RubyGems - two_factor_authentication - Versions diffs - 1.1.1 → 1.1.3 - Mend

two_factor_authentication 1.1.1 → 1.1.3

Files changed (19) hide show

checksums.yaml +4 -4
data/Gemfile +1 -1
data/README.md +41 -2
data/app/controllers/devise/two_factor_authentication_controller.rb +1 -1
data/config/locales/ru.yml +1 -0
data/lib/generators/active_record/two_factor_authentication_generator.rb +1 -1
data/lib/two_factor_authentication.rb +5 -0
data/lib/two_factor_authentication/controllers/helpers.rb +3 -3
data/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb +1 -1
data/lib/two_factor_authentication/models/two_factor_authenticatable.rb +4 -4
data/lib/two_factor_authentication/version.rb +1 -1
data/spec/controllers/two_factor_auth_spec.rb +3 -5
data/spec/features/two_factor_authenticatable_spec.rb +5 -3
data/spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb +12 -8
data/spec/rails_app/app/views/home/dashboard.html.erb +4 -0
data/spec/spec_helper.rb +2 -1
data/spec/support/features_spec_helper.rb +1 -1
data/two_factor_authentication.gemspec +2 -2
metadata +9 -62

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8037c367e1a0f7f7d253be0457b2046488b628fa
-  data.tar.gz: 024269293da1e0a407ac4e3537dc4e8749ca95a5
+  metadata.gz: fb84a503671c99963674feb9a48b9e0b4078c457
+  data.tar.gz: e1004e05b1adfb4fc9dbae58638f3091a29cd4c9
 SHA512:
-  metadata.gz: 0c5a7deda98812e0a46ced0f99f2c0af64d4cd57531aad76660fecc7a1b351ba776263b24066a3d1f8caa93279f97fba1d415bcf41caf13bb1bc627a3a0c49ba
-  data.tar.gz: 2c80f6553ff57dbc3257f20c345cdf2217eefcf7d543f7547c0c31f8e57dbfc94ccf27759acbf81ba3937b05a808a8cc42acbb3ce7ee1ee7cb4869379f02bbaf
+  metadata.gz: 7f790fd330b74c0bed8199477a23dce4d52d5035c86495a62d2d5e5b0bc77f5d97c4cea8b6b9aee5a6b3b306d9d45664fb95b5a0c3ca89838b3a832302de1590
+  data.tar.gz: 48d79bca0d7eb2f51ed606d4c34aea8b7f7d01cf0c2e59e763a0fd6eaad167dbc53c4c7db495bc0931fa6b061c4a095a6d521b868334eeaf77267538861b3cf6

data/Gemfile CHANGED

@@ -9,7 +9,7 @@ rails = case rails_version
         when "master"
           {github: "rails/rails"}
         when "default"
-          "~> 3.2"
+          "~> 4.1"
         else
           "~> #{rails_version}"
         end

data/README.md CHANGED

@@ -38,11 +38,12 @@ Add the following line to your model to fully enable two-factor auth:
     has_one_time_password
-Set config values if desired for maximum second factor attempts count and allowed time drift for one-time passwords:
+Set config values, if desired, for maximum second factor attempts count, allowed time drift, and OTP length.
 ```ruby
 config.max_login_attempts = 3
 config.allowed_otp_drift_seconds = 30
+config.otp_length = 6
 ```
 Override the method to send one-time passwords in your model, this is automatically called when a user logs in:
@@ -66,11 +67,12 @@ Add the following line to your model to fully enable two-factor auth:
     has_one_time_password
-Set config values if desired for maximum second factor attempts count and allowed time drift for one-time passwords:
+Set config values, if desired, for maximum second factor attempts count, allowed time drift, and OTP length.
 ```ruby
 config.max_login_attempts = 3
 config.allowed_otp_drift_seconds = 30
+config.otp_length = 6
 ```
 Override the method to send one-time passwords in your model, this is automatically called when a user logs in:
@@ -81,6 +83,7 @@ def send_two_factor_authentication_code
 end
 ```
 ### Customisation and Usage
 By default second factor authentication enabled for each user, you can change it with this method in your User model:
@@ -99,6 +102,42 @@ This gem is compatible with Google Authenticator (https://support.google.com/acc
 This provisioning uri can then be turned in to a QR code if desired so that users may add the app to Google Authenticator easily.  Once this is done they may retrieve a one-time password directly from the Google Authenticator app as well as through whatever method you define in `send_two_factor_authentication_code`
+#### Overriding the view
+The default view that shows the form can be overridden by first adding a folder named: "two_factor_authentication" inside "app/views/devise", in here you want to create a "show.html.erb" view.
+The full path should be "app/views/devise/two_factor_authentication/show.html.erb"
+```html
+<h2>Hi, you received a code by email, please enter it below, thanks!</h2>
+<%= form_tag([resource_name, :two_factor_authentication], :method => :put) do %>
+  <%= text_field_tag :code %>
+  <%= submit_tag "Log in!" %>
+<% end %>
+<%= link_to "Sign out", destroy_user_session_path, :method => :delete %>
+```
+#### Updating existing users with OTP secret key
+If you have existing users that needs to be provided with a OTP secret key, so they can take benefit of the two factor authentication, create a rake. It could look like this one below:
+```ruby
+desc "rake task to update users with otp secret key"
+task :update_users_with_otp_secret_key  => :environment do
+	users = User.all
+	users.each do |user|
+		key = ROTP::Base32.random_base32
+		user.update_attributes(:otp_secret_key => key)
+		user.save
+		puts "Rake[:update_users_with_otp_secret_key] => User '#{user.email}' OTP secret key set to '#{key}'"
+	end
+end
+```
 ### Example
 [TwoFactorAuthenticationExample](https://github.com/Houdini/TwoFactorAuthenticationExample)

data/app/controllers/devise/two_factor_authentication_controller.rb CHANGED

@@ -9,7 +9,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
     render :show and return if params[:code].nil?
     if resource.authenticate_otp(params[:code])
-      warden.session(resource_name)['need_two_factor_authentication'] = false
+      warden.session(resource_name)[TwoFactorAuthentication::NEED_AUTHENTICATION] = false
       sign_in resource_name, resource, :bypass => true
       set_flash_message :notice, :success
       redirect_to stored_location_for(resource_name) || :root

data/config/locales/ru.yml CHANGED

@@ -1,6 +1,7 @@
 ru:
   devise:
     two_factor_authentication:
+      success: "Двухфакторная авторизация успешно пройдена."
       attempt_failed: "Неверный код."
       max_login_attempts_reached: "Доступ заблокирован. Превышено число попыток авторизации"
       contact_administrator: "Пожалуйста, свяжитесь с системным администратором."

data/lib/generators/active_record/two_factor_authentication_generator.rb CHANGED

@@ -6,7 +6,7 @@ module ActiveRecord
       source_root File.expand_path("../templates", __FILE__)
       def copy_two_factor_authentication_migration
-        migration_template "migration.rb", "db/migrate/two_factor_authentication_add_to_#{table_name}"
+        migration_template "migration.rb", "db/migrate/two_factor_authentication_add_to_#{table_name}.rb"
       end
     end

data/lib/two_factor_authentication.rb CHANGED

@@ -13,9 +13,14 @@ module Devise
   mattr_accessor :allowed_otp_drift_seconds
   @@allowed_otp_drift_seconds = 30
+  mattr_accessor :otp_length
+  @@otp_length = 6
 end
 module TwoFactorAuthentication
+  NEED_AUTHENTICATION = 'need_two_factor_authentication'
   autoload :Schema, 'two_factor_authentication/schema'
   module Controllers
     autoload :Helpers, 'two_factor_authentication/controllers/helpers'

data/lib/two_factor_authentication/controllers/helpers.rb CHANGED

@@ -12,7 +12,7 @@ module TwoFactorAuthentication
       def handle_two_factor_authentication
         unless devise_controller?
           Devise.mappings.keys.flatten.any? do |scope|
-            if signed_in?(scope) and warden.session(scope)['need_two_factor_authentication']
+            if signed_in?(scope) and warden.session(scope)[TwoFactorAuthentication::NEED_AUTHENTICATION]
               handle_failed_second_factor(scope)
             end
           end
@@ -21,7 +21,7 @@ module TwoFactorAuthentication
       def handle_failed_second_factor(scope)
         if request.format.present? and request.format.html?
-          session["#{scope}_return_to"] = request.path if request.get?
+          session["#{scope}_return_to"] = "#{request.path}?#{request.query_string}" if request.get?
           redirect_to two_factor_authentication_path_for(scope)
         else
           render nothing: true, status: :unauthorized
@@ -42,7 +42,7 @@ module Devise
   module Controllers
     module Helpers
       def is_fully_authenticated?
-        !session["warden.user.user.session"].try(:[], 'need_two_factor_authentication')
+        !session["warden.user.user.session"].try(:[], TwoFactorAuthentication::NEED_AUTHENTICATION)
       end
     end
   end

data/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb CHANGED

@@ -1,6 +1,6 @@
 Warden::Manager.after_authentication do |user, auth, options|
   if user.respond_to?(:need_two_factor_authentication?)
-    if auth.session(options[:scope])['need_two_factor_authentication'] = user.need_two_factor_authentication?(auth.request)
+    if auth.session(options[:scope])[TwoFactorAuthentication::NEED_AUTHENTICATION] = user.need_two_factor_authentication?(auth.request)
       user.send_two_factor_authentication_code
     end
   end

data/lib/two_factor_authentication/models/two_factor_authenticatable.rb CHANGED

@@ -20,19 +20,19 @@ module Devise
             end
           end
         end
-        ::Devise::Models.config(self, :max_login_attempts, :allowed_otp_drift_seconds)
+        ::Devise::Models.config(self, :max_login_attempts, :allowed_otp_drift_seconds, :otp_length)
       end
       module InstanceMethodsOnActivation
         def authenticate_otp(code, options = {})
-          totp = ROTP::TOTP.new(self.otp_column)
+          totp = ROTP::TOTP.new(self.otp_column, { digits: options[:otp_length] || self.class.otp_length })
           drift = options[:drift] || self.class.allowed_otp_drift_seconds
           totp.verify_with_drift(code, drift)
         end
-        def otp_code(time = Time.now)
-          ROTP::TOTP.new(self.otp_column).at(time, true)
+        def otp_code(time = Time.now, options = {})
+          ROTP::TOTP.new(self.otp_column, { digits: options[:otp_length] || self.class.otp_length }).at(time, true)
         end
         def provisioning_uri(account = nil, options = {})

data/lib/two_factor_authentication/version.rb CHANGED

@@ -1,3 +1,3 @@
 module TwoFactorAuthentication
-  VERSION = "1.1.1".freeze
+  VERSION = "1.1.3".freeze
 end

data/spec/controllers/two_factor_auth_spec.rb CHANGED

@@ -2,7 +2,7 @@ require 'spec_helper'
 include Warden::Test::Helpers
-describe HomeController do
+describe HomeController, :type => :controller do
   context "passed only 1st factor auth" do
     let(:user) { create_user }
@@ -11,10 +11,8 @@ describe HomeController do
         login_as user, scope: :user
         visit user_two_factor_authentication_path
-        controller.is_fully_authenticated?.should be_true
+        expect(controller.is_fully_authenticated?).to be_truthy
       end
     end
   end
-end
+end

data/spec/features/two_factor_authenticatable_spec.rb CHANGED

@@ -11,14 +11,14 @@ feature "User of two factor authentication" do
   end
   scenario "sends two factor authentication code after sign in" do
-    SMSProvider.messages.should be_empty
+    expect(SMSProvider.messages).to be_empty
     visit new_user_session_path
     complete_sign_in_form_for(user)
     expect(page).to have_content "Enter your personal code"
-    SMSProvider.messages.size.should eq(1)
+    expect(SMSProvider.messages.size).to eq(1)
     message = SMSProvider.last_message
     expect(message.to).to eq(user.phone_number)
     expect(message.body).to eq(user.otp_code)
@@ -45,7 +45,7 @@ feature "User of two factor authentication" do
     end
     scenario "is redirected to TFA when path requires authentication" do
-      visit dashboard_path
+      visit dashboard_path + "?A=param%20a&B=param%20b"
       expect(page).to_not have_content("Your Personal Dashboard")
@@ -54,6 +54,8 @@ feature "User of two factor authentication" do
       expect(page).to have_content("Your Personal Dashboard")
       expect(page).to have_content("You are signed in as Marissa")
+      expect(page).to have_content("Param A is param a")
+      expect(page).to have_content("Param B is param b")
     end
     scenario "is locked out after max failed attempts" do

data/spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb CHANGED

@@ -21,11 +21,15 @@ describe Devise::Models::TwoFactorAuthenticatable, '#otp_code' do
       subject
     end
+    it "should be configured length" do
+      expect(subject.length).to eq(Devise.otp_length)
+    end
     context "with a known time" do
       let(:time) { 1392852756 }
       it "should return a known result" do
-        expect(subject).to eq('562202')
+        expect(subject).to eq("0000000524562202".split(//).last(Devise.otp_length).join)
       end
     end
@@ -33,7 +37,7 @@ describe Devise::Models::TwoFactorAuthenticatable, '#otp_code' do
       let(:time) { 1393065856 }
       it "should return a known result padded with zeroes" do
-        expect(subject).to eq('007672')
+        expect(subject).to eq("0000001608007672".split(//).last(Devise.otp_length).join)
       end
     end
   end
@@ -146,19 +150,19 @@ describe Devise::Models::TwoFactorAuthenticatable, '#max_login_attempts' do
   it "returns false as boolean" do
     instance.second_factor_attempts_count = nil
-    expect(instance.max_login_attempts?).to be_false
+    expect(instance.max_login_attempts?).to be_falsey
     instance.second_factor_attempts_count = 0
-    expect(instance.max_login_attempts?).to be_false
+    expect(instance.max_login_attempts?).to be_falsey
     instance.second_factor_attempts_count = 1
-    expect(instance.max_login_attempts?).to be_false
+    expect(instance.max_login_attempts?).to be_falsey
     instance.second_factor_attempts_count = 2
-    expect(instance.max_login_attempts?).to be_false
+    expect(instance.max_login_attempts?).to be_falsey
   end
   it "returns true as boolean after too many attempts" do
     instance.second_factor_attempts_count = 3
-    expect(instance.max_login_attempts?).to be_true
+    expect(instance.max_login_attempts?).to be_truthy
     instance.second_factor_attempts_count = 4
-    expect(instance.max_login_attempts?).to be_true
+    expect(instance.max_login_attempts?).to be_truthy
   end
 end

data/spec/rails_app/app/views/home/dashboard.html.erb CHANGED

@@ -4,4 +4,8 @@
 <p>Your registered email address is <%= current_user.email %></p>
+<p> Param A is <%= params[:A] %></p>
+<p> Param B is <%= params[:B] %></p>
 <p>You can only see this page after successfully completing two factor authentication</p>

data/spec/spec_helper.rb CHANGED

@@ -5,12 +5,13 @@ require 'rspec/rails'
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|
-  config.treat_symbols_as_metadata_keys_with_true_values = true
   config.run_all_when_everything_filtered = true
   config.filter_run :focus
   config.use_transactional_examples = true
+  config.include Capybara::DSL
   # Run specs in random order to surface order dependencies. If you find an
   # order dependency and want to debug it, you can fix the order by providing
   # the seed, which is printed after each run.

data/spec/support/features_spec_helper.rb CHANGED

@@ -8,7 +8,7 @@ module FeaturesSpecHelper
   def complete_sign_in_form_for(user)
     fill_in "Email", with: user.email
     fill_in "Password", with: 'password'
-    click_button "Sign in"
+    find('.actions input').click # 'Sign in' or 'Log in'
   end
 end

data/two_factor_authentication.gemspec CHANGED

@@ -31,7 +31,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'bundler'
   s.add_development_dependency 'rake'
-  s.add_development_dependency 'rspec-rails'
-  s.add_development_dependency 'capybara'
+  s.add_development_dependency 'rspec-rails', '>= 3.0.1'
+  s.add_development_dependency 'capybara', '2.4.1'
   s.add_development_dependency 'pry'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: two_factor_authentication
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.1.3
 platform: ruby
 authors:
 - Dmitrii Golub
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-05-31 00:00:00.000000000 Z
+date: 2014-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -100,28 +100,28 @@ dependencies:
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.0.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.0.1
 - !ruby/object:Gem::Dependency
   name: capybara
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.4.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.4.1
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -248,58 +248,5 @@ rubygems_version: 2.2.2
 signing_key:
 specification_version: 4
 summary: Two factor authentication plugin for devise
-test_files:
-- spec/controllers/two_factor_auth_spec.rb
-- spec/features/two_factor_authenticatable_spec.rb
-- spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb
-- spec/rails_app/.gitignore
-- spec/rails_app/README.md
-- spec/rails_app/Rakefile
-- spec/rails_app/app/assets/javascripts/application.js
-- spec/rails_app/app/assets/stylesheets/application.css
-- spec/rails_app/app/controllers/application_controller.rb
-- spec/rails_app/app/controllers/home_controller.rb
-- spec/rails_app/app/helpers/application_helper.rb
-- spec/rails_app/app/mailers/.gitkeep
-- spec/rails_app/app/models/.gitkeep
-- spec/rails_app/app/models/guest_user.rb
-- spec/rails_app/app/models/user.rb
-- spec/rails_app/app/views/home/dashboard.html.erb
-- spec/rails_app/app/views/home/index.html.erb
-- spec/rails_app/app/views/layouts/application.html.erb
-- spec/rails_app/config.ru
-- spec/rails_app/config/application.rb
-- spec/rails_app/config/boot.rb
-- spec/rails_app/config/database.yml
-- spec/rails_app/config/environment.rb
-- spec/rails_app/config/environments/development.rb
-- spec/rails_app/config/environments/production.rb
-- spec/rails_app/config/environments/test.rb
-- spec/rails_app/config/initializers/backtrace_silencers.rb
-- spec/rails_app/config/initializers/cookies_serializer.rb
-- spec/rails_app/config/initializers/devise.rb
-- spec/rails_app/config/initializers/inflections.rb
-- spec/rails_app/config/initializers/mime_types.rb
-- spec/rails_app/config/initializers/secret_token.rb
-- spec/rails_app/config/initializers/session_store.rb
-- spec/rails_app/config/initializers/wrap_parameters.rb
-- spec/rails_app/config/locales/devise.en.yml
-- spec/rails_app/config/locales/en.yml
-- spec/rails_app/config/routes.rb
-- spec/rails_app/db/migrate/20140403184646_devise_create_users.rb
-- spec/rails_app/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
-- spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb
-- spec/rails_app/db/schema.rb
-- spec/rails_app/lib/assets/.gitkeep
-- spec/rails_app/lib/sms_provider.rb
-- spec/rails_app/public/404.html
-- spec/rails_app/public/422.html
-- spec/rails_app/public/500.html
-- spec/rails_app/public/favicon.ico
-- spec/rails_app/script/rails
-- spec/spec_helper.rb
-- spec/support/authenticated_model_helper.rb
-- spec/support/capybara.rb
-- spec/support/features_spec_helper.rb
-- spec/support/sms_provider.rb
+test_files: []
 has_rdoc: