quo_vadis 2.0.2 → 2.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aca902d10c618abd2c9c0461aac204236b4ef7565911aafb5bb12dfe1e3b25e1
-  data.tar.gz: 3417365d9ca59d5e17a1b28118d3c9ec439b77fb228da9968512786dd3797a12
+  metadata.gz: 707a011642d93c975b94f1c99c157decdec10c8138edf4e3b4dcf884438abac8
+  data.tar.gz: 8b5e4a2396909660b86ff6de1cee25dd574fe6ca1d10ccf1831c51381e61a2e4
 SHA512:
-  metadata.gz: 5ffdeced9bd86b0a64fe21f3491f3ad03cb2098f0687b663ab794c37e278383ad235df856d8a18bf8e73108d602661990992dd033cbc1358849b8824ac25aff6
-  data.tar.gz: 59c52478f7a5bc8ee0befe682ee520feec894c6fefe875cc84395e827ae62f9cbf5eb588862cf8eb3888b5b0ba102700b61f5d401156dc9eff893e05307d1787
+  metadata.gz: c1aa7cb7ee6c63886f3a8c322f98bb14ea54a4c997d74103e2f4db9f787c65fd3853eb8d771cc7b85c6ea99a1c1a92ee5a7c7db10b29f8d1d1d88f4682f3e8b7
+  data.tar.gz: 88f33eb05eafc2746bc8295f9606f441d99aa24edd422f9a800909008dca1eaded9800d86ec9dbe9b292449b7ec24b8458ec478257885d6f0ea0853ea6e2744c

data/CHANGELOG.md

@@ -4,6 +4,37 @@
 ## HEAD
 
 
+## 2.1.3 (30 September 2021)
+
+* Pass IP and timestamp as paramenters to mailer.
+
+
+## 2.1.2 (30 September 2021)
+
+* Delete existing recovery codes when generating new ones.
+
+
+## 2.1.1 (8 July 2021)
+
+* Remove unnecessary route names.
+* Add user revocation.
+* Ensure password is only updated via #change or #reset.
+* Move views into gem's app/views/ directory.
+
+
+## 2.1.0 (25 June 2021)
+
+* Do not require password on create.
+* Fix incorrect assignment of built association.
+* Add i18n translations for log actions.
+* Use model instance in change-password form.
+* Ensure password-reset flash notice not displayed when emailed link is clicked.
+* Use model instance in password-reset form.
+* Give no indication of unknown account on request of password reset email.
+* Use 422 status code for form submission error responses.
+* Make default cookie name depend on Rails environment.
+
+
 ## 2.0.2 (24 May 2021)
 
 * Account confirmation: enable updating of email address.

data/README.md

@@ -86,9 +86,9 @@ class Person < ApplicationRecord
 end
 ```
 
-When __creating__ a model instance, include a `:password` attribute and, optionally, `:password_confirmation` attribute.
+You can create and update your models as before.  When you want to set a password for the first time, just include `:password` and, optionally, `:password_confirmation` in the attributes to `#create` or `#update`.
 
-When __updating__ a model instance, do not include a `:password` attribute.  To change someone's password, use the Change Password feature (see below).
+If you want to change an existing password, use the Change Password feature (see below).  If you update a model (that already has a password) with a `:password` attribute, it will raise a `QuoVadis::PasswordExistsError`.
 
 The minimum password length is configured by `QuoVadis.password_minimum_length` (12 by default).
 
@@ -246,17 +246,19 @@ class UsersController < ApplicationController
 end
 ```
 
-QuoVadis will send the user an email with a link.  Write the email view ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb)).  It must be in `app/views/quo_vadis/mailer/account_confirmation.{text,html}.erb` and output the `@url` variable.
+QuoVadis will send the user an email with a link.  Write the email view ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/account_confirmation.text.erb)).  It must be in `app/views/quo_vadis/mailer/account_confirmation.{text,html}.erb` and output the `@url` variable.
 
 See the Configuration section below for how to set QuoVadis's emails' from addresses, headers, etc.
 
-Now write the page to where the user is redirected while they wait for the email ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/confirmations/index.html.erb)).  It must be in `app/views/quo_vadis/confirmations/index.html.:format`.
+Now write the page to where the user is redirected while they wait for the email ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/confirmations/index.html.erb)).  It must be in `app/views/quo_vadis/confirmations/index.html.:format`.
 
 On that page you can show the user the address the email was sent to, enable them to update their email address if they make a mistake on the sign-up form, and provide a button to resend another email directly.  If the sign-up occurred in a different browser session, you can instead link to `new_confirmation_path` where the user can request another email if need be.
 
-Next, write the page to which the link in the email points ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb)).  It must be in `app/views/quo_vadis/confirmations/edit.html.:format`.
+Next, write the page to which the link in the email points ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/confirmations/edit.html.erb)).  It must be in `app/views/quo_vadis/confirmations/edit.html.:format`.
 
-Finally, write the page where people can put in their identifier (not their email, unless the identifier is email) again to request another confirmation email ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/confirmations/new.html.erb)).  It must be in `app/views/quo_vadis/confirmations/new.html.:format`.
+Next, write the page where the user can amend their email address if they made a mistake when signing up ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/confirmations/edit_email.html.erb)).  It must be in `app/views/quo_vadis/confirmations/edit_email.html.:format`.
+
+Finally, write the page where people can put in their identifier (not their email, unless the identifier is email) again to request another confirmation email ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/confirmations/new.html.erb)).  It must be in `app/views/quo_vadis/confirmations/new.html.:format`.
 
 After the user has confirmed their account, they will be logged in and redirected to the first of these that exists:
 
@@ -270,7 +272,7 @@ So add whichever works best for you.
 
 Use `before_action :require_password_authentication` or `before_action :require_authentication` in your controllers.
 
-Write the login view ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/sessions/new.html.erb)).  Your login form must be in `app/views/quo_vadis/sessions/new.html.:format`.  Note it must capture the user's identifier (not email, unless the identifier is email).
+Write the login view ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/sessions/new.html.erb)).  Your login form must be in `app/views/quo_vadis/sessions/new.html.:format`.  Note it must capture the user's identifier (not email, unless the identifier is email).
 
 If you include a `remember` checkbox in your login form:
 
@@ -290,7 +292,7 @@ After authenticating the user will be redirected to the first of these that exis
 
 If you do not want 2FA at all, set `QuoVadis.two_factor_authentication_mandatory false` in your configuration and skip the rest of this section.
 
-If you do want 2FA, you can choose whether it is optional or mandatory for your users by setting `QuoVadis.two_factor_authentication_mandatory <true|false>` in your configuration.
+If you do want 2FA, you can choose whether it is mandatory or optional for your users by setting `QuoVadis.two_factor_authentication_mandatory <true|false>` in your configuration.
 
 Use `before_action :require_two_factor_authentication` in your controllers (which supersedes `:require_password_authentication`).  This will require the user, after authenticating with their password, to authenticate with 2FA – when 2FA is mandatory, or when it is optional and the user has set up 2FA.
 
@@ -310,22 +312,22 @@ In your views, have a link where users can manage their 2FA:
 link_to '2FA', quo_vadis.twofa_path
 ```
 
-Write the 2FA overview page ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/twofas/show.html.erb)).  It must be in `app/views/quo_vadis/twofas/show.html.:format`.  This page allows the user to set up 2FA, deactivate or reset it, and generate new recovery codes.
+Write the 2FA overview page ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/twofas/show.html.erb)).  It must be in `app/views/quo_vadis/twofas/show.html.:format`.  This page allows the user to set up 2FA, deactivate or reset it, and generate new recovery codes.
 
-Next, write the TOTP setup page ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/totps/new.html.erb)).  It must be in `app/views/quo_vadis/totps/new.html.:format`.  This page shows the user a QR code (and the key as text) which they scan with their authenticator.
+Next, write the TOTP setup page ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/totps/new.html.erb)).  It must be in `app/views/quo_vadis/totps/new.html.:format`.  This page shows the user a QR code (and the key as text) which they scan with their authenticator.
 
-Next, write the recovery codes page ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb)).  It must be in `app/views/quo_vadis/recovery_codes/index.html.:format`.  This shows the recovery codes immediately after TOTP is setup, and immediately after generating fresh recovery codes, but not otherwise.
+Next, write the recovery codes page ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/recovery_codes/index.html.erb)).  It must be in `app/views/quo_vadis/recovery_codes/index.html.:format`.  This shows the recovery codes immediately after TOTP is setup, and immediately after generating fresh recovery codes, but not otherwise.
 
-Next, write the TOTP challenge page where a user inputs their 6-digit TOTP ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/totps/challenge.html.erb)).  It must be in `app/views/quo_vadis/totps/challenge.html.:format`.  It's a good idea to link to the recovery code page (`challenge_recovery_codes_path`) for any user who has lost their authenticator.
+Next, write the TOTP challenge page where a user inputs their 6-digit TOTP ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/totps/challenge.html.erb)).  It must be in `app/views/quo_vadis/totps/challenge.html.:format`.  It's a good idea to link to the recovery code page (`challenge_recovery_codes_path`) for any user who has lost their authenticator.
 
-Finally, write the recovery code challenge page where a user inputs one of their recovery codes ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb)).  It must be in `app/views/quo_vadis/recovery_codes/challenge.html.:format`.  A recovery code can only be used once, and using one deactivates TOTP – so the user will have to set it up again next time.
+Finally, write the recovery code challenge page where a user inputs one of their recovery codes ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/recovery_codes/challenge.html.erb)).  It must be in `app/views/quo_vadis/recovery_codes/challenge.html.:format`.  A recovery code can only be used once, and using one deactivates TOTP – so the user will have to set it up again next time.
 
 
 ### Change password
 
 To change their password, the user must provide their current one as well as the new one.
 
-Write the change-password form ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/passwords/edit.html.erb)).  It must be in `app/views/quo_vadis/passwords/edit.html.:format`.
+Write the change-password form ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/passwords/edit.html.erb)).  It must be in `app/views/quo_vadis/passwords/edit.html.:format`.
 
 After the password has been changed, the user is redirected to the first of:
 
@@ -345,17 +347,17 @@ The user can reset their password if they lose it.  The flow is:
 4. [Password-reset confirmation page] The user enters their new password and clicks a button.
 5. QuoVadis sets the user's password and logs them in.
 
-First, write the page where the user requests a password-reset ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/password_resets/new.html.erb)).  It must be in `app/views/quo_vadis/password_resets/new.html.:format`.  Note it must capture the user's identifier (not email, unless the identifier is email).
+First, write the page where the user requests a password-reset ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/password_resets/new.html.erb)).  It must be in `app/views/quo_vadis/password_resets/new.html.:format`.  Note it must capture the user's identifier (not email, unless the identifier is email).
 
 See the Configuration section below for how to set QuoVadis's emails' from addresses, headers, etc.
 
-Now write the page to where the user is redirected while they wait for the email ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/password_resets/index.html.erb)).  It must be in `app/views/quo_vadis/password_resets/index.html.:format`.
+Now write the page to where the user is redirected while they wait for the email ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/password_resets/index.html.erb)).  It must be in `app/views/quo_vadis/password_resets/index.html.:format`.
 
 It's a good idea for that page to link to `new_password_reset_path` where the user can request another email if need be.
 
-Next, write the page to which the link in the email points ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb)).  It must be in `app/views/quo_vadis/password_resets/edit.html.:format`.
+Now write the email view ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/reset_password.text.erb)).  It must be in `app/views/quo_vadis/mailer/reset_password.{text,html}.erb` and output the `@url` variable.
 
-Finally, write the page where people can put in their identifier (not their email, unless the identifier is email) again to request another password-reset email ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/password_resets/new.html.erb)).  It must be in `app/views/quo_vadis/password_resets/new.html.:format`.
+Next, write the page to which the link in the email points ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/password_resets/edit.html.erb)).  It must be in `app/views/quo_vadis/password_resets/edit.html.:format`.
 
 After the user has reset their password, they will be logged in and redirected to the first of these that exists:
 
@@ -369,14 +371,14 @@ A logged-in session lasts for either the browser session or `QuoVadis.session_li
 
 A user can view their active sessions and log out of any of them.
 
-Write the view showing the sessions ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/sessions/index.html.erb)).  It must be in `app/views/quo_vadis/sessions/index.html.:format`.
+Write the view showing the sessions ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/sessions/index.html.erb)).  It must be in `app/views/quo_vadis/sessions/index.html.:format`.
 
 
 ### Audit trail
 
 An audit trail is kept of authentication events.  You can see the full list in the [`Log`](https://github.com/airblade/quo_vadis/blob/master/app/models/quo_vadis/log.rb) class.
 
-Write the view showing the events ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/logs/index.html.erb)).  It must be in `app/views/quo_vadis/logs/index.html.:format`.
+Write the view showing the events ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/logs/index.html.erb)).  It must be in `app/views/quo_vadis/logs/index.html.:format`.
 
 
 ### Notifications
@@ -385,18 +387,23 @@ QuoVadis notifies users by email whenever their authentication details are chang
 
 Write the corresponding mailer views:
 
-- change of email ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb))
-- change of identifier (unless the identifier is email) ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb))
-- change of password ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb))
-- reset of password ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb))
-- TOTP setup ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb))
-- TOTP code used a second time ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb))
-- 2FA deactivated ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb))
-- recovery codes generated ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb))
+- change of email ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/email_change_notification.text.erb))
+- change of identifier (unless the identifier is email) ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/identifier_change_notification.text.erb))
+- change of password ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/password_change_notification.text.erb))
+- reset of password ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/password_reset_notification.text.erb))
+- TOTP setup ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/totp_setup_notification.text.erb))
+- TOTP code used a second time ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb))
+- 2FA deactivated ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb))
+- recovery codes generated ([example](https://github.com/airblade/quo_vadis/blob/master/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb))
 
 They must be in `app/views/quo_vadis/mailer/NAME.{text,html}.erb`.
 
 
+### Revocation
+
+You can revoke a user's access by calling `#revoke_authentication_credentials` on the model instance.  This deletes the user's password, TOTP credential, recovery codes, and active sessions.  Their authentication logs, or audit trail, are preserved.
+
+
 ## Configuration
 
 This is QuoVadis' [default configuration](https://github.com/airblade/quo_vadis/blob/master/lib/quo_vadis/defaults.rb):
@@ -405,7 +412,7 @@ This is QuoVadis' [default configuration](https://github.com/airblade/quo_vadis/
 QuoVadis.configure do
   password_minimum_length               12
   mask_ips                              false
-  cookie_name                           '__Host-qv'
+  cookie_name                           (Rails.env.production? ? '__Host-qv' : 'qv')
   session_lifetime                      :session
   session_lifetime_extend_to_end_of_day false
   session_idle_timeout                  :lifetime
@@ -436,7 +443,7 @@ Masking means setting the last octet (IPv4) or the last 80 bits (IPv6) to 0.
 
 __`cookie_name`__ (string)
 
-The name of the cookie QuoVadis uses to store the session identifier.  The `__Host-` prefix is [recommended](https://developer.mozilla.org/en-US/docs/Web/API/document/cookie).
+The name of the cookie QuoVadis uses to store the session identifier.  The `__Host-` prefix is [recommended](https://developer.mozilla.org/en-US/docs/Web/API/document/cookie) in an SSL environment (but cannot be used in a non-SSL environment).
 
 __`session_lifetime`__ (`:session` | `ActiveSupport::Duration` | integer)
 

data/app/controllers/quo_vadis/password_resets_controller.rb

@@ -13,15 +13,14 @@ module QuoVadis
 
 
     def create
-      flash[:notice] = QuoVadis.translate 'flash.password_reset.create'
-
       account = QuoVadis.find_account_by_identifier_in_params params
-      return unless account
 
-      token = QuoVadis::PasswordResetToken.generate account
-      QuoVadis.deliver :reset_password, email: account.model.email, url: quo_vadis.edit_password_reset_url(token)
+      if account
+        token = QuoVadis::PasswordResetToken.generate account
+        QuoVadis.deliver :reset_password, {email: account.model.email, url: quo_vadis.password_reset_url(token)}
+      end
 
-      redirect_to password_resets_path
+      redirect_to password_resets_path, notice: QuoVadis.translate('flash.password_reset.create')
     end
 
 
@@ -33,6 +32,10 @@ module QuoVadis
         redirect_to new_password_reset_path, alert: QuoVadis.translate('flash.password_reset.unknown') and return
       end
 
+      # Ensure the flash notice set in the create action does not appear when the user clicks the
+      # link in the email they were sent.
+      flash.delete :notice
+
       @password = QuoVadis::Password.new
     end
 
@@ -46,7 +49,7 @@ module QuoVadis
       end
 
       @password = account.password
-      if @password.reset params[:password], params[:password_confirmation]
+      if @password.reset params[:password][:password], params[:password][:password_confirmation]
         # Logout account's sessions because password has changed.
         # Note model is not logged in here.
         @password.account.sessions.destroy_all
@@ -57,7 +60,7 @@ module QuoVadis
         login @password.account.model, true
         redirect_to qv.path_after_authentication, notice: QuoVadis.translate('flash.password_reset.reset')
       else
-        render :edit
+        render :edit, status: :unprocessable_entity
       end
     end
 

data/app/controllers/quo_vadis/passwords_controller.rb

@@ -11,14 +11,16 @@ module QuoVadis
 
     def update
       @password = authenticated_model.qv_account.password
-      if @password.change params[:password], params[:new_password], params[:new_password_confirmation]
+      if @password.change(params[:password][:password],
+                          params[:password][:new_password],
+                          params[:password][:new_password_confirmation])
         qv.log authenticated_model.qv_account, Log::PASSWORD_CHANGE
         QuoVadis.notify :password_change_notification, email: authenticated_model.email
         qv.logout_other_sessions
         qv.replace_session
         redirect_to qv.path_after_password_change, notice: QuoVadis.translate('flash.password.update')
       else
-        render :edit
+        render :edit, status: :unprocessable_entity
       end
     end
 

data/app/controllers/quo_vadis/recovery_codes_controller.rb

@@ -27,7 +27,7 @@ module QuoVadis
       else
         qv.log account, Log::RECOVERY_CODE_FAILURE
         flash.now[:alert] = QuoVadis.translate('flash.recovery_code.unverified')
-        render :challenge
+        render :challenge, status: :unprocessable_entity
       end
     end
 

data/app/controllers/quo_vadis/sessions_controller.rb

@@ -23,14 +23,14 @@ module QuoVadis
       unless account
         qv.log nil, Log::LOGIN_UNKNOWN, identifier: QuoVadis.identifier_value_in_params(params)
         flash.now[:alert] = QuoVadis.translate 'flash.login.failed'
-        render :new
+        render :new, status: :unprocessable_entity
         return
       end
 
       unless account.password.authenticate params[:password]
         qv.log account, Log::LOGIN_FAILURE
         flash.now[:alert] = QuoVadis.translate 'flash.login.failed'
-        render :new
+        render :new, status: :unprocessable_entity
         return
       end
 

data/app/controllers/quo_vadis/totps_controller.rb

@@ -53,7 +53,7 @@ module QuoVadis
           qv.log authenticated_model.qv_account, Log::TOTP_FAILURE
         end
         flash.now[:alert] = QuoVadis.translate('flash.totp.unverified')
-        render :challenge
+        render :challenge, status: :unprocessable_entity
       end
     end
 

data/app/mailers/quo_vadis/mailer.rb

@@ -14,52 +14,52 @@ module QuoVadis
     end
 
     def email_change_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.email_change')
     end
 
     def identifier_change_notification
-      @timestamp = Time.now
+      @timestamp = params[:timestamp]
       @identifier = params[:identifier]
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.identifier_change',
                                                identifier: params[:identifier])
     end
 
     def password_change_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.password_change')
     end
 
     def password_reset_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.password_reset')
     end
 
     def totp_setup_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.totp_setup')
     end
 
     def totp_reuse_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.totp_reuse')
     end
 
     def twofa_deactivated_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.twofa_deactivated')
     end
 
     def recovery_codes_generation_notification
-      @timestamp = Time.now
-      @ip = QuoVadis::CurrentRequestDetails.ip
+      @timestamp = params[:timestamp]
+      @ip = params[:ip]
       _mail params[:email], QuoVadis.translate('mailer.notification.recovery_codes_generation')
     end
 

data/app/models/quo_vadis/account.rb

@@ -32,9 +32,23 @@ module QuoVadis
 
     # Returns an array of the recovery codes' codes.
     def generate_recovery_codes
+      recovery_codes.delete_all
       Array.new(MAX_NUMBER_OF_RECOVERY_CODES) { recovery_codes.create }.map &:code
     end
 
+    def revoke
+      password&.destroy
+      totp&.destroy
+      recovery_codes.destroy_all
+      sessions.destroy_all
+
+      Log.create(
+        account: self,
+        action: Log::REVOKE,
+        ip: (CurrentRequestDetails.ip || '')
+      )
+    end
+
     private
 
     def log_identifier_change

data/app/models/quo_vadis/log.rb

@@ -21,7 +21,8 @@ module QuoVadis
     PASSWORD_RESET         = 'password.reset'
     ACCOUNT_CONFIRMATION   = 'account.confirmation'
     LOGOUT_OTHER           = 'logout.other'
-    LOGOUT                 = 'logout'
+    LOGOUT                 = 'logout.self'
+    REVOKE                 = 'revoke'
 
     ACTIONS = [
       LOGIN_SUCCESS,
@@ -41,7 +42,8 @@ module QuoVadis
       PASSWORD_RESET,
       ACCOUNT_CONFIRMATION,
       LOGOUT_OTHER,
-      LOGOUT
+      LOGOUT,
+      REVOKE
     ]
 
     belongs_to :account, optional: true  # optional only for LOGIN_UNKNOWN

data/app/models/quo_vadis/password.rb

@@ -7,6 +7,7 @@ module QuoVadis
     has_secure_password
 
     validates_length_of :password, minimum: QuoVadis.password_minimum_length, allow_blank: true
+    validate :password_updated_legitimately, on: :update
 
     attr_accessor :new_password
 
@@ -48,5 +49,20 @@ module QuoVadis
       save
     end
 
+    private
+
+    def password_updated_legitimately
+      return unless password_digest_changed?
+
+      unless change_or_reset_called?
+        errors.add :password, 'must be updated via #change or #reset'
+      end
+    end
+
+    def change_or_reset_called?
+      caller_locations.any? { |loc|
+        ['change', 'reset'].include?(loc.label) && Pathname.new(loc.path).basename.to_s == 'password.rb'
+      }
+    end
   end
 end

data/{test/dummy/app → app}/views/quo_vadis/logs/index.html.erb

@@ -3,6 +3,7 @@
 <table>
   <thead>
     <tr>
+      <th>Timestamp</th>
       <th>Action</th>
       <th>IP</th>
       <th>Metadata</th>
@@ -11,7 +12,8 @@
   <tbody>
     <% @logs.each do |log| %>
       <tr>
-        <td><%= log.action %></td>
+        <td><%= log.created_at %></td>
+        <td><%= QuoVadis.translate "log.action.#{log.action}" %></td>
         <td><%= log.ip %></td>
         <td><%= log.metadata.empty? ? '' : log.metadata.map {|k,v| "#{k}: #{v}"}.join(', ') %></td>
       </tr>

data/{test/dummy/app → app}/views/quo_vadis/password_resets/edit.html.erb

@@ -1,14 +1,6 @@
 <h1>Reset password</h1>
 
-<% if @password.errors.any? %>
-  <ul>
-    <% @password.errors.full_messages.each do |msg| %>
-      <li><%= msg %></li>
-    <% end %>
-  </ul>
-<% end %>
-
-<%= form_with url: password_reset_path(params[:token]), method: :put do |f| %>
+<%= form_with model: @password, url: password_reset_path(params[:token]), method: :put do |f| %>
   <p>
     <%= f.label :password %>
     <%= f.password_field :password, autocomplete: 'new-password' %>

data/{test/dummy/app → app}/views/quo_vadis/passwords/edit.html.erb

@@ -1,14 +1,6 @@
 <h1>Change password</h1>
 
-<% if @password.errors.any? %>
-  <ul>
-    <% @password.errors.full_messages.each do |msg| %>
-      <li><%= msg %></li>
-    <% end %>
-  </ul>
-<% end %>
-
-<%= form_with url: password_path, method: :put do |f| %>
+<%= form_with model: @password, url: password_path, method: :put do |f| %>
   <p>
     <%= f.label :password %>
     <%= f.password_field :password, autocomplete: 'current-password' %>