rodauth 1.21.0 → 2.2.0

data/templates/reset-password.str

@@ -1,8 +1,7 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="reset-password-form">
+<form method="post" class="rodauth" role="form" id="reset-password-form">
   #{rodauth.reset_password_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.render('password-field')}
   #{rodauth.render('password-confirm-field') if rodauth.require_password_confirmation?}
   #{rodauth.button(rodauth.reset_password_button)}
 </form>
-

data/templates/sms-auth.str

@@ -1,4 +1,4 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="sms-auth-form">
+<form method="post" class="rodauth" role="form" id="sms-auth-form">
   #{rodauth.sms_auth_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.render('sms-code-field')}

data/templates/sms-code-field.str

@@ -1,6 +1,8 @@
 <div class="form-group">
-  <label class="col-sm-3 control-label" for="sms-code">#{rodauth.sms_code_label}#{rodauth.input_field_label_suffix}</label>
-  <div class="col-sm-3">
-    #{rodauth.input_field_string(rodauth.sms_code_param, 'sms-code', :value => '')}
+  <label for="sms-code">#{rodauth.sms_code_label}#{rodauth.input_field_label_suffix}</label>
+  <div class="row">
+    <div class="col-sm-3">
+      #{rodauth.input_field_string(rodauth.sms_code_param, 'sms-code', :value => '', :autocomplete=>'one-time-code', :inputmode=>'numeric')}
+    </div>
   </div>
 </div>

data/templates/sms-confirm.str

@@ -1,7 +1,6 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="sms-confirm-form">
+<form method="post" class="rodauth" role="form" id="sms-confirm-form">
   #{rodauth.sms_confirm_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.render('sms-code-field')}
   #{rodauth.button(rodauth.sms_confirm_button)}
 </form>
-

data/templates/sms-disable.str

@@ -1,7 +1,6 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="sms-disable-form">
+<form method="post" class="rodauth" role="form" id="sms-disable-form">
   #{rodauth.sms_disable_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
   #{rodauth.button(rodauth.sms_disable_button)}
 </form>
-

data/templates/sms-request.str

@@ -1,4 +1,4 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="sms-request-form">
+<form method="post" class="rodauth" role="form" id="sms-request-form">
   #{rodauth.sms_request_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.button(rodauth.sms_request_button)}

data/templates/sms-setup.str

@@ -1,11 +1,13 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="sms-setup-form">
+<form method="post" class="rodauth" role="form" id="sms-setup-form">
   #{rodauth.sms_setup_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
   <div class="form-group">
-    <label class="col-sm-2 control-label" for="sms-phone">#{rodauth.sms_phone_label}#{rodauth.input_field_label_suffix}</label>
-    <div class="col-sm-3">
-      #{rodauth.input_field_string(rodauth.sms_phone_param, 'sms-phone')}
+    <label for="sms-phone">#{rodauth.sms_phone_label}#{rodauth.input_field_label_suffix}</label>
+    <div class="row">
+      <div class="col-sm-3">
+        #{rodauth.input_field_string(rodauth.sms_phone_param, 'sms-phone', :type=>rodauth.sms_phone_input_type, :autocomplete=>'tel')}
+      </div>
     </div>
   </div>
   #{rodauth.button(rodauth.sms_setup_button)}

data/templates/two-factor-auth.str

@@ -0,0 +1,5 @@
+<ul class="rodauth-links rodauth-two-factor-auth-links">
+#{rodauth.two_factor_auth_links.sort.map do |_, link, text|
+  "<li><a href=\"#{h link}\">#{h text}</a></li>"
+end.join}
+</ul>

data/templates/two-factor-disable.str

@@ -0,0 +1,6 @@
+<form method="post" class="rodauth" role="form" id="multifactor-disable-form">
+  #{rodauth.two_factor_disable_additional_form_tags}
+  #{rodauth.csrf_tag}
+  #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
+  #{rodauth.button(rodauth.two_factor_disable_button)}
+</form>

data/templates/two-factor-manage.str

@@ -0,0 +1,16 @@
+#{rodauth.two_factor_setup_heading unless rodauth.two_factor_setup_links.empty?}
+
+<ul class="rodauth-links rodauth-multifactor-setup-links">
+#{rodauth.two_factor_setup_links.sort.map do |_, link, text|
+  "<li><a href=\"#{h link}\">#{h text}</a></li>"
+end.join("\n")}
+</ul>
+
+#{rodauth.two_factor_remove_heading unless rodauth.two_factor_remove_links.empty?}
+
+<ul class="rodauth-links rodauth-multifactor-remove-links">
+#{rodauth.two_factor_remove_links.sort.map do |_, link, text|
+  "<li><a href=\"#{h link}\">#{h text}</a></li>"
+end.join("\n")}
+#{"<li><a href=\"#{h rodauth.two_factor_disable_path}\">#{rodauth.two_factor_disable_link_text}</a></li>" if rodauth.two_factor_remove_links.length > 1}
+</ul>

data/templates/unlock-account-email.str

@@ -1,5 +1,5 @@
 Someone has requested a that the account with this email be unlocked.
 If you did not request the unlocking of this account, please ignore this
 message.  If you requested the unlocking of this account, please go to
-#{rodauth.unlock_account_email_link}
+#{rodauth.unlock_account_email_link} 
 to unlock this account.

data/templates/unlock-account-request.str

@@ -1,7 +1,7 @@
-<form action="#{rodauth.prefix}/#{rodauth.unlock_account_request_route}" method="post" class="rodauth form-horizontal" role="form" id="unlock-account-request-form">
+<form action="#{rodauth.unlock_account_request_path}" method="post" class="rodauth" role="form" id="unlock-account-request-form">
   #{rodauth.unlock_account_request_additional_form_tags}
-  #{rodauth.csrf_tag("#{rodauth.prefix}/#{rodauth.unlock_account_request_route}")}
-  <input type="hidden" name="#{rodauth.login_param}" value="#{h rodauth.param(rodauth.login_param)}"/>
+  #{rodauth.csrf_tag(rodauth.unlock_account_request_path)}
+  #{rodauth.login_hidden_field}
   #{rodauth.unlock_account_request_explanatory_text}
-  <input type="submit" class="btn btn-primary inline" value="#{rodauth.unlock_account_request_button}"/>
+  #{rodauth.button(rodauth.unlock_account_request_button)}
 </form>

data/templates/unlock-account.str

@@ -1,4 +1,4 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="unlock-account-form">
+<form method="post" class="rodauth" role="form" id="unlock-account-form">
   #{rodauth.unlock_account_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.unlock_account_explanatory_text}

data/templates/verify-account-email.str

@@ -1,4 +1,4 @@
 Someone has created an account with this email address.  If you did not create
 this account, please ignore this message.  If you created this account, please go to
-#{rodauth.verify_account_email_link}
+#{rodauth.verify_account_email_link} 
 to verify the account.

data/templates/verify-account-resend.str

@@ -1,7 +1,7 @@
-<form action="#{rodauth.prefix}/#{rodauth.verify_account_resend_route}" method="post" class="rodauth form-horizontal" role="form" id="verify-account-resend-form">
+<form action="#{rodauth.verify_account_resend_path}" method="post" class="rodauth" role="form" id="verify-account-resend-form">
   #{rodauth.verify_account_resend_additional_form_tags}
-  #{rodauth.csrf_tag("#{rodauth.prefix}/#{rodauth.verify_account_resend_route}")}
+  #{rodauth.csrf_tag(rodauth.verify_account_resend_path)}
   #{rodauth.verify_account_resend_explanatory_text}
-  #{(login = rodauth.param_or_nil(rodauth.login_param)) ? "<input type=\"hidden\" name=\"#{rodauth.login_param}\" value=\"#{h login}\"/>" : rodauth.render('login-field')}
+  #{rodauth.param_or_nil(rodauth.login_param) ? rodauth.login_hidden_field : rodauth.render('login-field')}
   #{rodauth.button(rodauth.verify_account_resend_button)}
 </form>

data/templates/verify-account.str

@@ -1,8 +1,7 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="verify-account-form">
+<form method="post" class="rodauth" role="form" id="verify-account-form">
   #{rodauth.verify_account_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.render('password-field') if rodauth.verify_account_set_password?}
   #{rodauth.render('password-confirm-field') if rodauth.verify_account_set_password? && rodauth.require_password_confirmation?}
   #{rodauth.button(rodauth.verify_account_button)}
 </form>
-

data/templates/verify-login-change-email.str

@@ -1,9 +1,10 @@
 Someone with an account has requested their login be changed to this email address:
 
 Old Login: #{rodauth.verify_login_change_old_login}
+
 New Login: #{rodauth.verify_login_change_new_login}
 
 If you did not request this login change, please ignore this message.  If you
 requested this login change, please go to
-#{rodauth.verify_login_change_email_link}
+#{rodauth.verify_login_change_email_link} 
 to verify the login change.

data/templates/verify-login-change.str

@@ -1,4 +1,4 @@
-<form method="post" class="rodauth form-horizontal" role="form" id="verify-login-change-form">
+<form method="post" class="rodauth" role="form" id="verify-login-change-form">
   #{rodauth.verify_login_change_additional_form_tags}
   #{rodauth.csrf_tag}
   #{rodauth.button(rodauth.verify_login_change_button)}

data/templates/webauthn-auth.str

@@ -0,0 +1,11 @@
+<form method="post" action="#{rodauth.webauthn_auth_form_path}" class="rodauth" role="form" id="webauthn-auth-form" data-credential-options="#{h((cred = rodauth.webauth_credential_options_for_get).as_json.to_json)}">
+  #{rodauth.webauthn_auth_additional_form_tags}
+  #{rodauth.csrf_tag(rodauth.webauthn_auth_form_path)}
+  <input type="hidden" name="#{rodauth.webauthn_auth_challenge_param}" value="#{cred.challenge}" />
+  <input type="hidden" name="#{rodauth.webauthn_auth_challenge_hmac_param}" value="#{rodauth.compute_hmac(cred.challenge)}" />
+  <input class="rodauth_hidden" aria-hidden="true" type="text" name="#{rodauth.webauthn_auth_param}" id="webauthn-auth" value="" />
+  <div id="webauthn-auth-button"> 
+    #{rodauth.button(rodauth.webauthn_auth_button)}
+  </div>
+</form>
+<script src="#{rodauth.webauthn_js_host}#{rodauth.webauthn_auth_js_path}"></script>

data/templates/webauthn-remove.str

@@ -0,0 +1,14 @@
+<form method="post" class="rodauth" role="form" id="webauthn-remove-form">
+  #{rodauth.webauthn_remove_additional_form_tags}
+  #{rodauth.csrf_tag}
+  #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
+  <fieldset class="form-group">
+    #{(usage = rodauth.account_webauthn_usage; last_id = usage.keys.last; usage;).map do |id, last_use|
+      input = rodauth.input_field_string(rodauth.webauthn_remove_param, "webauthn-remove-#{h id}", :type=>'radio', :class=>"form-check-input", :skip_error_message=>true, :value=>id, :required=>false)
+      label = "<label class=\"rodauth-webauthn-id form-check-label\" for=\"webauthn-remove-#{h id}\">Last Use: #{last_use}</label>"
+      error = rodauth.formatted_field_error(rodauth.webauthn_remove_param) if id == last_id
+      "<div class=\"form-check radio\">#{input}#{label}#{error}</div>"
+      end.join("\n")}
+  </fieldset>
+  #{rodauth.button(rodauth.webauthn_remove_button)}
+</form>

data/templates/webauthn-setup.str

@@ -0,0 +1,12 @@
+<form method="post" class="rodauth" role="form" id="webauthn-setup-form" data-credential-options="#{h((cred = rodauth.new_webauthn_credential).as_json.to_json)}">
+  #{rodauth.webauthn_setup_additional_form_tags}
+  #{rodauth.csrf_tag}
+  <input type="hidden" name="#{rodauth.webauthn_setup_challenge_param}" value="#{cred.challenge}" />
+  <input type="hidden" name="#{rodauth.webauthn_setup_challenge_hmac_param}" value="#{rodauth.compute_hmac(cred.challenge)}" />
+  <input class="rodauth_hidden" aria-hidden="true" type="text" name="#{rodauth.webauthn_setup_param}" id="webauthn-setup" value="" />
+  #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
+  <div id="webauthn-setup-button"> 
+    #{rodauth.button(rodauth.webauthn_setup_button)}
+  </div>
+</form>
+<script src="#{rodauth.webauthn_js_host}#{rodauth.webauthn_setup_js_path}"></script>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth
 version: !ruby/object:Gem::Version
-  version: 1.21.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-24 00:00:00.000000000 Z
+date: 2020-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -136,6 +136,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: webauthn
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -150,6 +164,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 5.0.0
+- !ruby/object:Gem::Dependency
+  name: minitest-global_expectations
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest-hooks
   requirement: !ruby/object:Gem::Requirement
@@ -179,9 +207,9 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 2.1.0
 description: |
-  Rodauth is an authentication and account management framework for
-  rack applications.  It's built using Roda and Sequel, but it can
-  be used as middleware in front of web applications that use
+  Rodauth is Ruby's most advanced authentication framework, designed
+  to work in all rack applications.  It's built using Roda and Sequel,
+  but it can be used as middleware in front of web applications that use
   other web frameworks and database libraries.
 
   Rodauth aims to provide strong security for password storage by
@@ -189,6 +217,19 @@ description: |
   MySQL, and Microsoft SQL Server.  Configuration is done via
   a DSL that makes it easy to override any part of the authentication
   process.
+
+  Rodauth supports typical authentication features: such as login and
+  logout, changing logins and passwords, and creating, verifying,
+  unlocking, and resetting passwords for accounts.  Rodauth also
+  supports many advanced authentication features:
+
+  * Secure password storage using security definer database functions
+  * Multiple primary multifactor authentication methods (WebAuthn and
+    TOTP), as well as backup multifactor authentication methods (SMS
+    and recovery codes).
+  * Passwordless authentication using email links and WebAuthn
+    authenticators.
+  * Both standard HTML form and JSON API support for all features.
 email: code@jeremyevans.net
 executables: []
 extensions: []
@@ -206,7 +247,6 @@ extra_rdoc_files:
 - doc/http_basic_auth.rdoc
 - doc/create_account.rdoc
 - doc/email_base.rdoc
-- doc/internals.rdoc
 - doc/disallow_common_passwords.rdoc
 - doc/disallow_password_reuse.rdoc
 - doc/password_complexity.rdoc
@@ -216,7 +256,7 @@ extra_rdoc_files:
 - doc/logout.rdoc
 - doc/otp.rdoc
 - doc/login_password_requirements_base.rdoc
-- doc/verify_change_login.rdoc
+- doc/jwt_cors.rdoc
 - doc/password_expiration.rdoc
 - doc/password_grace_period.rdoc
 - doc/recovery_codes.rdoc
@@ -232,6 +272,11 @@ extra_rdoc_files:
 - doc/jwt_refresh.rdoc
 - doc/verify_account_grace_period.rdoc
 - doc/verify_login_change.rdoc
+- doc/webauthn.rdoc
+- doc/webauthn_login.rdoc
+- doc/webauthn_verify_account.rdoc
+- doc/active_sessions.rdoc
+- doc/audit_logging.rdoc
 - doc/release_notes/1.17.0.txt
 - doc/release_notes/1.0.0.txt
 - doc/release_notes/1.1.0.txt
@@ -254,13 +299,19 @@ extra_rdoc_files:
 - doc/release_notes/1.19.0.txt
 - doc/release_notes/1.20.0.txt
 - doc/release_notes/1.21.0.txt
+- doc/release_notes/1.22.0.txt
+- doc/release_notes/1.23.0.txt
+- doc/release_notes/2.0.0.txt
+- doc/release_notes/2.1.0.txt
+- doc/release_notes/2.2.0.txt
 files:
 - CHANGELOG
 - MIT-LICENSE
 - README.rdoc
-- Rakefile
 - dict/top-10_000-passwords.txt
 - doc/account_expiration.rdoc
+- doc/active_sessions.rdoc
+- doc/audit_logging.rdoc
 - doc/base.rdoc
 - doc/change_login.rdoc
 - doc/change_password.rdoc
@@ -272,9 +323,30 @@ files:
 - doc/disallow_password_reuse.rdoc
 - doc/email_auth.rdoc
 - doc/email_base.rdoc
+- doc/guides/admin_activation.rdoc
+- doc/guides/already_authenticated.rdoc
+- doc/guides/alternative_login.rdoc
+- doc/guides/create_account_programmatically.rdoc
+- doc/guides/delay_password.rdoc
+- doc/guides/email_only.rdoc
+- doc/guides/i18n.rdoc
+- doc/guides/internals.rdoc
+- doc/guides/links.rdoc
+- doc/guides/login_return.rdoc
+- doc/guides/password_column.rdoc
+- doc/guides/password_confirmation.rdoc
+- doc/guides/password_requirements.rdoc
+- doc/guides/paths.rdoc
+- doc/guides/query_params.rdoc
+- doc/guides/redirects.rdoc
+- doc/guides/registration_field.rdoc
+- doc/guides/require_mfa.rdoc
+- doc/guides/reset_password_autologin.rdoc
+- doc/guides/status_column.rdoc
+- doc/guides/totp_or_recovery.rdoc
 - doc/http_basic_auth.rdoc
-- doc/internals.rdoc
 - doc/jwt.rdoc
+- doc/jwt_cors.rdoc
 - doc/jwt_refresh.rdoc
 - doc/lockout.rdoc
 - doc/login.rdoc
@@ -300,6 +372,8 @@ files:
 - doc/release_notes/1.2.0.txt
 - doc/release_notes/1.20.0.txt
 - doc/release_notes/1.21.0.txt
+- doc/release_notes/1.22.0.txt
+- doc/release_notes/1.23.0.txt
 - doc/release_notes/1.3.0.txt
 - doc/release_notes/1.4.0.txt
 - doc/release_notes/1.5.0.txt
@@ -307,6 +381,9 @@ files:
 - doc/release_notes/1.7.0.txt
 - doc/release_notes/1.8.0.txt
 - doc/release_notes/1.9.0.txt
+- doc/release_notes/2.0.0.txt
+- doc/release_notes/2.1.0.txt
+- doc/release_notes/2.2.0.txt
 - doc/remember.rdoc
 - doc/reset_password.rdoc
 - doc/session_expiration.rdoc
@@ -316,11 +393,17 @@ files:
 - doc/update_password_hash.rdoc
 - doc/verify_account.rdoc
 - doc/verify_account_grace_period.rdoc
-- doc/verify_change_login.rdoc
 - doc/verify_login_change.rdoc
+- doc/webauthn.rdoc
+- doc/webauthn_login.rdoc
+- doc/webauthn_verify_account.rdoc
+- javascript/webauthn_auth.js
+- javascript/webauthn_setup.js
 - lib/roda/plugins/rodauth.rb
 - lib/rodauth.rb
 - lib/rodauth/features/account_expiration.rb
+- lib/rodauth/features/active_sessions.rb
+- lib/rodauth/features/audit_logging.rb
 - lib/rodauth/features/base.rb
 - lib/rodauth/features/change_login.rb
 - lib/rodauth/features/change_password.rb
@@ -334,6 +417,7 @@ files:
 - lib/rodauth/features/email_base.rb
 - lib/rodauth/features/http_basic_auth.rb
 - lib/rodauth/features/jwt.rb
+- lib/rodauth/features/jwt_cors.rb
 - lib/rodauth/features/jwt_refresh.rb
 - lib/rodauth/features/lockout.rb
 - lib/rodauth/features/login.rb
@@ -353,48 +437,12 @@ files:
 - lib/rodauth/features/update_password_hash.rb
 - lib/rodauth/features/verify_account.rb
 - lib/rodauth/features/verify_account_grace_period.rb
-- lib/rodauth/features/verify_change_login.rb
 - lib/rodauth/features/verify_login_change.rb
+- lib/rodauth/features/webauthn.rb
+- lib/rodauth/features/webauthn_login.rb
+- lib/rodauth/features/webauthn_verify_account.rb
 - lib/rodauth/migrations.rb
 - lib/rodauth/version.rb
-- spec/account_expiration_spec.rb
-- spec/all.rb
-- spec/change_login_spec.rb
-- spec/change_password_notify_spec.rb
-- spec/change_password_spec.rb
-- spec/close_account_spec.rb
-- spec/confirm_password_spec.rb
-- spec/create_account_spec.rb
-- spec/disallow_common_passwords_spec.rb
-- spec/disallow_password_reuse_spec.rb
-- spec/email_auth_spec.rb
-- spec/http_basic_auth_spec.rb
-- spec/jwt_refresh_spec.rb
-- spec/jwt_spec.rb
-- spec/lockout_spec.rb
-- spec/login_spec.rb
-- spec/migrate/001_tables.rb
-- spec/migrate/002_account_password_hash_column.rb
-- spec/migrate_password/001_tables.rb
-- spec/migrate_travis/001_tables.rb
-- spec/password_complexity_spec.rb
-- spec/password_expiration_spec.rb
-- spec/password_grace_period_spec.rb
-- spec/remember_spec.rb
-- spec/reset_password_spec.rb
-- spec/rodauth_spec.rb
-- spec/session_expiration_spec.rb
-- spec/single_session_spec.rb
-- spec/spec_helper.rb
-- spec/two_factor_spec.rb
-- spec/update_password_hash_spec.rb
-- spec/verify_account_grace_period_spec.rb
-- spec/verify_account_spec.rb
-- spec/verify_change_login_spec.rb
-- spec/verify_login_change_spec.rb
-- spec/views/layout-other.str
-- spec/views/layout.str
-- spec/views/login.str
 - templates/add-recovery-codes.str
 - templates/button.str
 - templates/change-login.str
@@ -405,11 +453,15 @@ files:
 - templates/email-auth-email.str
 - templates/email-auth-request-form.str
 - templates/email-auth.str
+- templates/global-logout-field.str
 - templates/login-confirm-field.str
 - templates/login-display.str
 - templates/login-field.str
+- templates/login-form-footer.str
+- templates/login-form.str
 - templates/login.str
 - templates/logout.str
+- templates/multi-phase-login.str
 - templates/otp-auth-code-field.str
 - templates/otp-auth.str
 - templates/otp-disable.str
@@ -429,6 +481,9 @@ files:
 - templates/sms-disable.str
 - templates/sms-request.str
 - templates/sms-setup.str
+- templates/two-factor-auth.str
+- templates/two-factor-disable.str
+- templates/two-factor-manage.str
 - templates/unlock-account-email.str
 - templates/unlock-account-request.str
 - templates/unlock-account.str
@@ -437,6 +492,9 @@ files:
 - templates/verify-account.str
 - templates/verify-login-change-email.str
 - templates/verify-login-change.str
+- templates/webauthn-auth.str
+- templates/webauthn-remove.str
+- templates/webauthn-setup.str
 homepage: https://github.com/jeremyevans/rodauth
 licenses:
 - MIT
@@ -452,7 +510,7 @@ rdoc_options:
 - "--line-numbers"
 - "--inline-source"
 - "--title"
-- 'Rodauth: Authentication and Account Management Framework for Rack Applications'
+- 'Rodauth: Ruby''s Most Advanced Authentication Framework'
 - "--main"
 - README.rdoc
 require_paths:
@@ -461,14 +519,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.8.7
+      version: 1.9.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Authentication and Account Management Framework for Rack Applications