rails_base 0.80.0 → 0.81.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/rails_base/users/sessions_controller.rb +4 -1
- data/app/services/rails_base/authentication/decision_twofa_type.rb +5 -3
- data/app/services/rails_base/mfa/decision.rb +1 -1
- data/app/views/layouts/rails_base/application.html.erb +2 -14
- data/app/views/rails_base/shared/_request_link_alert.html.erb +58 -0
- data/app/views/rails_base/user_settings/index.html.erb +20 -4
- data/lib/rails_base/request_link.rb +27 -0
- data/lib/rails_base/version.rb +2 -2
- data/lib/rails_base.rb +1 -0
- metadata +3 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ad2b9e0329bfb6ecaea13ee52644361d0c3097a0175faeed7bdc6827ac9a58bc
|
|
4
|
+
data.tar.gz: 765826d474cac75927011b92d389c3d789181f2af47350915e787dc197ac74c5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2f7d2a8717ecc17fb0f0c17da71f63551828f64a76711967fce110266988c9d63eda2f13060a0ef3971d0ebea86c5e8a427c5c2564a39eef2800cb58cb8981c8
|
|
7
|
+
data.tar.gz: de07cf26df1b30341ae5b4d7f0d55c73cbdbee8958a178b47e1569f8e415890cf406f4bc0ebb61ff1c85ff52eddaa1ce5eb6cc2d8fddeab226c7738e3fb02594
|
|
@@ -44,7 +44,10 @@ class RailsBase::Users::SessionsController < Devise::SessionsController
|
|
|
44
44
|
|
|
45
45
|
if mfa_decision.sign_in_user
|
|
46
46
|
sign_in(authenticate.user)
|
|
47
|
-
|
|
47
|
+
if mfa_decision.add_mfa_button
|
|
48
|
+
RailsBase::RequestLink.add(link: RailsBase.url_routes.user_settings_path(openmfa: true), text: "Enable MFA")
|
|
49
|
+
end
|
|
50
|
+
|
|
48
51
|
# only referentially redirect when we know the user should sign in
|
|
49
52
|
redirect_to(redirect_from_reference || RailsBase.url_routes.authenticated_root_path, mfa_decision.flash)
|
|
50
53
|
return
|
|
@@ -36,7 +36,9 @@ module RailsBase::Authentication
|
|
|
36
36
|
# no MFA type enabled on account
|
|
37
37
|
sign_in_user_context!
|
|
38
38
|
context.flash = { notice: "Welcome. You have succesfully signed in." }
|
|
39
|
-
|
|
39
|
+
if RailsBase.config.mfa.enable?
|
|
40
|
+
context.add_mfa_button = true
|
|
41
|
+
end
|
|
40
42
|
else
|
|
41
43
|
raise "Unknown MFA type provided"
|
|
42
44
|
end
|
|
@@ -80,7 +82,7 @@ module RailsBase::Authentication
|
|
|
80
82
|
context.token_ttl = 2.minutes.from_now
|
|
81
83
|
else
|
|
82
84
|
sign_in_user_context!
|
|
83
|
-
context.flash = { notice: "Welcome. You have succesfully signed in
|
|
85
|
+
context.flash = { notice: "Welcome. You have succesfully signed in" }
|
|
84
86
|
nil
|
|
85
87
|
end
|
|
86
88
|
end
|
|
@@ -95,7 +97,7 @@ module RailsBase::Authentication
|
|
|
95
97
|
result
|
|
96
98
|
else
|
|
97
99
|
sign_in_user_context!
|
|
98
|
-
context.flash = { notice: "Welcome. You have succesfully signed in
|
|
100
|
+
context.flash = { notice: "Welcome. You have succesfully signed in" }
|
|
99
101
|
nil
|
|
100
102
|
end
|
|
101
103
|
end
|
|
@@ -38,7 +38,7 @@ module RailsBase::Mfa
|
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
def execute_sms
|
|
41
|
-
log(level: :info, msg: "MFA type SMS is enabled on user. Executing
|
|
41
|
+
log(level: :info, msg: "MFA type SMS is enabled on user. Executing SMS workflow")
|
|
42
42
|
result = reauth_strategy_class.(user: user, force: force_mfa, mfa_type: SMS, mfa_last_used: user.last_mfa_sms_login)
|
|
43
43
|
require_mfa = result.request_mfa
|
|
44
44
|
|
|
@@ -83,20 +83,8 @@
|
|
|
83
83
|
<%= render partial: 'rails_base/shared/logged_out_header'%>
|
|
84
84
|
<% end %>
|
|
85
85
|
<% if notice %>
|
|
86
|
-
<% if
|
|
87
|
-
|
|
88
|
-
<div class="row">
|
|
89
|
-
<div class="col-md-6">
|
|
90
|
-
<%= notice %>
|
|
91
|
-
</div>
|
|
92
|
-
<div class="col-md-6">
|
|
93
|
-
<%= link_to "Enable MFA", RailsBase.url_routes.user_settings_path(openmfa: true), method: :get, class: "btn btn-light float-right" %>
|
|
94
|
-
</div>
|
|
95
|
-
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
|
|
96
|
-
<span aria-hidden="true">×</span>
|
|
97
|
-
</button>
|
|
98
|
-
</div>
|
|
99
|
-
</div>
|
|
86
|
+
<% if user_signed_in? && RailsBase::RequestLink.any? %>
|
|
87
|
+
<%= render partial: "rails_base/shared/request_link_alert", locals: { text: notice } %>
|
|
100
88
|
<% else %>
|
|
101
89
|
<div class="alert alert-success alert-dismissible fade show" role="alert">
|
|
102
90
|
<%= notice %>
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
<div class="regularAlert alert alert-success alert-dismissible fade show" role="alert">
|
|
2
|
+
<div class="row">
|
|
3
|
+
<div class="col-md-6">
|
|
4
|
+
<%= text %>
|
|
5
|
+
</div>
|
|
6
|
+
<div class="col-md-6">
|
|
7
|
+
<%
|
|
8
|
+
dupped = RailsBase::RequestLink.items.dup
|
|
9
|
+
%>
|
|
10
|
+
|
|
11
|
+
<% while(link = dupped.shift) do %>
|
|
12
|
+
<%= link_to link.text, link.link, method: :get, class: "btn btn-light float-right", style: "margin-right: 0.5em;" %>
|
|
13
|
+
<% end %>
|
|
14
|
+
</div>
|
|
15
|
+
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
|
|
16
|
+
<span aria-hidden="true">×</span>
|
|
17
|
+
</button>
|
|
18
|
+
</div>
|
|
19
|
+
</div>
|
|
20
|
+
|
|
21
|
+
<br>
|
|
22
|
+
|
|
23
|
+
<div class="mobileAlert alert alert-success alert-dismissible fade show" role="alert">
|
|
24
|
+
<div class="row">
|
|
25
|
+
<div class="col-md-12 text-center">
|
|
26
|
+
<%= text %>
|
|
27
|
+
</div>
|
|
28
|
+
</div>
|
|
29
|
+
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
|
|
30
|
+
<span aria-hidden="true">×</span>
|
|
31
|
+
</button>
|
|
32
|
+
<% link = RailsBase::RequestLink.items.shift %>
|
|
33
|
+
<% while(link) do %>
|
|
34
|
+
<div class="row">
|
|
35
|
+
<div class="col-12">
|
|
36
|
+
<%= link_to link.text, link.link, method: :get, class: "btn btn-light btn-block" %>
|
|
37
|
+
</div>
|
|
38
|
+
</div>
|
|
39
|
+
<% link = RailsBase::RequestLink.items.shift %>
|
|
40
|
+
<% if link %>
|
|
41
|
+
<div class="row"><div class="col-6 offset-3">
|
|
42
|
+
<hr>
|
|
43
|
+
</div></div>
|
|
44
|
+
<% end %>
|
|
45
|
+
<% end %>
|
|
46
|
+
</div>
|
|
47
|
+
|
|
48
|
+
<script type="text/javascript">
|
|
49
|
+
$(document).ready(function(){
|
|
50
|
+
if(viewport_probable_mobile()){
|
|
51
|
+
$(`.regularAlert`).hide()
|
|
52
|
+
$(`.mobileAlert`).show()
|
|
53
|
+
} else {
|
|
54
|
+
$(`.regularAlert`).show()
|
|
55
|
+
$(`.mobileAlert`).hide()
|
|
56
|
+
}
|
|
57
|
+
});
|
|
58
|
+
</script>
|
|
@@ -19,13 +19,24 @@
|
|
|
19
19
|
</tr>
|
|
20
20
|
<tr>
|
|
21
21
|
<th scope="col" class='text-right' style="width: 40%">
|
|
22
|
-
MFA enabled?
|
|
22
|
+
SMS MFA enabled?
|
|
23
23
|
</th>
|
|
24
24
|
<td style="width: 40%">
|
|
25
25
|
<%= current_user.mfa_sms_enabled %>
|
|
26
26
|
</td>
|
|
27
27
|
<td style="width: 20%">
|
|
28
|
-
<button class="btn btn_primary btn-block
|
|
28
|
+
<button onclick="advancedSecurityCollapse_collapse_open()" class="btn btn_primary btn-block" type="button">Modify</button>
|
|
29
|
+
</td>
|
|
30
|
+
</tr>
|
|
31
|
+
<tr>
|
|
32
|
+
<th scope="col" class='text-right' style="width: 40%">
|
|
33
|
+
TOTP MFA enabled?
|
|
34
|
+
</th>
|
|
35
|
+
<td style="width: 40%">
|
|
36
|
+
<%= current_user.mfa_otp_enabled %>
|
|
37
|
+
</td>
|
|
38
|
+
<td style="width: 20%">
|
|
39
|
+
<button onclick="advancedSecurityCollapse_collapse_open()" class="btn btn_primary btn-block" type="button">Modify</button>
|
|
29
40
|
</td>
|
|
30
41
|
</tr>
|
|
31
42
|
<tr>
|
|
@@ -92,7 +103,12 @@
|
|
|
92
103
|
<br>
|
|
93
104
|
<div class="row">
|
|
94
105
|
<div class="col-12">
|
|
95
|
-
<button type="button" class="btn btn-block btn_info close-me" data-toggle="modal" data-target="#totpEnableModal">
|
|
106
|
+
<button type="button" class="btn btn-block btn_info close-me" data-toggle="modal" data-target="#totpEnableModal" style="display: none;">
|
|
107
|
+
<!--
|
|
108
|
+
This is currently disabled.
|
|
109
|
+
Steps to re-enabld
|
|
110
|
+
- Enforce TOTP code is entered before showing totp secret
|
|
111
|
+
-->
|
|
96
112
|
Add One Time Password Auth
|
|
97
113
|
</button>
|
|
98
114
|
</div>
|
|
@@ -101,8 +117,8 @@
|
|
|
101
117
|
<button type="button" class="btn btn-block btn_info close-me" data-toggle="modal" data-target="#totpEnableModal">
|
|
102
118
|
Enable One Time Password Auth
|
|
103
119
|
</button>
|
|
120
|
+
<%= render partial: 'rails_base/shared/totp/add_authenticator_modal', locals: { type: @type, endpoint: @endpoint } %>
|
|
104
121
|
<% end %>
|
|
105
|
-
<%= render partial: 'rails_base/shared/totp/add_authenticator_modal', locals: { type: @type, endpoint: @endpoint } %>
|
|
106
122
|
<% end %>
|
|
107
123
|
</div>
|
|
108
124
|
</div>
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module RailsBase
|
|
4
|
+
class RequestLink
|
|
5
|
+
attr_accessor :link, :text
|
|
6
|
+
|
|
7
|
+
def self.add(link:, text:)
|
|
8
|
+
return false if items.any? { _1.text == text }
|
|
9
|
+
|
|
10
|
+
items << new(link:, text:)
|
|
11
|
+
true
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.items
|
|
15
|
+
@array ||= []
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def self.any?
|
|
19
|
+
items.length > 0
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def initialize(link:, text:)
|
|
23
|
+
@link = link
|
|
24
|
+
@text = text
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
data/lib/rails_base/version.rb
CHANGED
data/lib/rails_base.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_base
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.81.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Taylor
|
|
@@ -608,6 +608,7 @@ files:
|
|
|
608
608
|
- app/views/rails_base/shared/_mfa_input_layout_fallback.html.erb
|
|
609
609
|
- app/views/rails_base/shared/_modify_mfa_auth_modal.html.erb
|
|
610
610
|
- app/views/rails_base/shared/_password_confirm_javascript.html.erb
|
|
611
|
+
- app/views/rails_base/shared/_request_link_alert.html.erb
|
|
611
612
|
- app/views/rails_base/shared/_reset_password_form.html.erb
|
|
612
613
|
- app/views/rails_base/shared/_session_create_form.html.erb
|
|
613
614
|
- app/views/rails_base/shared/_session_timeout_modal.html.erb
|
|
@@ -687,6 +688,7 @@ files:
|
|
|
687
688
|
- lib/rails_base/configuration/user.rb
|
|
688
689
|
- lib/rails_base/engine.rb
|
|
689
690
|
- lib/rails_base/mfa_event.rb
|
|
691
|
+
- lib/rails_base/request_link.rb
|
|
690
692
|
- lib/rails_base/switch_user_helper.rb
|
|
691
693
|
- lib/rails_base/version.rb
|
|
692
694
|
- lib/tasks/rails_base_tasks.rake
|