two_factor_authentication 2.0.1 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -1
  3. data/app/controllers/devise/two_factor_authentication_controller.rb +1 -1
  4. data/app/views/devise/two_factor_authentication/show.html.erb +3 -3
  5. data/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb +5 -1
  6. data/lib/two_factor_authentication/models/two_factor_authenticatable.rb +6 -1
  7. data/lib/two_factor_authentication/version.rb +1 -1
  8. data/lib/two_factor_authentication.rb +3 -0
  9. data/spec/features/two_factor_authenticatable_spec.rb +12 -0
  10. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dec5112783c16117a3f498bed06abb05be9b2206
4
- data.tar.gz: 6a637bc5a895b60da9b46360a799cd0a54d7da59
3
+ metadata.gz: ba9192cf04aafc95a917e76b6efef8217fb22152
4
+ data.tar.gz: fe60bb1323aead63cb3712857e88bf4eaab08cfc
5
5
  SHA512:
6
- metadata.gz: 796540a1cc3c572de0a121f90da0d1c1981689a53c7560e1b6cc2f2e192a9bdca46d9c2cdb6b34a625afbd5ce972959ae58244fb513f79278c122ae8bcb8f962
7
- data.tar.gz: 53685bf09da5ed84bc2a1c8fb2bae730e4b2fb6438afdf871f8f3db0cd8a7e37351d6a581738ea9143bd61267ac9fa9943694443acc0c03776f6651060d04c34
6
+ metadata.gz: 9a3d4c7cd0bb5eb3af1bc322ee3cad89a38bb8316178a9050dc5cce11f006930f3c3b916b41e29a1594f3acbc360814d831c6816e453504c21bd93b00b0834d4
7
+ data.tar.gz: e651f87940c8fc7d55b653c010c30da565cd18e2bcfd7708dc12c657dd953199f389aae800973b1a5bbfb6d09fdadf5d7689e3b28fe11403f7df3fcece5f2e15
data/README.md CHANGED
@@ -97,6 +97,7 @@ config.direct_otp_length = 6 # Direct OTP code length
97
97
  config.remember_otp_session_for_seconds = 30.days # Time before browser has to perform 2fA again. Default is 0.
98
98
  config.otp_secret_encryption_key = ENV['OTP_SECRET_ENCRYPTION_KEY']
99
99
  config.second_factor_resource_id = 'id' # Field or method name used to set value for 2fA remember cookie
100
+ config.delete_cookie_on_logout = false # Delete cookie when user signs out, to force 2fA again on login
100
101
  ```
101
102
  The `otp_secret_encryption_key` must be a random key that is not stored in the
102
103
  DB, and is not checked in to your repo. It is recommended to store it in an
@@ -242,7 +243,7 @@ steps:
242
243
  end
243
244
  end
244
245
  end
245
- ```
246
+ ```
246
247
 
247
248
  5. Generate a migration to remove the `:otp_secret_key` column:
248
249
  ```
data/app/controllers/devise/two_factor_authentication_controller.rb CHANGED
@@ -47,7 +47,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
47
47
  if expires_seconds && expires_seconds > 0
48
48
  cookies.signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME] = {
49
49
  value: "#{resource.class}-#{resource.public_send(Devise.second_factor_resource_id)}",
50
- expires: expires_seconds.from_now
50
+ expires: expires_seconds.seconds.from_now
51
51
  }
52
52
  end
53
53
  end
data/app/views/devise/two_factor_authentication/show.html.erb CHANGED
@@ -12,8 +12,8 @@
12
12
  <% end %>
13
13
 
14
14
  <% if resource.direct_otp %>
15
- <%= link_to "Resend Code", resend_code_user_two_factor_authentication_path, action: :get %>
15
+ <%= link_to "Resend Code", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
16
16
  <% else %>
17
- <%= link_to "Send me a code instead", resend_code_user_two_factor_authentication_path, action: :get %>
17
+ <%= link_to "Send me a code instead", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
18
18
  <% end %>
19
- <%= link_to "Sign out", destroy_user_session_path, :method => :delete %>
19
+ <%= link_to "Sign out", send("destroy_#{resource_name}_session_path"), :method => :delete %>
data/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb CHANGED
@@ -7,7 +7,11 @@ Warden::Manager.after_authentication do |user, auth, options|
7
7
 
8
8
  if user.respond_to?(:need_two_factor_authentication?) && !bypass_by_cookie
9
9
  if auth.session(options[:scope])[TwoFactorAuthentication::NEED_AUTHENTICATION] = user.need_two_factor_authentication?(auth.request)
10
- user.send_new_otp unless user.totp_enabled?
10
+ user.send_new_otp if user.send_new_otp_after_login?
11
11
  end
12
12
  end
13
13
  end
14
+
15
+ Warden::Manager.before_logout do |user, auth, _options|
16
+ auth.cookies.delete TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME if Devise.delete_cookie_on_logout
17
+ end
data/lib/two_factor_authentication/models/two_factor_authenticatable.rb CHANGED
@@ -16,7 +16,8 @@ module Devise
16
16
  ::Devise::Models.config(
17
17
  self, :max_login_attempts, :allowed_otp_drift_seconds, :otp_length,
18
18
  :remember_otp_session_for_seconds, :otp_secret_encryption_key,
19
- :direct_otp_length, :direct_otp_valid_for, :totp_timestamp)
19
+ :direct_otp_length, :direct_otp_valid_for, :totp_timestamp, :delete_cookie_on_logout
20
+ )
20
21
  end
21
22
 
22
23
  module InstanceMethodsOnActivation
@@ -61,6 +62,10 @@ module Devise
61
62
  send_two_factor_authentication_code(direct_otp)
62
63
  end
63
64
 
65
+ def send_new_otp_after_login?
66
+ !totp_enabled?
67
+ end
68
+
64
69
  def send_two_factor_authentication_code(code)
65
70
  raise NotImplementedError.new("No default implementation - please define in your class.")
66
71
  end
data/lib/two_factor_authentication/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module TwoFactorAuthentication
2
- VERSION = "2.0.1".freeze
2
+ VERSION = "2.1.1".freeze
3
3
  end
data/lib/two_factor_authentication.rb CHANGED
@@ -30,6 +30,9 @@ module Devise
30
30
 
31
31
  mattr_accessor :second_factor_resource_id
32
32
  @@second_factor_resource_id = 'id'
33
+
34
+ mattr_accessor :delete_cookie_on_logout
35
+ @@delete_cookie_on_logout = false
33
36
  end
34
37
 
35
38
  module TwoFactorAuthentication
data/spec/features/two_factor_authenticatable_spec.rb CHANGED
@@ -174,6 +174,18 @@ feature "User of two factor authentication" do
174
174
  visit dashboard_path
175
175
  expect(page).to have_content("Enter the code that was sent to you")
176
176
  end
177
+
178
+ scenario 'Delete cookie when user logs out if enabled' do
179
+ user.class.delete_cookie_on_logout = true
180
+
181
+ login_as user
182
+ logout
183
+
184
+ login_as user
185
+
186
+ visit dashboard_path
187
+ expect(page).to have_content("Enter the code that was sent to you")
188
+ end
177
189
  end
178
190
 
179
191
  it 'sets the warden session need_two_factor_authentication key to true' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: two_factor_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dmitrii Golub
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-07-18 00:00:00.000000000 Z
11
+ date: 2018-07-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -286,7 +286,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
286
286
  version: '0'
287
287
  requirements: []
288
288
  rubyforge_project: two_factor_authentication
289
- rubygems_version: 2.6.12
289
+ rubygems_version: 2.6.14
290
290
  signing_key:
291
291
  specification_version: 4
292
292
  summary: Two factor authentication plugin for devise