two_factor_authentication 1.1.4 → 1.1.5

data/spec/rails_app/config/initializers/devise.rb

@@ -224,7 +224,7 @@ Devise.setup do |config|
   # config.navigational_formats = ['*/*', :html]
 
   # The default HTTP method used to sign out a resource. Default is :delete.
-  config.sign_out_via = :delete
+  config.sign_out_via = Rails.env.test? ? :get : :delete
 
   # ==> OmniAuth
   # Add a new OmniAuth provider. Check the wiki for more information on setting
@@ -253,4 +253,6 @@ Devise.setup do |config|
   # When using omniauth, Devise cannot automatically set Omniauth path,
   # so you need to do it manually. For the users scope, it would be:
   # config.omniauth_path_prefix = '/my_engine/users/auth'
+
+  config.otp_secret_encryption_key = '0a8283fba984da1de24e4df1e93046cb53c5787944ef037b2dbf3e61d20fe11f25e25a855cec605fdf65b162329890d7230afdf64f681b4c32020281054e73ec'
 end

data/spec/rails_app/db/migrate/20151224171231_add_encrypted_columns_to_user.rb

@@ -0,0 +1,9 @@
+class AddEncryptedColumnsToUser < ActiveRecord::Migration
+  def change
+    add_column :users, :encrypted_otp_secret_key, :string
+    add_column :users, :encrypted_otp_secret_key_iv, :string
+    add_column :users, :encrypted_otp_secret_key_salt, :string
+
+    add_index :users, :encrypted_otp_secret_key, unique: true
+  end
+end

data/spec/rails_app/db/migrate/20151224180310_populate_otp_column.rb

@@ -0,0 +1,19 @@
+class PopulateOtpColumn < ActiveRecord::Migration
+  def up
+    User.reset_column_information
+
+    User.find_each do |user|
+      user.otp_secret_key = user.read_attribute('otp_secret_key')
+      user.save!
+    end
+  end
+
+  def down
+    User.reset_column_information
+
+    User.find_each do |user|
+      user.otp_secret_key = ROTP::Base32.random_base32
+      user.save!
+    end
+  end
+end

data/spec/rails_app/db/migrate/20151228230340_remove_otp_secret_key_from_user.rb

@@ -0,0 +1,5 @@
+class RemoveOtpSecretKeyFromUser < ActiveRecord::Migration
+  def change
+    remove_column :users, :otp_secret_key, :string
+  end
+end

data/spec/rails_app/db/schema.rb

@@ -9,30 +9,32 @@
 # from scratch. The latter is a flawed and unsustainable approach (the more migrations
 # you'll amass, the slower it'll run and the greater likelihood for issues).
 #
-# It's strongly recommended to check this file into your version control system.
+# It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20140407215513) do
+ActiveRecord::Schema.define(version: 20151228230340) do
 
-  create_table "users", :force => true do |t|
-    t.string   "email",                                      :default => "", :null => false
-    t.string   "encrypted_password",                         :default => "", :null => false
+  create_table "users", force: :cascade do |t|
+    t.string   "email",                                    default: "", null: false
+    t.string   "encrypted_password",                       default: "", null: false
     t.string   "reset_password_token"
     t.datetime "reset_password_sent_at"
     t.datetime "remember_created_at"
-    t.integer  "sign_in_count",                              :default => 0,  :null => false
+    t.integer  "sign_in_count",                            default: 0,  null: false
     t.datetime "current_sign_in_at"
     t.datetime "last_sign_in_at"
     t.string   "current_sign_in_ip"
     t.string   "last_sign_in_ip"
-    t.datetime "created_at",                                                 :null => false
-    t.datetime "updated_at",                                                 :null => false
-    t.string   "otp_secret_key"
-    t.integer  "second_factor_attempts_count",               :default => 0
-    t.string   "nickname",                     :limit => 64
+    t.datetime "created_at",                                            null: false
+    t.datetime "updated_at",                                            null: false
+    t.integer  "second_factor_attempts_count",             default: 0
+    t.string   "nickname",                      limit: 64
+    t.string   "encrypted_otp_secret_key"
+    t.string   "encrypted_otp_secret_key_iv"
+    t.string   "encrypted_otp_secret_key_salt"
   end
 
-  add_index "users", ["email"], :name => "index_users_on_email", :unique => true
-  add_index "users", ["otp_secret_key"], :name => "index_users_on_otp_secret_key", :unique => true
-  add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true
+  add_index "users", ["email"], name: "index_users_on_email", unique: true
+  add_index "users", ["encrypted_otp_secret_key"], name: "index_users_on_encrypted_otp_secret_key", unique: true
+  add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
 
 end

data/spec/spec_helper.rb

@@ -3,6 +3,7 @@ require File.expand_path("../rails_app/config/environment.rb",  __FILE__)
 
 require 'rspec/rails'
 require 'timecop'
+require 'rack_session_access/capybara'
 
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|

data/spec/support/authenticated_model_helper.rb

@@ -1,10 +1,11 @@
 module AuthenticatedModelHelper
-
   def build_guest_user
     GuestUser.new
   end
 
-  def create_user(attributes={})
+  def create_user(type = 'encrypted', attributes = {})
+    create_table_for_nonencrypted_user if type == 'not_encrypted'
+
     User.create!(valid_attributes(attributes))
   end
 
@@ -23,6 +24,29 @@ module AuthenticatedModelHelper
     "user#{@@email_count}@example.com"
   end
 
+  def create_table_for_nonencrypted_user
+    silence_stream(STDOUT) do
+      ActiveRecord::Schema.define(version: 1) do
+        create_table 'users', force: :cascade do |t|
+          t.string   'email', default: '', null: false
+          t.string   'encrypted_password', default: '', null: false
+          t.string   'reset_password_token'
+          t.datetime 'reset_password_sent_at'
+          t.datetime 'remember_created_at'
+          t.integer  'sign_in_count', default: 0,  null: false
+          t.datetime 'current_sign_in_at'
+          t.datetime 'last_sign_in_at'
+          t.string   'current_sign_in_ip'
+          t.string   'last_sign_in_ip'
+          t.datetime 'created_at', null: false
+          t.datetime 'updated_at', null: false
+          t.integer  'second_factor_attempts_count', default: 0
+          t.string   'nickname', limit: 64
+          t.string   'otp_secret_key'
+        end
+      end
+    end
+  end
 end
 
 RSpec.configuration.send(:include, AuthenticatedModelHelper)

data/spec/support/controller_helper.rb

@@ -0,0 +1,16 @@
+module ControllerHelper
+  def sign_in(user = create_user('not_encrypted'))
+    allow(warden).to receive(:authenticated?).with(:user).and_return(true)
+    allow(controller).to receive(:current_user).and_return(user)
+    warden.session(:user)[TwoFactorAuthentication::NEED_AUTHENTICATION] = true
+  end
+end
+
+RSpec.configure do |config|
+  config.include Devise::TestHelpers, type: :controller
+  config.include ControllerHelper, type: :controller
+
+  config.before(:example, type: :controller) do
+    @request.env['devise.mapping'] = Devise.mappings[:user]
+  end
+end

data/spec/support/features_spec_helper.rb

@@ -10,10 +10,33 @@ module FeaturesSpecHelper
     fill_in "Password", with: 'password'
     find('.actions input').click # 'Sign in' or 'Log in'
   end
+
+  def set_cookie key, value
+    page.driver.browser.set_cookie [key, value].join('=')
+  end
+
+  def get_cookie key
+    Capybara.current_session.driver.request.cookies[key]
+  end
+
+  def set_tfa_cookie value
+    set_cookie TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME, value
+  end
+
+  def get_tfa_cookie
+    get_cookie TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME
+  end
 end
 
 RSpec.configure do |config|
   config.include Warden::Test::Helpers, type: :feature
   config.include FeaturesSpecHelper, type: :feature
-end
 
+  config.before(:each) do
+    Warden.test_mode!
+  end
+
+  config.after(:each) do
+    Warden.test_reset!
+  end
+end

data/two_factor_authentication.gemspec

@@ -28,6 +28,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'devise'
   s.add_runtime_dependency 'randexp'
   s.add_runtime_dependency 'rotp'
+  s.add_runtime_dependency 'encryptor'
 
   s.add_development_dependency 'bundler'
   s.add_development_dependency 'rake'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: two_factor_authentication
 version: !ruby/object:Gem::Version
-  version: 1.1.4
+  version: 1.1.5
 platform: ruby
 authors:
 - Dmitrii Golub
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-01 00:00:00.000000000 Z
+date: 2016-02-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -66,6 +66,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: encryptor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -164,6 +178,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE
 - README.md
@@ -172,6 +187,7 @@ files:
 - app/views/devise/two_factor_authentication/max_login_attempts_reached.html.erb
 - app/views/devise/two_factor_authentication/show.html.erb
 - config/locales/en.yml
+- config/locales/fr.yml
 - config/locales/ru.yml
 - lib/generators/active_record/templates/migration.rb
 - lib/generators/active_record/two_factor_authentication_generator.rb
@@ -185,8 +201,9 @@ files:
 - lib/two_factor_authentication/routes.rb
 - lib/two_factor_authentication/schema.rb
 - lib/two_factor_authentication/version.rb
-- spec/controllers/two_factor_auth_spec.rb
+- spec/controllers/two_factor_authentication_controller_spec.rb
 - spec/features/two_factor_authenticatable_spec.rb
+- spec/generators/active_record/two_factor_authentication_generator_spec.rb
 - spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb
 - spec/rails_app/.gitignore
 - spec/rails_app/README.md
@@ -198,6 +215,7 @@ files:
 - spec/rails_app/app/helpers/application_helper.rb
 - spec/rails_app/app/mailers/.gitkeep
 - spec/rails_app/app/models/.gitkeep
+- spec/rails_app/app/models/encrypted_user.rb
 - spec/rails_app/app/models/guest_user.rb
 - spec/rails_app/app/models/user.rb
 - spec/rails_app/app/views/home/dashboard.html.erb
@@ -225,6 +243,9 @@ files:
 - spec/rails_app/db/migrate/20140403184646_devise_create_users.rb
 - spec/rails_app/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
 - spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb
+- spec/rails_app/db/migrate/20151224171231_add_encrypted_columns_to_user.rb
+- spec/rails_app/db/migrate/20151224180310_populate_otp_column.rb
+- spec/rails_app/db/migrate/20151228230340_remove_otp_secret_key_from_user.rb
 - spec/rails_app/db/schema.rb
 - spec/rails_app/lib/assets/.gitkeep
 - spec/rails_app/lib/sms_provider.rb
@@ -236,6 +257,7 @@ files:
 - spec/spec_helper.rb
 - spec/support/authenticated_model_helper.rb
 - spec/support/capybara.rb
+- spec/support/controller_helper.rb
 - spec/support/features_spec_helper.rb
 - spec/support/sms_provider.rb
 - two_factor_authentication.gemspec

data/spec/controllers/two_factor_auth_spec.rb

@@ -1,18 +0,0 @@
-require 'spec_helper'
-
-include Warden::Test::Helpers
-
-describe HomeController, :type => :controller do
-  context "passed only 1st factor auth" do
-    let(:user) { create_user }
-
-    describe "is_fully_authenticated helper" do
-      it "should be true" do
-        login_as user, scope: :user
-        visit user_two_factor_authentication_path
-
-        expect(controller.is_fully_authenticated?).to be_truthy
-      end
-    end
-  end
-end