
  4. data/Gemfile +11 -1
  5. data/LICENSE.txt +21 -0
  6. data/README.md +453 -127
  7. data/Rakefile +15 -9
  8. data/app/controllers/quo_vadis/confirmations_controller.rb +102 -0
  9. data/app/controllers/quo_vadis/logs_controller.rb +20 -0
  10. data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
  11. data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
  12. data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
  13. data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
  14. data/app/controllers/quo_vadis/totps_controller.rb +72 -0
  15. data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
  16. data/app/mailers/quo_vadis/mailer.rb +73 -0
  17. data/app/models/quo_vadis/account.rb +59 -0
  18. data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
  19. data/app/models/quo_vadis/log.rb +57 -0
  20. data/app/models/quo_vadis/password.rb +52 -0
  21. data/app/models/quo_vadis/password_reset_token.rb +17 -0
  22. data/app/models/quo_vadis/recovery_code.rb +26 -0
  23. data/app/models/quo_vadis/session.rb +55 -0
  24. data/app/models/quo_vadis/token.rb +42 -0
  25. data/app/models/quo_vadis/totp.rb +56 -0
  26. data/bin/console +15 -0
  27. data/bin/rails +21 -0
  28. data/bin/setup +8 -0
  29. data/config/locales/quo_vadis.en.yml +50 -23
  30. data/config/routes.rb +46 -12
  31. data/db/migrate/202102150904_setup.rb +48 -0
  32. data/lib/generators/quo_vadis/install_generator.rb +4 -23
  33. data/lib/quo_vadis.rb +103 -97
  34. data/lib/quo_vadis/controller.rb +228 -0
  35. data/lib/quo_vadis/crypt.rb +43 -0
  36. data/lib/quo_vadis/current_request_details.rb +11 -0
  37. data/lib/quo_vadis/defaults.rb +18 -0
  38. data/lib/quo_vadis/encrypted_type.rb +17 -0
  39. data/lib/quo_vadis/engine.rb +9 -11
  40. data/lib/quo_vadis/hmacable.rb +26 -0
  41. data/lib/quo_vadis/ip_masking.rb +31 -0
  42. data/lib/quo_vadis/model.rb +86 -0
  43. data/lib/quo_vadis/version.rb +3 -1
  44. data/quo_vadis.gemspec +20 -25
  45. data/test/dummy/README.markdown +1 -0
  46. data/test/dummy/Rakefile +2 -6
  47. data/test/dummy/app/controllers/application_controller.rb +0 -1
  48. data/test/dummy/app/controllers/articles_controller.rb +8 -11
  49. data/test/dummy/app/controllers/sign_ups_controller.rb +42 -0
  50. data/test/dummy/app/controllers/users_controller.rb +13 -5
  51. data/test/dummy/app/models/application_record.rb +3 -0
  52. data/test/dummy/app/models/article.rb +2 -1
  53. data/test/dummy/app/models/person.rb +5 -2
  54. data/test/dummy/app/models/user.rb +4 -1
  55. data/test/dummy/app/views/articles/also_secret.html.erb +1 -0
  56. data/test/dummy/app/views/articles/index.html.erb +1 -1
  57. data/test/dummy/app/views/articles/secret.html.erb +1 -0
  58. data/test/dummy/app/views/articles/very_secret.html.erb +2 -0
  59. data/test/dummy/app/views/layouts/application.html.erb +41 -25
  60. data/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb +10 -0
  61. data/test/dummy/app/views/quo_vadis/confirmations/edit_email.html.erb +14 -0
  62. data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb +14 -0
  63. data/test/dummy/app/views/quo_vadis/confirmations/new.html.erb +16 -0
  64. data/test/dummy/app/views/quo_vadis/logs/index.html.erb +28 -0
  65. data/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb +4 -0
  66. data/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb +8 -0
  67. data/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb +8 -0
  68. data/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb +8 -0
  69. data/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb +8 -0
  70. data/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb +8 -0
  71. data/test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb +4 -0
  72. data/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb +6 -0
  73. data/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb +8 -0
  74. data/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb +8 -0
  75. data/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb +25 -0
  76. data/test/dummy/app/views/quo_vadis/password_resets/index.html.erb +5 -0
  77. data/test/dummy/app/views/quo_vadis/password_resets/new.html.erb +12 -0
  78. data/test/dummy/app/views/quo_vadis/passwords/edit.html.erb +30 -0
  79. data/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb +11 -0
  80. data/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb +25 -0
  81. data/test/dummy/app/views/quo_vadis/sessions/index.html.erb +26 -0
  82. data/test/dummy/app/views/quo_vadis/sessions/new.html.erb +24 -0
  83. data/test/dummy/app/views/quo_vadis/totps/challenge.html.erb +11 -0
  84. data/test/dummy/app/views/quo_vadis/totps/new.html.erb +17 -0
  85. data/test/dummy/app/views/quo_vadis/twofas/show.html.erb +20 -0
  86. data/test/dummy/app/views/sign_ups/new.html.erb +37 -0
  87. data/test/dummy/app/views/sign_ups/show.html.erb +5 -0
  88. data/test/dummy/app/views/users/new.html.erb +32 -9
  89. data/test/dummy/config.ru +6 -3
  90. data/test/dummy/config/application.rb +18 -9
  91. data/test/dummy/config/boot.rb +3 -9
  92. data/test/dummy/config/database.yml +2 -14
  93. data/test/dummy/config/environment.rb +2 -3
  94. data/test/dummy/config/initializers/quo_vadis.rb +5 -75
  95. data/test/dummy/config/routes.rb +11 -3
  96. data/test/dummy/db/migrate/202102121932_create_users.rb +10 -0
  97. data/test/dummy/db/migrate/202102121935_create_people.rb +10 -0
  98. data/test/dummy/db/schema.rb +80 -21
  99. data/test/fixtures/quo_vadis/mailer/account_confirmation.text +4 -0
  100. data/test/fixtures/quo_vadis/mailer/email_change_notification.text +8 -0
  101. data/test/fixtures/quo_vadis/mailer/identifier_change_notification.text +8 -0
  102. data/test/fixtures/quo_vadis/mailer/password_change_notification.text +8 -0
  103. data/test/fixtures/quo_vadis/mailer/password_reset_notification.text +8 -0
  104. data/test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text +8 -0
  105. data/test/fixtures/quo_vadis/mailer/reset_password.text +4 -0
  106. data/test/fixtures/quo_vadis/mailer/totp_reuse_notification.text +6 -0
  107. data/test/fixtures/quo_vadis/mailer/totp_setup_notification.text +8 -0
  108. data/test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text +8 -0
  109. data/test/integration/account_confirmation_test.rb +145 -0
  110. data/test/integration/controller_test.rb +280 -0
  111. data/test/integration/logging_test.rb +235 -0
  112. data/test/integration/password_change_test.rb +93 -0
  113. data/test/integration/password_login_test.rb +125 -0
  114. data/test/integration/password_reset_test.rb +136 -0
  115. data/test/integration/recovery_codes_test.rb +48 -0
  116. data/test/integration/sessions_test.rb +86 -0
  117. data/test/integration/sign_up_test.rb +26 -12
  118. data/test/integration/totps_test.rb +96 -0
  119. data/test/integration/twofa_test.rb +82 -0
  120. data/test/mailers/mailer_test.rb +200 -0
  121. data/test/models/account_test.rb +34 -0
  122. data/test/models/crypt_test.rb +22 -0
  123. data/test/models/log_test.rb +16 -0
  124. data/test/models/mask_ip_test.rb +27 -0
  125. data/test/models/model_test.rb +66 -0
  126. data/test/models/password_test.rb +163 -0
  127. data/test/models/recovery_code_test.rb +54 -0
  128. data/test/models/session_test.rb +67 -0
  129. data/test/models/token_test.rb +70 -0
  130. data/test/models/totp_test.rb +68 -0
  131. data/test/quo_vadis_test.rb +39 -3
  132. data/test/test_helper.rb +42 -70
  133. metadata +123 -207
  134. data/app/controllers/controller_mixin.rb +0 -109
  135. data/app/mailers/quo_vadis/notifier.rb +0 -30
  136. data/app/models/model_mixin.rb +0 -128
  137. data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
  138. data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
  139. data/test/dummy/.gitignore +0 -2
  140. data/test/dummy/app/helpers/application_helper.rb +0 -2
  141. data/test/dummy/app/helpers/articles_helper.rb +0 -2
  142. data/test/dummy/app/views/articles/new.html.erb +0 -11
  143. data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
  144. data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
  145. data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
  146. data/test/dummy/app/views/sessions/edit.html.erb +0 -11
  147. data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
  148. data/test/dummy/app/views/sessions/invite.html.erb +0 -31
  149. data/test/dummy/app/views/sessions/new.html.erb +0 -15
  150. data/test/dummy/config/environments/development.rb +0 -26
  151. data/test/dummy/config/environments/production.rb +0 -49
  152. data/test/dummy/config/environments/test.rb +0 -37
  153. data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
  154. data/test/dummy/config/initializers/inflections.rb +0 -10
  155. data/test/dummy/config/initializers/mime_types.rb +0 -5
  156. data/test/dummy/config/initializers/rack_patch.rb +0 -16
  157. data/test/dummy/config/initializers/secret_token.rb +0 -7
  158. data/test/dummy/config/initializers/session_store.rb +0 -8
  159. data/test/dummy/config/locales/en.yml +0 -5
  160. data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
  161. data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
  162. data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
  163. data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
  164. data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
  165. data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
  166. data/test/dummy/public/404.html +0 -26
  167. data/test/dummy/public/422.html +0 -26
  168. data/test/dummy/public/500.html +0 -26
  169. data/test/dummy/public/javascripts/application.js +0 -2
  170. data/test/dummy/public/javascripts/controls.js +0 -965
  171. data/test/dummy/public/javascripts/dragdrop.js +0 -974
  172. data/test/dummy/public/javascripts/effects.js +0 -1123
  173. data/test/dummy/public/javascripts/prototype.js +0 -6001
  174. data/test/dummy/public/javascripts/rails.js +0 -175
  175. data/test/dummy/public/stylesheets/.gitkeep +0 -0
  176. data/test/dummy/script/rails +0 -6
  177. data/test/integration/activation_test.rb +0 -108
  178. data/test/integration/authenticate_test.rb +0 -39
  179. data/test/integration/blocked_test.rb +0 -23
  180. data/test/integration/config_test.rb +0 -118
  181. data/test/integration/cookie_test.rb +0 -67
  182. data/test/integration/csrf_test.rb +0 -41
  183. data/test/integration/forgotten_test.rb +0 -93
  184. data/test/integration/helper_test.rb +0 -18
  185. data/test/integration/locale_test.rb +0 -197
  186. data/test/integration/navigation_test.rb +0 -7
  187. data/test/integration/sign_in_person_test.rb +0 -26
  188. data/test/integration/sign_in_test.rb +0 -24
  189. data/test/integration/sign_out_test.rb +0 -20
  190. data/test/support/integration_case.rb +0 -11
  191. data/test/unit/user_test.rb +0 -75
@@ -0,0 +1,68 @@
1
+ require 'test_helper'
2
+
3
+ class TotpTest < ActiveSupport::TestCase
4
+
5
+ test 'key changes for each new object' do
6
+ totp = QuoVadis::Totp.new
7
+ refute_empty totp.key
8
+
9
+ totp2 = QuoVadis::Totp.new
10
+ refute_empty totp2.key
11
+
12
+ refute_equal totp.key, totp2.key
13
+ end
14
+
15
+
16
+ test 'key is encrypted in database' do
17
+ user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
18
+ totp = user.qv_account.create_totp last_used_at: 1.minute.ago
19
+ refute_equal totp.key, totp.read_attribute_before_type_cast(:key)
20
+ end
21
+
22
+
23
+ test 'validates provided hmac' do
24
+ totp = QuoVadis::Totp.new account: QuoVadis::Account.new
25
+ hmac = totp.hmac_key
26
+ assert totp.valid?
27
+
28
+ totp.provided_hmac_key = 'wrong'
29
+ refute totp.valid?
30
+ refute_empty totp.errors[:key]
31
+
32
+ totp.provided_hmac_key = hmac
33
+ assert totp.valid?
34
+ end
35
+
36
+
37
+ test 'verify' do
38
+ user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
39
+
40
+ qv_totp = QuoVadis::Totp.new account: user.qv_account
41
+ totp = ROTP::TOTP.new qv_totp.key
42
+
43
+ otp = totp.now
44
+
45
+ assert qv_totp.verify otp # one time
46
+ refute qv_totp.verify otp
47
+
48
+ travel 30.seconds
49
+ otp2 = totp.now
50
+ refute_equal otp, otp2
51
+ assert qv_totp.verify otp2
52
+ end
53
+
54
+
55
+ test 'reused?' do
56
+ user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
57
+
58
+ qv_totp = QuoVadis::Totp.new account: user.qv_account
59
+ totp = ROTP::TOTP.new qv_totp.key
60
+
61
+ otp = totp.now
62
+
63
+ assert qv_totp.verify otp # one time
64
+ refute qv_totp.verify otp
65
+ assert qv_totp.reused? otp
66
+ end
67
+
68
+ end
@@ -1,7 +1,43 @@
1
- require 'test_helper'
1
+ require "test_helper"
2
2
 
3
3
  class QuoVadisTest < ActiveSupport::TestCase
4
- test 'Sanity test' do
5
- assert_kind_of Module, QuoVadis
4
+
5
+ def test_that_it_has_a_version_number
6
+ assert QuoVadis::VERSION
7
+ end
8
+
9
+
10
+ test 'translate' do
11
+ assert_equal 'Welcome back!', QuoVadis.translate('flash.login.success')
12
+ assert_equal 'You have 3 recovery codes left.', QuoVadis.translate('flash.recovery_code.success', count: 3)
13
+ assert_nil QuoVadis.translate('does_not_exist')
14
+ end
15
+
16
+
17
+ test 'identifier' do
18
+ assert_equal :email, QuoVadis.identifier('User')
19
+ end
20
+
21
+
22
+ test 'humanise_identifier' do
23
+ assert_equal 'Email', QuoVadis.humanise_identifier('User')
6
24
  end
25
+
26
+
27
+ test 'identifiers' do
28
+ assert_equal [:username, :email], QuoVadis.send(:identifiers)
29
+ end
30
+
31
+
32
+ test 'detect_identifier' do
33
+ assert_equal 'email', QuoVadis.send(:detect_identifier, ['foo', 'email', 'commit'])
34
+ end
35
+
36
+
37
+ test 'find_account_by_identifier_in_params' do
38
+ u = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
39
+ assert_equal u.qv_account,
40
+ QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => 'bob@example.com', 'commit' => 'Save'})
41
+ end
42
+
7
43
  end
data/test/test_helper.rb CHANGED
@@ -1,86 +1,58 @@
1
- # Configure Rails Envinronment
2
1
  ENV["RAILS_ENV"] = "test"
3
2
 
4
- require File.expand_path("../dummy/config/environment.rb", __FILE__)
3
+ require_relative "../test/dummy/config/environment"
4
+ ActiveRecord::Migrator.migrations_paths = [File.expand_path("../test/dummy/db/migrate", __dir__)]
5
+ ActiveRecord::Migrator.migrations_paths << File.expand_path('../db/migrate', __dir__)
5
6
  require "rails/test_help"
6
7
 
7
- ActionMailer::Base.delivery_method = :test
8
- ActionMailer::Base.perform_deliveries = true
9
- ActionMailer::Base.default_url_options[:host] = "www.example.com"
8
+ require 'capybara/rails'
9
+ require 'capybara/minitest'
10
10
 
11
- Rails.backtrace_cleaner.remove_silencers!
12
-
13
- # Configure capybara for integration testing
14
- require "capybara/rails"
15
- Capybara.default_driver = :rack_test
16
- Capybara.default_selector = :css
17
-
18
- # Run any available migration
19
- ActiveRecord::Migrator.migrate File.expand_path("../dummy/db/migrate/", __FILE__)
20
-
21
- # Load support files
22
- Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
23
-
24
- #
25
- # Common methods
11
+ # integration tests or system tests?
26
12
  #
13
+ # system ones use a real browser and can therefore test css layout and js
14
+ # but integration ones are faster
15
+ class IntegrationTest < ActionDispatch::IntegrationTest
16
+ # include Capybara::DSL
17
+ # include Capybara::Minitest::Assertions
27
18
 
28
- def sign_in_as(username, password)
29
- visit sign_in_path
30
- fill_in 'username', :with => username
31
- fill_in 'password', :with => password
32
- click_button 'Sign in'
33
- end
19
+ # include QuoVadis::Engine.routes.url_helpers
34
20
 
35
- def submit_forgotten_details(username)
36
- visit forgotten_sign_in_path
37
- fill_in 'username', :with => username
38
- click_button 'Send me that email'
39
- end
40
-
41
- def user_factory(name, username, password, email = nil)
42
- User.create! :name => name, :username => username, :password => password, :email => email
43
- end
44
-
45
- def person_factory(name, username, password, email = nil)
46
- Person.create! :name => name, :username => username, :password => password, :email => email
47
- end
21
+ # setup do
22
+ # @routes = QuoVadis::Engine.routes
23
+ # end
48
24
 
49
- def reset_quo_vadis_configuration
50
- QuoVadis.signed_in_url = :root
51
- QuoVadis.cookie_domain = :all
52
- QuoVadis.override_original_url = false
53
- QuoVadis.signed_out_url = :root
54
- QuoVadis.signed_in_hook = nil
55
- QuoVadis.failed_sign_in_hook = nil
56
- QuoVadis.signed_out_hook = nil
57
- QuoVadis.layout = 'application'
58
- QuoVadis.from = 'noreply@example.com'
59
- QuoVadis.remember_for = 2.weeks
60
- QuoVadis.blocked = false
61
- end
25
+ teardown do
26
+ Capybara.reset_session!
27
+ Capybara.use_default_driver
28
+ end
62
29
 
30
+ # https://philna.sh/blog/2020/01/15/test-signed-cookies-in-rails
31
+ #
32
+ # ActionDispatch::IntegrationTest's `cookies` is a Rack::Test::CookieJar
33
+ # not an ActionDispatch::Cookies::CookieJar, and doesn't have the #encrypted
34
+ # or #signed methods. So construct an ActionDispatch cookie jar.
35
+ def jar(_session = nil)
36
+ _request, _cookies = if _session
37
+ [_session.request, _session.cookies]
38
+ else
39
+ [@request, cookies]
40
+ end
41
+
42
+ ActionDispatch::Cookies::CookieJar.build(_request, _cookies.to_hash)
43
+ end
63
44
 
64
- #
65
- # Code below from https://github.com/nruth/show_me_the_cookies
66
- #
67
45
 
68
- def delete_cookie(cookie_name)
69
- cookie_jar.instance_variable_get(:@cookies).reject! do |existing_cookie|
70
- existing_cookie.name.downcase == cookie_name
71
- end
72
- end
46
+ def assert_session_replaced(&block)
47
+ id = jar.encrypted[QuoVadis.cookie_name]
73
48
 
74
- def get_cookie(cookie_name)
75
- cookie_jar.instance_variable_get(:@cookies).select do |existing_cookie|
76
- existing_cookie.name.downcase == cookie_name
77
- end.first
78
- end
49
+ yield
79
50
 
80
- def cookie_jar
81
- Capybara.current_session.driver.browser.current_session.instance_variable_get(:@rack_mock_session).cookie_jar
82
- end
51
+ _id = jar.encrypted[QuoVadis.cookie_name]
83
52
 
84
- def close_browser
85
- delete_cookie Rails.application.config.session_options[:key]
53
+ refute_equal id, _id
54
+ refute QuoVadis::Session.exists? id
55
+ assert QuoVadis::Session.exists? _id
56
+ assert controller.logged_in?
57
+ end
86
58
  end
metadata CHANGED
@@ -1,120 +1,72 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: quo_vadis
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0
4
+ version: 2.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andy Stewart
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-10-12 00:00:00.000000000 Z
11
+ date: 2021-05-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - ">"
18
- - !ruby/object:Gem::Version
19
- version: 3.0.4
20
- - - "<"
21
- - !ruby/object:Gem::Version
22
- version: '5'
23
- type: :runtime
24
- prerelease: false
25
- version_requirements: !ruby/object:Gem::Requirement
26
- requirements:
27
- - - ">"
28
- - !ruby/object:Gem::Version
29
- version: 3.0.4
30
- - - "<"
31
- - !ruby/object:Gem::Version
32
- version: '5'
33
- - !ruby/object:Gem::Dependency
34
- name: bcrypt-ruby
35
- requirement: !ruby/object:Gem::Requirement
36
- requirements:
37
- - - "~>"
38
- - !ruby/object:Gem::Version
39
- version: 3.0.0
40
- type: :runtime
41
- prerelease: false
42
- version_requirements: !ruby/object:Gem::Requirement
43
- requirements:
44
- - - "~>"
45
- - !ruby/object:Gem::Version
46
- version: 3.0.0
47
- - !ruby/object:Gem::Dependency
48
- name: sqlite3
49
15
  requirement: !ruby/object:Gem::Requirement
50
16
  requirements:
51
17
  - - ">="
52
18
  - !ruby/object:Gem::Version
53
- version: '0'
54
- type: :development
19
+ version: '6'
20
+ type: :runtime
55
21
  prerelease: false
56
22
  version_requirements: !ruby/object:Gem::Requirement
57
23
  requirements:
58
24
  - - ">="
59
25
  - !ruby/object:Gem::Version
60
- version: '0'
26
+ version: '6'
61
27
  - !ruby/object:Gem::Dependency
62
- name: capybara
28
+ name: bcrypt
63
29
  requirement: !ruby/object:Gem::Requirement
64
30
  requirements:
65
31
  - - "~>"
66
32
  - !ruby/object:Gem::Version
67
- version: '1.1'
68
- type: :development
33
+ version: 3.1.7
34
+ type: :runtime
69
35
  prerelease: false
70
36
  version_requirements: !ruby/object:Gem::Requirement
71
37
  requirements:
72
38
  - - "~>"
73
39
  - !ruby/object:Gem::Version
74
- version: '1.1'
75
- - !ruby/object:Gem::Dependency
76
- name: launchy
77
- requirement: !ruby/object:Gem::Requirement
78
- requirements:
79
- - - ">="
80
- - !ruby/object:Gem::Version
81
- version: '0'
82
- type: :development
83
- prerelease: false
84
- version_requirements: !ruby/object:Gem::Requirement
85
- requirements:
86
- - - ">="
87
- - !ruby/object:Gem::Version
88
- version: '0'
40
+ version: 3.1.7
89
41
  - !ruby/object:Gem::Dependency
90
- name: rake
42
+ name: rotp
91
43
  requirement: !ruby/object:Gem::Requirement
92
44
  requirements:
93
45
  - - ">="
94
46
  - !ruby/object:Gem::Version
95
- version: '0'
96
- type: :development
47
+ version: '6'
48
+ type: :runtime
97
49
  prerelease: false
98
50
  version_requirements: !ruby/object:Gem::Requirement
99
51
  requirements:
100
52
  - - ">="
101
53
  - !ruby/object:Gem::Version
102
- version: '0'
54
+ version: '6'
103
55
  - !ruby/object:Gem::Dependency
104
- name: test-unit
56
+ name: rqrcode
105
57
  requirement: !ruby/object:Gem::Requirement
106
58
  requirements:
107
59
  - - "~>"
108
60
  - !ruby/object:Gem::Version
109
- version: '3.0'
110
- type: :development
61
+ version: '2.0'
62
+ type: :runtime
111
63
  prerelease: false
112
64
  version_requirements: !ruby/object:Gem::Requirement
113
65
  requirements:
114
66
  - - "~>"
115
67
  - !ruby/object:Gem::Version
116
- version: '3.0'
117
- description: Simple username/password authentication for Rails 3.
68
+ version: '2.0'
69
+ description:
118
70
  email:
119
71
  - boss@airbladesoftware.com
120
72
  executables: []
@@ -124,100 +76,140 @@ files:
124
76
  - ".gitignore"
125
77
  - CHANGELOG.md
126
78
  - Gemfile
79
+ - LICENSE.txt
127
80
  - README.md
128
81
  - Rakefile
129
- - app/controllers/controller_mixin.rb
82
+ - app/controllers/quo_vadis/confirmations_controller.rb
83
+ - app/controllers/quo_vadis/logs_controller.rb
84
+ - app/controllers/quo_vadis/password_resets_controller.rb
85
+ - app/controllers/quo_vadis/passwords_controller.rb
86
+ - app/controllers/quo_vadis/recovery_codes_controller.rb
130
87
  - app/controllers/quo_vadis/sessions_controller.rb
131
- - app/mailers/quo_vadis/notifier.rb
132
- - app/models/model_mixin.rb
88
+ - app/controllers/quo_vadis/totps_controller.rb
89
+ - app/controllers/quo_vadis/twofas_controller.rb
90
+ - app/mailers/quo_vadis/mailer.rb
91
+ - app/models/quo_vadis/account.rb
92
+ - app/models/quo_vadis/account_confirmation_token.rb
93
+ - app/models/quo_vadis/log.rb
94
+ - app/models/quo_vadis/password.rb
95
+ - app/models/quo_vadis/password_reset_token.rb
96
+ - app/models/quo_vadis/recovery_code.rb
97
+ - app/models/quo_vadis/session.rb
98
+ - app/models/quo_vadis/token.rb
99
+ - app/models/quo_vadis/totp.rb
100
+ - bin/console
101
+ - bin/rails
102
+ - bin/setup
133
103
  - config/locales/quo_vadis.en.yml
134
104
  - config/routes.rb
105
+ - db/migrate/202102150904_setup.rb
135
106
  - lib/generators/quo_vadis/install_generator.rb
136
- - lib/generators/quo_vadis/templates/migration.rb.erb
137
- - lib/generators/quo_vadis/templates/quo_vadis.rb.erb
138
107
  - lib/quo_vadis.rb
108
+ - lib/quo_vadis/controller.rb
109
+ - lib/quo_vadis/crypt.rb
110
+ - lib/quo_vadis/current_request_details.rb
111
+ - lib/quo_vadis/defaults.rb
112
+ - lib/quo_vadis/encrypted_type.rb
139
113
  - lib/quo_vadis/engine.rb
114
+ - lib/quo_vadis/hmacable.rb
115
+ - lib/quo_vadis/ip_masking.rb
116
+ - lib/quo_vadis/model.rb
140
117
  - lib/quo_vadis/version.rb
141
118
  - quo_vadis.gemspec
142
- - test/dummy/.gitignore
119
+ - test/dummy/README.markdown
143
120
  - test/dummy/Rakefile
144
121
  - test/dummy/app/controllers/application_controller.rb
145
122
  - test/dummy/app/controllers/articles_controller.rb
123
+ - test/dummy/app/controllers/sign_ups_controller.rb
146
124
  - test/dummy/app/controllers/users_controller.rb
147
- - test/dummy/app/helpers/application_helper.rb
148
- - test/dummy/app/helpers/articles_helper.rb
125
+ - test/dummy/app/models/application_record.rb
149
126
  - test/dummy/app/models/article.rb
150
127
  - test/dummy/app/models/person.rb
151
128
  - test/dummy/app/models/user.rb
129
+ - test/dummy/app/views/articles/also_secret.html.erb
152
130
  - test/dummy/app/views/articles/index.html.erb
153
- - test/dummy/app/views/articles/new.html.erb
131
+ - test/dummy/app/views/articles/secret.html.erb
132
+ - test/dummy/app/views/articles/very_secret.html.erb
154
133
  - test/dummy/app/views/layouts/application.html.erb
155
- - test/dummy/app/views/layouts/sessions.html.erb
156
- - test/dummy/app/views/quo_vadis/notifier/change_password.text.erb
157
- - test/dummy/app/views/quo_vadis/notifier/invite.text.erb
158
- - test/dummy/app/views/sessions/edit.html.erb
159
- - test/dummy/app/views/sessions/forgotten.html.erb
160
- - test/dummy/app/views/sessions/invite.html.erb
161
- - test/dummy/app/views/sessions/new.html.erb
134
+ - test/dummy/app/views/quo_vadis/confirmations/edit.html.erb
135
+ - test/dummy/app/views/quo_vadis/confirmations/edit_email.html.erb
136
+ - test/dummy/app/views/quo_vadis/confirmations/index.html.erb
137
+ - test/dummy/app/views/quo_vadis/confirmations/new.html.erb
138
+ - test/dummy/app/views/quo_vadis/logs/index.html.erb
139
+ - test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb
140
+ - test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb
141
+ - test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb
142
+ - test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb
143
+ - test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb
144
+ - test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb
145
+ - test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb
146
+ - test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb
147
+ - test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb
148
+ - test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb
149
+ - test/dummy/app/views/quo_vadis/password_resets/edit.html.erb
150
+ - test/dummy/app/views/quo_vadis/password_resets/index.html.erb
151
+ - test/dummy/app/views/quo_vadis/password_resets/new.html.erb
152
+ - test/dummy/app/views/quo_vadis/passwords/edit.html.erb
153
+ - test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb
154
+ - test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb
155
+ - test/dummy/app/views/quo_vadis/sessions/index.html.erb
156
+ - test/dummy/app/views/quo_vadis/sessions/new.html.erb
157
+ - test/dummy/app/views/quo_vadis/totps/challenge.html.erb
158
+ - test/dummy/app/views/quo_vadis/totps/new.html.erb
159
+ - test/dummy/app/views/quo_vadis/twofas/show.html.erb
160
+ - test/dummy/app/views/sign_ups/new.html.erb
161
+ - test/dummy/app/views/sign_ups/show.html.erb
162
162
  - test/dummy/app/views/users/new.html.erb
163
163
  - test/dummy/config.ru
164
164
  - test/dummy/config/application.rb
165
165
  - test/dummy/config/boot.rb
166
166
  - test/dummy/config/database.yml
167
167
  - test/dummy/config/environment.rb
168
- - test/dummy/config/environments/development.rb
169
- - test/dummy/config/environments/production.rb
170
- - test/dummy/config/environments/test.rb
171
- - test/dummy/config/initializers/backtrace_silencers.rb
172
- - test/dummy/config/initializers/inflections.rb
173
- - test/dummy/config/initializers/mime_types.rb
174
168
  - test/dummy/config/initializers/quo_vadis.rb
175
- - test/dummy/config/initializers/rack_patch.rb
176
- - test/dummy/config/initializers/secret_token.rb
177
- - test/dummy/config/initializers/session_store.rb
178
- - test/dummy/config/locales/en.yml
179
- - test/dummy/config/locales/quo_vadis.en.yml
180
169
  - test/dummy/config/routes.rb
181
- - test/dummy/db/migrate/20110124125037_create_users.rb
182
- - test/dummy/db/migrate/20110124131535_create_articles.rb
183
- - test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb
184
- - test/dummy/db/migrate/20111004112209_create_people.rb
185
- - test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb
170
+ - test/dummy/db/migrate/202102121932_create_users.rb
171
+ - test/dummy/db/migrate/202102121935_create_people.rb
186
172
  - test/dummy/db/schema.rb
187
- - test/dummy/public/404.html
188
- - test/dummy/public/422.html
189
- - test/dummy/public/500.html
190
173
  - test/dummy/public/favicon.ico
191
- - test/dummy/public/javascripts/application.js
192
- - test/dummy/public/javascripts/controls.js
193
- - test/dummy/public/javascripts/dragdrop.js
194
- - test/dummy/public/javascripts/effects.js
195
- - test/dummy/public/javascripts/prototype.js
196
- - test/dummy/public/javascripts/rails.js
197
- - test/dummy/public/stylesheets/.gitkeep
198
- - test/dummy/script/rails
199
- - test/integration/activation_test.rb
200
- - test/integration/authenticate_test.rb
201
- - test/integration/blocked_test.rb
202
- - test/integration/config_test.rb
203
- - test/integration/cookie_test.rb
204
- - test/integration/csrf_test.rb
205
- - test/integration/forgotten_test.rb
206
- - test/integration/helper_test.rb
207
- - test/integration/locale_test.rb
208
- - test/integration/navigation_test.rb
209
- - test/integration/sign_in_person_test.rb
210
- - test/integration/sign_in_test.rb
211
- - test/integration/sign_out_test.rb
174
+ - test/fixtures/quo_vadis/mailer/account_confirmation.text
175
+ - test/fixtures/quo_vadis/mailer/email_change_notification.text
176
+ - test/fixtures/quo_vadis/mailer/identifier_change_notification.text
177
+ - test/fixtures/quo_vadis/mailer/password_change_notification.text
178
+ - test/fixtures/quo_vadis/mailer/password_reset_notification.text
179
+ - test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text
180
+ - test/fixtures/quo_vadis/mailer/reset_password.text
181
+ - test/fixtures/quo_vadis/mailer/totp_reuse_notification.text
182
+ - test/fixtures/quo_vadis/mailer/totp_setup_notification.text
183
+ - test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text
184
+ - test/integration/account_confirmation_test.rb
185
+ - test/integration/controller_test.rb
186
+ - test/integration/logging_test.rb
187
+ - test/integration/password_change_test.rb
188
+ - test/integration/password_login_test.rb
189
+ - test/integration/password_reset_test.rb
190
+ - test/integration/recovery_codes_test.rb
191
+ - test/integration/sessions_test.rb
212
192
  - test/integration/sign_up_test.rb
193
+ - test/integration/totps_test.rb
194
+ - test/integration/twofa_test.rb
195
+ - test/mailers/mailer_test.rb
196
+ - test/models/account_test.rb
197
+ - test/models/crypt_test.rb
198
+ - test/models/log_test.rb
199
+ - test/models/mask_ip_test.rb
200
+ - test/models/model_test.rb
201
+ - test/models/password_test.rb
202
+ - test/models/recovery_code_test.rb
203
+ - test/models/session_test.rb
204
+ - test/models/token_test.rb
205
+ - test/models/totp_test.rb
213
206
  - test/quo_vadis_test.rb
214
- - test/support/integration_case.rb
215
207
  - test/test_helper.rb
216
- - test/unit/user_test.rb
217
208
  homepage: https://github.com/airblade/quo_vadis
218
- licenses: []
209
+ licenses:
210
+ - MIT
219
211
  metadata: {}
220
- post_install_message:
212
+ post_install_message:
221
213
  rdoc_options: []
222
214
  require_paths:
223
215
  - lib
@@ -232,84 +224,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
232
224
  - !ruby/object:Gem::Version
233
225
  version: '0'
234
226
  requirements: []
235
- rubyforge_project: quo_vadis
236
- rubygems_version: 2.5.1
237
- signing_key:
227
+ rubygems_version: 3.1.2
228
+ signing_key:
238
229
  specification_version: 4
239
- summary: Simple username/password authentication for Rails 3.
240
- test_files:
241
- - test/dummy/.gitignore
242
- - test/dummy/Rakefile
243
- - test/dummy/app/controllers/application_controller.rb
244
- - test/dummy/app/controllers/articles_controller.rb
245
- - test/dummy/app/controllers/users_controller.rb
246
- - test/dummy/app/helpers/application_helper.rb
247
- - test/dummy/app/helpers/articles_helper.rb
248
- - test/dummy/app/models/article.rb
249
- - test/dummy/app/models/person.rb
250
- - test/dummy/app/models/user.rb
251
- - test/dummy/app/views/articles/index.html.erb
252
- - test/dummy/app/views/articles/new.html.erb
253
- - test/dummy/app/views/layouts/application.html.erb
254
- - test/dummy/app/views/layouts/sessions.html.erb
255
- - test/dummy/app/views/quo_vadis/notifier/change_password.text.erb
256
- - test/dummy/app/views/quo_vadis/notifier/invite.text.erb
257
- - test/dummy/app/views/sessions/edit.html.erb
258
- - test/dummy/app/views/sessions/forgotten.html.erb
259
- - test/dummy/app/views/sessions/invite.html.erb
260
- - test/dummy/app/views/sessions/new.html.erb
261
- - test/dummy/app/views/users/new.html.erb
262
- - test/dummy/config.ru
263
- - test/dummy/config/application.rb
264
- - test/dummy/config/boot.rb
265
- - test/dummy/config/database.yml
266
- - test/dummy/config/environment.rb
267
- - test/dummy/config/environments/development.rb
268
- - test/dummy/config/environments/production.rb
269
- - test/dummy/config/environments/test.rb
270
- - test/dummy/config/initializers/backtrace_silencers.rb
271
- - test/dummy/config/initializers/inflections.rb
272
- - test/dummy/config/initializers/mime_types.rb
273
- - test/dummy/config/initializers/quo_vadis.rb
274
- - test/dummy/config/initializers/rack_patch.rb
275
- - test/dummy/config/initializers/secret_token.rb
276
- - test/dummy/config/initializers/session_store.rb
277
- - test/dummy/config/locales/en.yml
278
- - test/dummy/config/locales/quo_vadis.en.yml
279
- - test/dummy/config/routes.rb
280
- - test/dummy/db/migrate/20110124125037_create_users.rb
281
- - test/dummy/db/migrate/20110124131535_create_articles.rb
282
- - test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb
283
- - test/dummy/db/migrate/20111004112209_create_people.rb
284
- - test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb
285
- - test/dummy/db/schema.rb
286
- - test/dummy/public/404.html
287
- - test/dummy/public/422.html
288
- - test/dummy/public/500.html
289
- - test/dummy/public/favicon.ico
290
- - test/dummy/public/javascripts/application.js
291
- - test/dummy/public/javascripts/controls.js
292
- - test/dummy/public/javascripts/dragdrop.js
293
- - test/dummy/public/javascripts/effects.js
294
- - test/dummy/public/javascripts/prototype.js
295
- - test/dummy/public/javascripts/rails.js
296
- - test/dummy/public/stylesheets/.gitkeep
297
- - test/dummy/script/rails
298
- - test/integration/activation_test.rb
299
- - test/integration/authenticate_test.rb
300
- - test/integration/blocked_test.rb
301
- - test/integration/config_test.rb
302
- - test/integration/cookie_test.rb
303
- - test/integration/csrf_test.rb
304
- - test/integration/forgotten_test.rb
305
- - test/integration/helper_test.rb
306
- - test/integration/locale_test.rb
307
- - test/integration/navigation_test.rb
308
- - test/integration/sign_in_person_test.rb
309
- - test/integration/sign_in_test.rb
310
- - test/integration/sign_out_test.rb
311
- - test/integration/sign_up_test.rb
312
- - test/quo_vadis_test.rb
313
- - test/support/integration_case.rb
314
- - test/test_helper.rb
315
- - test/unit/user_test.rb
230
+ summary: Multifactor authentication for Rails 6.
231
+ test_files: []