safeguard-devise 0.0.2

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    NDZkMTc5ZTViMmQ3Mzk3ODgzMjgyNWM1MTc3N2MwODFkYjk5YmZlZA==
+  data.tar.gz: !binary |-
+    MmZkZDliOWYzZGQ3N2Q2MzYxYTM5ZTFlMjc3NDRkZjI0MDc1YWIwYQ==
+SHA512:
+  metadata.gz: !binary |-
+    NGEzNTBkNGUxNTYyZjU5YmVmOTBlYWIyYTg4NjY3NmMyNDI2MDc5YTVhMWMw
+    MGVjN2VlNGY1OTllMWUwNmVmZDZkMTgxMDk3NDI2NDNjMWZlOTMwMzJhZTFj
+    N2M5OTk4MjQ3OWMxMGUzYWY4MmM2NjZjYTE2YTk3ZDMxZTQ4ODE=
+  data.tar.gz: !binary |-
+    MWNhZTk3MjFhN2JmYTliZTBiYjkwMDQ3Yjk4NjFiOTA5MTQxMjI2YzM3NGE2
+    NmU1NjY4NDBlYTYwMGM3ZDgxNTY4ZWZkZTIzN2ExYjcyOTVmYmVkYWFhYjAz
+    NTAwOGUwYzY5MmNiMTllYjBiY2ZmNmRkNTgzNjUwMjM4NGI5MmI=

data/.vagrant/machines/default/virtualbox/action_provision

@@ -0,0 +1 @@
+1392821468

data/.vagrant/machines/default/virtualbox/action_set_name

@@ -0,0 +1 @@
+1392821436

data/.vagrant/machines/default/virtualbox/id

@@ -0,0 +1 @@
+27ebf715-ba1c-4328-8272-055d4474ba94

data/Gemfile

@@ -0,0 +1,25 @@
+source "https://rubygems.org"
+
+gem "devise"
+gem 'safeguard-api'
+
+group :development do
+  gem "rspec"
+  gem "yard"
+  gem "rdoc"
+  gem "bundler"
+  gem "jeweler"
+  gem "simplecov"
+  gem "sass-rails"
+  gem "jquery-rails"
+  gem "pry"
+end
+
+group :test do
+  gem "rails"
+  gem "sqlite3"
+  gem 'rspec-rails'
+  gem 'database_cleaner'
+  gem 'capybara'
+end
+

data/Gemfile.lock

@@ -0,0 +1,186 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionmailer (0.6.1)
+      actionpack (>= 0.9.5)
+    actionpack (4.0.3)
+      activesupport (= 4.0.3)
+      builder (~> 3.1.0)
+      erubis (~> 2.7.0)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    activemodel (4.0.3)
+      activesupport (= 4.0.3)
+      builder (~> 3.1.0)
+    activerecord (4.0.3)
+      activemodel (= 4.0.3)
+      activerecord-deprecated_finders (~> 1.0.2)
+      activesupport (= 4.0.3)
+      arel (~> 4.0.0)
+    activerecord-deprecated_finders (1.0.3)
+    activesupport (4.0.3)
+      i18n (~> 0.6, >= 0.6.4)
+      minitest (~> 4.2)
+      multi_json (~> 1.3)
+      thread_safe (~> 0.1)
+      tzinfo (~> 0.3.37)
+    addressable (2.3.5)
+    arel (4.0.2)
+    atomic (1.1.14)
+    bcrypt-ruby (3.1.2)
+    builder (3.1.4)
+    capybara (2.2.1)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
+    coderay (1.1.0)
+    database_cleaner (1.2.0)
+    descendants_tracker (0.0.3)
+    devise (3.2.3)
+      bcrypt-ruby (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 3.2.6, < 5)
+      thread_safe (~> 0.1)
+      warden (~> 1.2.3)
+    diff-lcs (1.2.5)
+    docile (1.1.3)
+    erubis (2.7.0)
+    faraday (0.9.0)
+      multipart-post (>= 1.2, < 3)
+    git (1.2.6)
+    github_api (0.11.2)
+      addressable (~> 2.3)
+      descendants_tracker (~> 0.0.1)
+      faraday (~> 0.8, < 0.10)
+      hashie (>= 1.2)
+      multi_json (>= 1.7.5, < 2.0)
+      nokogiri (~> 1.6.0)
+      oauth2
+    hashie (2.0.5)
+    highline (1.6.20)
+    hike (1.2.3)
+    httpclient (2.3.4.1)
+    i18n (0.6.9)
+    jeweler (2.0.1)
+      builder
+      bundler (>= 1.0)
+      git (>= 1.2.5)
+      github_api
+      highline (>= 1.6.15)
+      nokogiri (>= 1.5.10)
+      rake
+      rdoc
+    jquery-rails (3.1.0)
+      railties (>= 3.0, < 5.0)
+      thor (>= 0.14, < 2.0)
+    json (1.8.1)
+    jwt (0.1.11)
+      multi_json (>= 1.5)
+    method_source (0.8.2)
+    mime-types (2.1)
+    mini_portile (0.5.2)
+    minitest (4.7.5)
+    multi_json (1.8.4)
+    multi_xml (0.5.5)
+    multipart-post (2.0.0)
+    nokogiri (1.6.1)
+      mini_portile (~> 0.5.0)
+    oauth2 (0.9.3)
+      faraday (>= 0.8, < 0.10)
+      jwt (~> 0.1.8)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (~> 1.2)
+    orm_adapter (0.5.0)
+    pry (0.9.12.6)
+      coderay (~> 1.0)
+      method_source (~> 0.8)
+      slop (~> 3.4)
+    rack (1.5.2)
+    rack-test (0.6.2)
+      rack (>= 1.0)
+    rails (0.9.5)
+      actionmailer (>= 0.6.1)
+      actionpack (>= 1.4.0)
+      activerecord (>= 1.6.0)
+      rake (>= 0.4.15)
+    railties (4.0.3)
+      actionpack (= 4.0.3)
+      activesupport (= 4.0.3)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (10.1.1)
+    rdoc (4.1.1)
+      json (~> 1.4)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.7)
+    rspec-expectations (2.14.5)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.14.5)
+    rspec-rails (2.14.1)
+      actionpack (>= 3.0)
+      activemodel (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    safeguard-api (0.2.0)
+      httpclient (>= 2.3.4)
+    sass (3.2.14)
+    sass-rails (4.0.1)
+      railties (>= 4.0.0, < 5.0)
+      sass (>= 3.1.10)
+      sprockets-rails (~> 2.0.0)
+    simplecov (0.8.2)
+      docile (~> 1.1.0)
+      multi_json
+      simplecov-html (~> 0.8.0)
+    simplecov-html (0.8.0)
+    slop (3.4.7)
+    sprockets (2.11.0)
+      hike (~> 1.2)
+      multi_json (~> 1.0)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    sprockets-rails (2.0.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      sprockets (~> 2.8)
+    sqlite3 (1.3.8)
+    thor (0.18.1)
+    thread_safe (0.1.3)
+      atomic
+    tilt (1.4.1)
+    tzinfo (0.3.38)
+    warden (1.2.3)
+      rack (>= 1.0)
+    xpath (2.0.0)
+      nokogiri (~> 1.3)
+    yard (0.8.7.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler
+  capybara
+  database_cleaner
+  devise
+  jeweler
+  jquery-rails
+  pry
+  rails
+  rdoc
+  rspec
+  rspec-rails
+  safeguard-api
+  sass-rails
+  simplecov
+  sqlite3
+  yard

data/Rakefile

@@ -0,0 +1,51 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://guides.rubygems.org/specification-reference/ for more options
+  gem.name = "safeguard-devise"
+  gem.homepage = "http://github.com/diegonakamashi/safeguard-devise"
+  gem.license = "MIT"
+  gem.summary = %Q{TODO: one-line summary of your gem}
+  gem.description = %Q{TODO: longer description of your gem}
+  gem.email = "diegonakamashi@gmail.com"
+  gem.authors = ["diegonakamashi"]
+  # dependencies defined in Gemfile
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+desc "Code coverage detail"
+task :simplecov do
+  ENV['COVERAGE'] = "true"
+  Rake::Task['test'].execute
+end
+
+task :default => :test
+
+require 'rdoc/task'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "safeguard-devise #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.0.0

data/Vagrantfile

@@ -0,0 +1,128 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
+VAGRANTFILE_API_VERSION = "2"
+
+
+Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
+  # All Vagrant configuration is done here. The most common configuration
+  # options are documented and commented below. For a complete reference,
+  # please see the online documentation at vagrantup.com.
+
+  # Every Vagrant virtual environment requires a box to build off of.
+  config.vm.box = "precise32"
+
+  # The url from where the 'config.vm.box' box will be fetched if it
+  # doesn't already exist on the user's system.
+  config.vm.box_url = "http://files.vagrantup.com/precise32.box"
+  config.vm.hostname = 'vizir-dev-box'
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # config.vm.network :forwarded_port, guest: 80, host: 8080
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  config.vm.network :private_network, ip: "192.168.33.20"
+
+  config.vm.network :forwarded_port, guest: 3000, host: 3333
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network :public_network
+
+  # If true, then any SSH connections made will enable agent forwarding.
+  # Default value: false
+  # config.ssh.forward_agent = true
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  config.vm.synced_folder ".", "/vagrant"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  config.vm.provider :virtualbox do |vb|
+    # Don't boot with headless mode
+    # vb.gui = true
+
+    # Use VBoxManage to customize the VM. For example to change memory:
+    vb.customize ["modifyvm", :id, "--memory", "1024"]
+    vb.customize ["modifyvm", :id, "--ioapic", "on"]
+  end
+  #
+  # View the documentation for the provider you're using for more
+  # information on available options.
+
+  # Enable provisioning with Puppet stand alone.  Puppet manifests
+  # are contained in a directory path relative to this Vagrantfile.
+  # You will need to create the manifests directory and a manifest in
+  # the file base.pp in the manifests_path directory.
+  #
+  # An example Puppet manifest to provision the message of the day:
+  #
+  # # group { "puppet":
+  # #   ensure => "present",
+  # # }
+  # #
+  # # File { owner => 0, group => 0, mode => 0644 }
+  # #
+  # # file { '/etc/motd':
+  # #   content => "Welcome to your Vagrant-built virtual machine!
+  # #               Managed by Puppet.\n"
+  # # }
+  #
+  # config.vm.provision :puppet do |puppet|
+  #   puppet.manifests_path = "manifests"
+  #   puppet.manifest_file  = "site.pp"
+  # end
+
+  # config.vm.provision :shell, :path => "puppet/upgrade-puppet.sh"
+  config.vm.provision :puppet do |puppet|
+     puppet.manifests_path = 'puppet/manifests'
+     puppet.module_path    = 'puppet/modules'
+  end
+
+  # Enable provisioning with chef solo, specifying a cookbooks path, roles
+  # path, and data_bags path (all relative to this Vagrantfile), and adding
+  # some recipes and/or roles.
+  #
+  # config.vm.provision :chef_solo do |chef|
+  #   chef.cookbooks_path = "../my-recipes/cookbooks"
+  #   chef.roles_path = "../my-recipes/roles"
+  #   chef.data_bags_path = "../my-recipes/data_bags"
+  #   chef.add_recipe "mysql"
+  #   chef.add_role "web"
+  #
+  #   # You may also specify custom JSON attributes:
+  #   chef.json = { :mysql_password => "foo" }
+  # end
+
+  # Enable provisioning with chef server, specifying the chef server URL,
+  # and the path to the validation key (relative to this Vagrantfile).
+  #
+  # The Opscode Platform uses HTTPS. Substitute your organization for
+  # ORGNAME in the URL and validation key.
+  #
+  # If you have your own Chef Server, use the appropriate URL, which may be
+  # HTTP instead of HTTPS depending on your configuration. Also change the
+  # validation key to validation.pem.
+  #
+  # config.vm.provision :chef_client do |chef|
+  #   chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
+  #   chef.validation_key_path = "ORGNAME-validator.pem"
+  # end
+  #
+  # If you're using the Opscode platform, your validator client is
+  # ORGNAME-validator, replacing ORGNAME with your organization name.
+  #
+  # If you have your own Chef Server, the default validation client name is
+  # chef-validator, unless you changed the configuration.
+  #
+  #   chef.validation_client_name = "ORGNAME-validator"
+end

data/app/controllers/devise/devise_safeguard_controller.rb

@@ -0,0 +1,56 @@
+class Devise::DeviseSafeguardController < DeviseController
+  include Devise::Controllers::Helpers
+
+  before_filter :find_resource_and_require_password_checked
+
+  def GET_verify_safeguard
+    render 'verify_safeguard'
+  end
+
+  def POST_verify_safeguard
+    if token_ok?
+      @resource.update_attribute(:last_sign_in_with_safeguard, DateTime.now)
+
+      #remember_device if params[:remember_device].to_i == 1
+      if session.delete("#{resource_name}_remember_me") == true && @resource.respond_to?(:remember_me=)
+        @resource.remember_me = true
+      end
+      sign_in(resource_name, @resource)
+
+      set_flash_message(:notice, :signed_in) if is_navigational_format?
+      respond_with resource, :location => after_sign_in_path_for(@resource)
+    else
+      set_flash_message(:error, :invalid_token)
+      render :verify_safeguard
+    end
+  end
+
+  def token_ok?
+    resp = Safeguard::API.is_valid?({
+      :email => @resource.email,
+      :token => params[:safeguard_token]
+    })
+    resp
+  end
+
+
+  def find_resource
+    @resource = send("current_#{resource_name}")
+
+    if @resource.nil?
+      @resource = resource_class.find_by_id(session["#{resource_name}_id"])
+    end
+  end
+
+  def find_resource_and_require_password_checked
+    find_resource
+
+    if @resource.nil? || session[:"#{resource_name}_password_checked"].to_s != "true"
+      redirect_to invalid_resource_path
+    end
+  end
+
+  def invalid_resource_path
+    root_path
+  end
+end

data/app/views/devise/verify_safeguard.html.erb

@@ -0,0 +1,9 @@
+<%= stylesheet_link_tag "devise_safeguard", :media => "all" %>
+<div id="safeguard-form-token">
+  <%= form_tag([resource_name, :verify_safeguard], :id => 'devise_safeguard', :class => 'safeguard-form', :method => :post) do %>
+    <%= hidden_field_tag(:"#{resource_name}_id", @resource.email) %>
+    <%= label_tag :safeguard_token %>
+    <%= text_field_tag :safeguard_token, "", :autocomplete => :off, :id => 'safeguard-token' %>
+    <%= submit_tag I18n.t('safeguard_token_button', {:scope => 'devise'}), :class => 'button' %>
+  <% end %>
+</div>

data/app/views/devise/verify_safeguard.html.haml

@@ -0,0 +1,7 @@
+= stylesheet_link_tag "devise_safeguard", :media => "all"
+#safeguard-form-token
+  = form_tag([resource_name, :verify_safeguard], :id => 'devise_safeguard', :class => 'safeguard-form', :method => :post) do
+    = hidden_field_tag(:"#{resource_name}_id", @resource.email)
+    = label_tag :safeguard_token
+    = text_field_tag :safeguard_token, "", :autocomplete => :off, :id => 'safeguard-token'
+    = submit_tag I18n.t('safeguard_token_button', {:scope => 'devise'}), :class => 'button'

data/config/locales/pt-BR.yml

@@ -0,0 +1,5 @@
+pt-BR:
+  devise:
+    safeguard_form_title: Por favor informe a senha do seu token.
+    safeguard_token_button: Enviar senha 
+    safeguard_token: Token

data/lib/devise-safeguard/controllers/helpers.rb

@@ -0,0 +1,54 @@
+module DeviseSafeguard
+  module Controllers
+    module Helpers
+      extend ActiveSupport::Concern
+      included do
+        before_filter :is_safeguard_token_needed?, :if => :is_signing_in?
+      end
+
+      def is_signing_in?
+        if devise_controller? && signed_in?(resource_name) &&
+           self.class == Devise::SessionsController || self.class.ancestors.include?(Devise::SessionsController) && 
+           self.action_name == "create"
+          return true
+        end
+
+        return false
+      end
+
+      def require_token?
+        return false if !signed_in?(resource_name)
+        return false if !warden.session(resource_name)[:with_safeguard_authentication]
+        return true
+      end
+
+      def is_safeguard_token_needed?
+        if require_token?
+          # login with 2fa
+          id = warden.session(resource_name)[:id]
+
+          remember_me = (params.fetch(resource_name, {})[:remember_me].to_s == "1")
+          return_to = session["#{resource_name}_return_to"]
+          warden.logout
+          warden.reset_session! # make sure the session resetted
+
+          session["#{resource_name}_id"] = id
+          # this is safe to put in the session because the cookie is signed
+          session["#{resource_name}_password_checked"] = true
+          session["#{resource_name}_remember_me"] = remember_me
+          session["#{resource_name}_return_to"] = return_to if return_to
+
+          redirect_to verify_safeguard_path_for(resource_name)
+          return
+        end
+      end
+
+      def verify_safeguard_path_for(resource_or_scope = nil)
+        scope = Devise::Mapping.find_scope!(resource_or_scope)
+        send("#{scope}_verify_safeguard_path")
+      end
+
+    end
+  end
+end
+

data/lib/devise-safeguard/hooks/safeguard_authenticatable.rb

@@ -0,0 +1,7 @@
+Warden::Manager.after_authentication do |user, auth, options|
+  if user.respond_to?(:with_safeguard_authentication?)
+    if auth.session(options[:scope])[:with_safeguard_authentication] = user.with_safeguard_authentication?(auth.request)
+      auth.session(options[:scope])[:id] = user.id
+    end
+  end
+end

data/lib/devise-safeguard/models/safeguard_authenticatable.rb

@@ -0,0 +1,18 @@
+require 'devise-safeguard/hooks/safeguard_authenticatable'
+module Devise
+  module Models
+    module SafeguardAuthenticatable
+      extend ActiveSupport::Concern
+
+      def with_safeguard_authentication?(request)
+        return true if self.safeguard_enabled
+        false
+      end
+
+      module ClassMethods
+        Devise::Models.config(self, :safeguard_remember_device)
+      end
+    end
+  end
+end
+

data/lib/devise-safeguard/rails.rb

@@ -0,0 +1,7 @@
+module DeviseSafeguard
+  class Engine < ::Rails::Engine
+    ActiveSupport.on_load(:action_controller) do
+      include DeviseSafeguard::Controllers::Helpers
+    end
+  end
+end

data/lib/devise-safeguard/routes.rb

@@ -0,0 +1,17 @@
+module ActionDispatch::Routing
+  class Mapper
+    protected
+
+    def devise_safeguard(mapping, controllers)
+      match "/#{mapping.path_names[:verify_safeguard]}", :controller => controllers[:devise_safeguard], :action => :GET_verify_safeguard, :as => :verify_safeguard, :via => :get
+      match "/#{mapping.path_names[:verify_safeguard]}", :controller => controllers[:devise_safeguard], :action => :POST_verify_safeguard, :as => nil, :via => :post
+
+     # match "/#{mapping.path_names[:enable_safeguard]}", :controller => controllers[:devise_safeguard], :action => :GET_enable_safeguard, :as => :enable_safeguard, :via => :get
+     # match "/#{mapping.path_names[:enable_safeguard]}", :controller => controllers[:devise_safeguard], :action => :POST_enable_safeguard, :as => nil, :via => :post
+
+    #  match "/#{mapping.path_names[:verify_safeguard_installation]}", :controller => controllers[:devise_safeguard], :action => :GET_verify_safeguard_installation, :as => :verify_safeguard_installation, :via => :get
+    #  match "/#{mapping.path_names[:verify_safeguard_installation]}", :controller => controllers[:devise_safeguard], :action => :POST_verify_safeguard_installation, :as => nil, :via => :post
+    end
+  end
+end
+

data/lib/generators/active_record/devise_safeguard_generator.rb

@@ -0,0 +1,13 @@
+require 'rails/generators/active_record'
+
+module ActiveRecord
+  module Generators
+    class DeviseSafeguardGenerator < ActiveRecord::Generators::Base
+      source_root File.expand_path("../templates", __FILE__)
+
+      def copy_devise_migration
+        migration_template "migration.rb", "db/migrate/devise_safeguard_add_to_#{table_name}"
+      end
+    end
+  end
+end

data/lib/generators/active_record/templates/migration.rb

@@ -0,0 +1,15 @@
+class DeviseSafeguardAddTo<%= table_name.camelize %> < ActiveRecord::Migration
+  def self.up
+    change_table :<%= table_name %> do |t|
+      t.datetime  :last_sign_in_with_safeguard
+      t.boolean   :safeguard_enabled, :default => false
+    end
+
+  end
+
+  def self.down
+    change_table :<%= table_name %> do |t|
+      t.remove :last_sign_in_with_safeguard, :safeguard_enabled
+    end
+  end
+end

data/lib/generators/devise_safeguard/devise_safeguard_generator.rb

@@ -0,0 +1,30 @@
+module DeviseSafeguard
+  module Generators
+    class DeviseSafeguardGenerator < Rails::Generators::NamedBase
+
+      namespace "devise_safeguard"
+
+      desc "Add :safeguard_authenticatable directive in the given model, plus accessors. Also generate migration for ActiveRecord"
+
+      def inject_devise_safeguard_content
+        path = File.join("app","models","#{file_path}.rb")
+        if File.exists?(path) &&
+          !File.read(path).include?("safeguard_authenticatable")
+          inject_into_file(path,
+                           "safeguard_authenticatable, :",
+                           :after => "devise :")
+        end
+
+        if File.exists?(path) &&
+          !File.read(path).include?(":last_sign_in_with_safeguard")
+          inject_into_file(path,
+                           ":last_sign_in_with_safeguard, ",
+                           :after => "attr_accessible ") 
+        end
+      end
+
+      hook_for :orm
+
+    end
+  end
+end