rails_base 0.80.0 → 0.81.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/rails_base/users/sessions_controller.rb +4 -1
  3. data/app/services/rails_base/authentication/decision_twofa_type.rb +5 -3
  4. data/app/services/rails_base/mfa/decision.rb +1 -1
  5. data/app/views/layouts/rails_base/application.html.erb +2 -14
  6. data/app/views/rails_base/shared/_request_link_alert.html.erb +48 -0
  7. data/app/views/rails_base/user_settings/index.html.erb +20 -4
  8. data/lib/rails_base/request_link.rb +27 -0
  9. data/lib/rails_base/version.rb +1 -1
  10. data/lib/rails_base.rb +1 -0
  11. metadata +3 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ac8c98816130bae4d552e2b82ecf75c5a3b8f6441936bb70d9663f07a1ee4c2f
4
- data.tar.gz: f9df9901477573b0e827019a141996cec8c2192e940d334d91da624a8c69dc07
3
+ metadata.gz: 2e6dfb9b0dfa087ba1c2378c08703360360da41dfc5f676feb29c94a3542cfaf
4
+ data.tar.gz: 0bae19f4b8e3b06b42b3b7d91fd407028676034f5cb4c102898848747238d205
5
5
  SHA512:
6
- metadata.gz: f868b2bb553e9e1f4fcd4e14abda131b153e38f6b43f1bfdfef2f34b5a3d0b2d75d31a8eec7720d3a8339db74782706f9e0d39e7284256416130601233bb54d7
7
- data.tar.gz: bf26e5f0ae48f7674ee614d7a159d352c990ddced01a7ca28ccb3215dae5a6b6f0b9c3e218b05ec4eb34d917da4c6296bdcd825a511ae8b8a7ab037317f854c8
6
+ metadata.gz: e4c16fdf660ed93e2672208de8b86c0b766f374defb44cd3259ee96441071b8e1821246a766d6b2237c95250c6e3c21c1858eeeeb714079f1993aa13016676fd
7
+ data.tar.gz: fe5cd28864e828717ddf81a3fbfc3c0af190e4ca888154ad3af177fc8ca67e2bc9c908e29e6215e7e675533fdc005082a30de09bd27f25f25ad997adede714c5
data/app/controllers/rails_base/users/sessions_controller.rb CHANGED
@@ -44,7 +44,10 @@ class RailsBase::Users::SessionsController < Devise::SessionsController
44
44
 
45
45
  if mfa_decision.sign_in_user
46
46
  sign_in(authenticate.user)
47
- session.merge!(mfa_decision.session || {})
47
+ if mfa_decision.add_mfa_button
48
+ RailsBase::RequestLink.add(link: RailsBase.url_routes.user_settings_path(openmfa: true), text: "Enable MFA")
49
+ end
50
+
48
51
  # only referentially redirect when we know the user should sign in
49
52
  redirect_to(redirect_from_reference || RailsBase.url_routes.authenticated_root_path, mfa_decision.flash)
50
53
  return
data/app/services/rails_base/authentication/decision_twofa_type.rb CHANGED
@@ -36,7 +36,9 @@ module RailsBase::Authentication
36
36
  # no MFA type enabled on account
37
37
  sign_in_user_context!
38
38
  context.flash = { notice: "Welcome. You have succesfully signed in." }
39
- context.session = { add_mfa_button: true }
39
+ if RailsBase.config.mfa.enable?
40
+ context.add_mfa_button = true
41
+ end
40
42
  else
41
43
  raise "Unknown MFA type provided"
42
44
  end
@@ -80,7 +82,7 @@ module RailsBase::Authentication
80
82
  context.token_ttl = 2.minutes.from_now
81
83
  else
82
84
  sign_in_user_context!
83
- context.flash = { notice: "Welcome. You have succesfully signed in via #{decision.mfa_type.to_s.upcase} MFA." }
85
+ context.flash = { notice: "Welcome. You have succesfully signed in" }
84
86
  nil
85
87
  end
86
88
  end
@@ -95,7 +97,7 @@ module RailsBase::Authentication
95
97
  result
96
98
  else
97
99
  sign_in_user_context!
98
- context.flash = { notice: "Welcome. You have succesfully signed in via #{decision.mfa_type.to_s.upcase} MFA." }
100
+ context.flash = { notice: "Welcome. You have succesfully signed in" }
99
101
  nil
100
102
  end
101
103
  end
data/app/services/rails_base/mfa/decision.rb CHANGED
@@ -38,7 +38,7 @@ module RailsBase::Mfa
38
38
  end
39
39
 
40
40
  def execute_sms
41
- log(level: :info, msg: "MFA type SMS is enabled on user. Executing OTP workflow")
41
+ log(level: :info, msg: "MFA type SMS is enabled on user. Executing SMS workflow")
42
42
  result = reauth_strategy_class.(user: user, force: force_mfa, mfa_type: SMS, mfa_last_used: user.last_mfa_sms_login)
43
43
  require_mfa = result.request_mfa
44
44
 
data/app/views/layouts/rails_base/application.html.erb CHANGED
@@ -83,20 +83,8 @@
83
83
  <%= render partial: 'rails_base/shared/logged_out_header'%>
84
84
  <% end %>
85
85
  <% if notice %>
86
- <% if session.delete(:add_mfa_button) %>
87
- <div class="alert alert-success alert-dismissible fade show" role="alert">
88
- <div class="row">
89
- <div class="col-md-6">
90
- <%= notice %>
91
- </div>
92
- <div class="col-md-6">
93
- <%= link_to "Enable MFA", RailsBase.url_routes.user_settings_path(openmfa: true), method: :get, class: "btn btn-light float-right" %>
94
- </div>
95
- <button type="button" class="close" data-dismiss="alert" aria-label="Close">
96
- <span aria-hidden="true">&times;</span>
97
- </button>
98
- </div>
99
- </div>
86
+ <% if user_signed_in? && RailsBase::RequestLink.any? %>
87
+ <%= render partial: "rails_base/shared/request_link_alert", locals: { text: notice } %>
100
88
  <% else %>
101
89
  <div class="alert alert-success alert-dismissible fade show" role="alert">
102
90
  <%= notice %>
data/app/views/rails_base/shared/_request_link_alert.html.erb ADDED
@@ -0,0 +1,48 @@
1
+ <div class="regularAlert alert alert-success alert-dismissible fade show" role="alert">
2
+ <div class="row">
3
+ <div class="col-md-6">
4
+ <%= text %>
5
+ </div>
6
+ <div class="col-md-6">
7
+ <% dupped = RailsBase::RequestLink.items.dup %>
8
+ <% while(link = dupped.shift) do %>
9
+ <%= link_to link.text, link.link, method: :get, class: "btn btn-light float-right" %>
10
+ <% end %>
11
+ </div>
12
+ <button type="button" class="close" data-dismiss="alert" aria-label="Close">
13
+ <span aria-hidden="true">&times;</span>
14
+ </button>
15
+ </div>
16
+ </div>
17
+
18
+ <br>
19
+
20
+ <div class="mobileAlert alert alert-success alert-dismissible fade show" role="alert">
21
+ <div class="row">
22
+ <div class="col-md-12 text-center">
23
+ <%= text %>
24
+ </div>
25
+ </div>
26
+ <button type="button" class="close" data-dismiss="alert" aria-label="Close">
27
+ <span aria-hidden="true">&times;</span>
28
+ </button>
29
+ <% while(link = RailsBase::RequestLink.items.shift) do %>
30
+ <div class="row">
31
+ <div class="col-12">
32
+ <%= link_to link.text, link.link, method: :get, class: "btn btn-light btn-block" %>
33
+ </div>
34
+ </div>
35
+ <% end %>
36
+ </div>
37
+
38
+ <script type="text/javascript">
39
+ $(document).ready(function(){
40
+ if(viewport_probable_mobile()){
41
+ $(`.regularAlert`).hide()
42
+ $(`.mobileAlert`).show()
43
+ } else {
44
+ $(`.regularAlert`).show()
45
+ $(`.mobileAlert`).hide()
46
+ }
47
+ });
48
+ </script>
data/app/views/rails_base/user_settings/index.html.erb CHANGED
@@ -19,13 +19,24 @@
19
19
  </tr>
20
20
  <tr>
21
21
  <th scope="col" class='text-right' style="width: 40%">
22
- MFA enabled?
22
+ SMS MFA enabled?
23
23
  </th>
24
24
  <td style="width: 40%">
25
25
  <%= current_user.mfa_sms_enabled %>
26
26
  </td>
27
27
  <td style="width: 20%">
28
- <button class="btn btn_primary btn-block show-create-modal" type="button">Modify</button>
28
+ <button onclick="advancedSecurityCollapse_collapse_open()" class="btn btn_primary btn-block" type="button">Modify</button>
29
+ </td>
30
+ </tr>
31
+ <tr>
32
+ <th scope="col" class='text-right' style="width: 40%">
33
+ TOTP MFA enabled?
34
+ </th>
35
+ <td style="width: 40%">
36
+ <%= current_user.mfa_otp_enabled %>
37
+ </td>
38
+ <td style="width: 20%">
39
+ <button onclick="advancedSecurityCollapse_collapse_open()" class="btn btn_primary btn-block" type="button">Modify</button>
29
40
  </td>
30
41
  </tr>
31
42
  <tr>
@@ -92,7 +103,12 @@
92
103
  <br>
93
104
  <div class="row">
94
105
  <div class="col-12">
95
- <button type="button" class="btn btn-block btn_info close-me" data-toggle="modal" data-target="#totpEnableModal">
106
+ <button type="button" class="btn btn-block btn_info close-me" data-toggle="modal" data-target="#totpEnableModal" style="display: none;">
107
+ <!--
108
+ This is currently disabled.
109
+ Steps to re-enabld
110
+ - Enforce TOTP code is entered before showing totp secret
111
+ -->
96
112
  Add One Time Password Auth
97
113
  </button>
98
114
  </div>
@@ -101,8 +117,8 @@
101
117
  <button type="button" class="btn btn-block btn_info close-me" data-toggle="modal" data-target="#totpEnableModal">
102
118
  Enable One Time Password Auth
103
119
  </button>
120
+ <%= render partial: 'rails_base/shared/totp/add_authenticator_modal', locals: { type: @type, endpoint: @endpoint } %>
104
121
  <% end %>
105
- <%= render partial: 'rails_base/shared/totp/add_authenticator_modal', locals: { type: @type, endpoint: @endpoint } %>
106
122
  <% end %>
107
123
  </div>
108
124
  </div>
data/lib/rails_base/request_link.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ module RailsBase
4
+ class RequestLink
5
+ attr_accessor :link, :text
6
+
7
+ def self.add(link:, text:)
8
+ return false if items.any? { _1.text == text }
9
+
10
+ items << new(link:, text:)
11
+ true
12
+ end
13
+
14
+ def self.items
15
+ @array ||= []
16
+ end
17
+
18
+ def self.any?
19
+ items.length > 0
20
+ end
21
+
22
+ def initialize(link:, text:)
23
+ @link = link
24
+ @text = text
25
+ end
26
+ end
27
+ end
data/lib/rails_base/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module RailsBase
2
2
  MAJOR = "0"
3
- MINOR = "80"
3
+ MINOR = "81"
4
4
  PATCH = "0"
5
5
  VERSION = "#{MAJOR}.#{MINOR}.#{PATCH}"
6
6
 
data/lib/rails_base.rb CHANGED
@@ -16,6 +16,7 @@ require 'switch_user'
16
16
  require 'rails_base/admin/action_cache'
17
17
  require 'rails_base/config'
18
18
  require 'rails_base/mfa_event'
19
+ require 'rails_base/request_link'
19
20
 
20
21
  module RailsBase
21
22
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_base
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.80.0
4
+ version: 0.81.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matt Taylor
@@ -608,6 +608,7 @@ files:
608
608
  - app/views/rails_base/shared/_mfa_input_layout_fallback.html.erb
609
609
  - app/views/rails_base/shared/_modify_mfa_auth_modal.html.erb
610
610
  - app/views/rails_base/shared/_password_confirm_javascript.html.erb
611
+ - app/views/rails_base/shared/_request_link_alert.html.erb
611
612
  - app/views/rails_base/shared/_reset_password_form.html.erb
612
613
  - app/views/rails_base/shared/_session_create_form.html.erb
613
614
  - app/views/rails_base/shared/_session_timeout_modal.html.erb
@@ -687,6 +688,7 @@ files:
687
688
  - lib/rails_base/configuration/user.rb
688
689
  - lib/rails_base/engine.rb
689
690
  - lib/rails_base/mfa_event.rb
691
+ - lib/rails_base/request_link.rb
690
692
  - lib/rails_base/switch_user_helper.rb
691
693
  - lib/rails_base/version.rb
692
694
  - lib/tasks/rails_base_tasks.rake