rose_quartz 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9a4ea455229fd1c679e1f03e3af168e2957c7009
+  data.tar.gz: 497bd1c54a984d513e7cef6da66e9229487e4de2
+SHA512:
+  metadata.gz: 8ef130e0e2cddad380778fd8126491e0e74abd27bcefd0f9fa1f47aca7d2ebe25daf23264eb13e85a65516809dae0f9fbefc198d3bbb39d700e49e4fe56911a7
+  data.tar.gz: f214a522eb35570560431dbd8bfabb7c638aa7d0acae64f4903134a2b8d1087be49297a15aeec66be28eaef67c189673fc10fb5b526b56a20986c2b43133b5a4

data/.gitignore

@@ -0,0 +1,20 @@
+# Tests
+/test/dummy/tmp/
+/test/dummy/log/
+*.sqlite3
+
+# Default Rails .gitignore
+
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# IDEA (RubyMine)
+
+/.idea/

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.3.3
+  - 2.4.0

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE

@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org>

data/README.md

@@ -0,0 +1,17 @@
+# RoseQuartz
+
+[![Build Status](https://travis-ci.org/little-bobby-tables/rose_quartz.svg?branch=master)](https://travis-ci.org/little-bobby-tables/rose_quartz)
+
+A gem that adds two-factor authentication (time-based one-time passwords) to [Devise](https://github.com/plataformatec/devise) 
+using the [rotp](https://github.com/mdp/rotp) library.
+
+It attempts to stay lightweight by making a lot of assumptions — for example, that 
+you have a single authenticatable resource, `User`, and that you're using `ActiveRecord`.
+
+Highlights of *RoseQuartz* are:
+
+* Zero tampering with the `User` model — no additional fields, no included modules.
+* Separate table that can be updated in future without affecting your codebase and data.
+* Built with Rails 5 and Devise 4 in mind.
+
+The gem is still in development. All tests for core functionality are passing, but UI integration is not implemented yet.

data/Rakefile

@@ -0,0 +1,10 @@
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+task default: :test

data/lib/rose_quartz.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: truez
+require 'devise'
+
+require 'rose_quartz/version'
+require 'rose_quartz/configuration'
+require 'rose_quartz/user_authenticator'
+require 'rose_quartz/devise/strategies/two_factor_authenticatable'

data/lib/rose_quartz/configuration.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+module RoseQuartz
+  class << self
+    def configuration
+      @configuration ||= Configuration.new
+    end
+  end
+
+  def self.initialize!
+    yield self.configuration
+    insert_authentication_strategy!
+  end
+
+  def self.insert_authentication_strategy!
+    ::Devise.setup do |c|
+      c.warden do |manager|
+        manager.default_strategies(scope: :user).unshift :two_factor_authenticatable
+      end
+    end
+  end
+
+  class Configuration
+    attr_accessor :issuer, :time_drift
+
+    def initialize
+      @issuer = ''
+      @time_drift = 60.seconds
+    end
+  end
+end

data/lib/rose_quartz/devise/strategies/two_factor_authenticatable.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+require 'devise/strategies/database_authenticatable'
+
+module Devise
+  module Strategies
+    class TwoFactorAuthenticatable < ::Devise::Strategies::DatabaseAuthenticatable
+      def authenticate!
+        resource = password.present? && mapping.to.find_for_database_authentication(authentication_hash)
+
+        super if validate(resource) { otp_matches?(resource) }
+      end
+
+      def otp_matches?(resource)
+        authenticator = RoseQuartz::UserAuthenticator.find_by(user_id: resource.id)
+        return true if authenticator.nil? # two-factor authentication is disabled
+
+        token = params['tf_authentication_token']
+        return false if token.nil?
+
+        authenticator.authenticate(token)
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:two_factor_authenticatable, Devise::Strategies::TwoFactorAuthenticatable)

data/lib/rose_quartz/user_authenticator.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+require 'rotp'
+
+module RoseQuartz
+  class UserAuthenticator < ::ActiveRecord::Base
+    belongs_to :user
+
+    before_create :set_secret
+
+    def set_secret
+      self.secret = ROTP::Base32.random_base32
+    end
+
+    def authenticator
+      @authenticator ||= ROTP::TOTP.new(secret)
+    end
+
+    def authenticate(token)
+      authenticated_at = authenticator.verify_with_drift_and_prior(
+          token, RoseQuartz.configuration.time_drift, last_authenticated_at)
+      return false unless authenticated_at
+      update_columns last_authenticated_at: authenticated_at
+      true
+    end
+  end
+end

data/lib/rose_quartz/version.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+module RoseQuartz
+  VERSION = '0.1.0'
+end

data/rose_quartz.gemspec

@@ -0,0 +1,26 @@
+$LOAD_PATH.unshift File.expand_path('../lib', __FILE__)
+
+require 'rose_quartz/version'
+Gem::Specification.new do |spec|
+  spec.name          = 'rose_quartz'
+  spec.version       = RoseQuartz::VERSION
+  spec.authors       = ['little-bobby-tables']
+  spec.email         = ['little-bobby-tables@users.noreply.github.com']
+
+  spec.summary       = 'An extremely narrow in scope, convention-over-configuration TOTP integration for Rails'
+  spec.homepage      = 'https://github.com/little-bobby-tables/rose_quartz'
+  spec.license       = 'Unlicense'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency 'rails', '~> 5.0'
+  spec.add_runtime_dependency 'devise', '~> 4.2'
+  spec.add_runtime_dependency 'rotp', '~> 3.3'
+
+  spec.add_development_dependency 'sqlite3'
+  spec.add_development_dependency 'factory_girl_rails'
+  spec.add_development_dependency 'minitest-reporters'
+end

metadata

@@ -0,0 +1,141 @@
+--- !ruby/object:Gem::Specification
+name: rose_quartz
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- little-bobby-tables
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-01-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.2'
+- !ruby/object:Gem::Dependency
+  name: rotp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.3'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: factory_girl_rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest-reporters
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- little-bobby-tables@users.noreply.github.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/rose_quartz.rb
+- lib/rose_quartz/configuration.rb
+- lib/rose_quartz/devise/strategies/two_factor_authenticatable.rb
+- lib/rose_quartz/user_authenticator.rb
+- lib/rose_quartz/version.rb
+- rose_quartz.gemspec
+homepage: https://github.com/little-bobby-tables/rose_quartz
+licenses:
+- Unlicense
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.8
+signing_key: 
+specification_version: 4
+summary: An extremely narrow in scope, convention-over-configuration TOTP integration
+  for Rails
+test_files: []