two_factor_authentication 2.0.1 → 2.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dec5112783c16117a3f498bed06abb05be9b2206
4
- data.tar.gz: 6a637bc5a895b60da9b46360a799cd0a54d7da59
3
+ metadata.gz: ba9192cf04aafc95a917e76b6efef8217fb22152
4
+ data.tar.gz: fe60bb1323aead63cb3712857e88bf4eaab08cfc
5
5
  SHA512:
6
- metadata.gz: 796540a1cc3c572de0a121f90da0d1c1981689a53c7560e1b6cc2f2e192a9bdca46d9c2cdb6b34a625afbd5ce972959ae58244fb513f79278c122ae8bcb8f962
7
- data.tar.gz: 53685bf09da5ed84bc2a1c8fb2bae730e4b2fb6438afdf871f8f3db0cd8a7e37351d6a581738ea9143bd61267ac9fa9943694443acc0c03776f6651060d04c34
6
+ metadata.gz: 9a3d4c7cd0bb5eb3af1bc322ee3cad89a38bb8316178a9050dc5cce11f006930f3c3b916b41e29a1594f3acbc360814d831c6816e453504c21bd93b00b0834d4
7
+ data.tar.gz: e651f87940c8fc7d55b653c010c30da565cd18e2bcfd7708dc12c657dd953199f389aae800973b1a5bbfb6d09fdadf5d7689e3b28fe11403f7df3fcece5f2e15
data/README.md CHANGED
@@ -97,6 +97,7 @@ config.direct_otp_length = 6 # Direct OTP code length
97
97
  config.remember_otp_session_for_seconds = 30.days # Time before browser has to perform 2fA again. Default is 0.
98
98
  config.otp_secret_encryption_key = ENV['OTP_SECRET_ENCRYPTION_KEY']
99
99
  config.second_factor_resource_id = 'id' # Field or method name used to set value for 2fA remember cookie
100
+ config.delete_cookie_on_logout = false # Delete cookie when user signs out, to force 2fA again on login
100
101
  ```
101
102
  The `otp_secret_encryption_key` must be a random key that is not stored in the
102
103
  DB, and is not checked in to your repo. It is recommended to store it in an
@@ -242,7 +243,7 @@ steps:
242
243
  end
243
244
  end
244
245
  end
245
- ```
246
+ ```
246
247
 
247
248
  5. Generate a migration to remove the `:otp_secret_key` column:
248
249
  ```
@@ -47,7 +47,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
47
47
  if expires_seconds && expires_seconds > 0
48
48
  cookies.signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME] = {
49
49
  value: "#{resource.class}-#{resource.public_send(Devise.second_factor_resource_id)}",
50
- expires: expires_seconds.from_now
50
+ expires: expires_seconds.seconds.from_now
51
51
  }
52
52
  end
53
53
  end
@@ -12,8 +12,8 @@
12
12
  <% end %>
13
13
 
14
14
  <% if resource.direct_otp %>
15
- <%= link_to "Resend Code", resend_code_user_two_factor_authentication_path, action: :get %>
15
+ <%= link_to "Resend Code", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
16
16
  <% else %>
17
- <%= link_to "Send me a code instead", resend_code_user_two_factor_authentication_path, action: :get %>
17
+ <%= link_to "Send me a code instead", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
18
18
  <% end %>
19
- <%= link_to "Sign out", destroy_user_session_path, :method => :delete %>
19
+ <%= link_to "Sign out", send("destroy_#{resource_name}_session_path"), :method => :delete %>
@@ -7,7 +7,11 @@ Warden::Manager.after_authentication do |user, auth, options|
7
7
 
8
8
  if user.respond_to?(:need_two_factor_authentication?) && !bypass_by_cookie
9
9
  if auth.session(options[:scope])[TwoFactorAuthentication::NEED_AUTHENTICATION] = user.need_two_factor_authentication?(auth.request)
10
- user.send_new_otp unless user.totp_enabled?
10
+ user.send_new_otp if user.send_new_otp_after_login?
11
11
  end
12
12
  end
13
13
  end
14
+
15
+ Warden::Manager.before_logout do |user, auth, _options|
16
+ auth.cookies.delete TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME if Devise.delete_cookie_on_logout
17
+ end
@@ -16,7 +16,8 @@ module Devise
16
16
  ::Devise::Models.config(
17
17
  self, :max_login_attempts, :allowed_otp_drift_seconds, :otp_length,
18
18
  :remember_otp_session_for_seconds, :otp_secret_encryption_key,
19
- :direct_otp_length, :direct_otp_valid_for, :totp_timestamp)
19
+ :direct_otp_length, :direct_otp_valid_for, :totp_timestamp, :delete_cookie_on_logout
20
+ )
20
21
  end
21
22
 
22
23
  module InstanceMethodsOnActivation
@@ -61,6 +62,10 @@ module Devise
61
62
  send_two_factor_authentication_code(direct_otp)
62
63
  end
63
64
 
65
+ def send_new_otp_after_login?
66
+ !totp_enabled?
67
+ end
68
+
64
69
  def send_two_factor_authentication_code(code)
65
70
  raise NotImplementedError.new("No default implementation - please define in your class.")
66
71
  end
@@ -1,3 +1,3 @@
1
1
  module TwoFactorAuthentication
2
- VERSION = "2.0.1".freeze
2
+ VERSION = "2.1.1".freeze
3
3
  end
@@ -30,6 +30,9 @@ module Devise
30
30
 
31
31
  mattr_accessor :second_factor_resource_id
32
32
  @@second_factor_resource_id = 'id'
33
+
34
+ mattr_accessor :delete_cookie_on_logout
35
+ @@delete_cookie_on_logout = false
33
36
  end
34
37
 
35
38
  module TwoFactorAuthentication
@@ -174,6 +174,18 @@ feature "User of two factor authentication" do
174
174
  visit dashboard_path
175
175
  expect(page).to have_content("Enter the code that was sent to you")
176
176
  end
177
+
178
+ scenario 'Delete cookie when user logs out if enabled' do
179
+ user.class.delete_cookie_on_logout = true
180
+
181
+ login_as user
182
+ logout
183
+
184
+ login_as user
185
+
186
+ visit dashboard_path
187
+ expect(page).to have_content("Enter the code that was sent to you")
188
+ end
177
189
  end
178
190
 
179
191
  it 'sets the warden session need_two_factor_authentication key to true' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: two_factor_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dmitrii Golub
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-07-18 00:00:00.000000000 Z
11
+ date: 2018-07-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -286,7 +286,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
286
286
  version: '0'
287
287
  requirements: []
288
288
  rubyforge_project: two_factor_authentication
289
- rubygems_version: 2.6.12
289
+ rubygems_version: 2.6.14
290
290
  signing_key:
291
291
  specification_version: 4
292
292
  summary: Two factor authentication plugin for devise