two_factor_authentication 2.0.1 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -1
- data/app/views/devise/two_factor_authentication/show.html.erb +3 -3
- data/lib/two_factor_authentication.rb +3 -0
- data/lib/two_factor_authentication/hooks/two_factor_authenticatable.rb +5 -1
- data/lib/two_factor_authentication/models/two_factor_authenticatable.rb +6 -1
- data/lib/two_factor_authentication/version.rb +1 -1
- data/spec/features/two_factor_authenticatable_spec.rb +12 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 566b436b169596cae3cec7e70462d28267ca1e7a
|
|
4
|
+
data.tar.gz: 64230bdeb7309402dccddec2b8a4412f428b8422
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a0a07c64d4d12a6ada6d39a6d94cb46decfe396fd94fa31c277c1e160fcecc9b6e09cad64b2baf6489dfb0409c27eca3205cf2ba1fdd0c30b137a14505d68fa5
|
|
7
|
+
data.tar.gz: fa3439bf69431c3325a37ca2ddf652003ce8c91877f092099bc6661d920264f38e9885b8b590355030808264f6f60874baa2fdc006487ed9ac66fbbc0a7aac96
|
data/README.md
CHANGED
|
@@ -97,6 +97,7 @@ config.direct_otp_length = 6 # Direct OTP code length
|
|
|
97
97
|
config.remember_otp_session_for_seconds = 30.days # Time before browser has to perform 2fA again. Default is 0.
|
|
98
98
|
config.otp_secret_encryption_key = ENV['OTP_SECRET_ENCRYPTION_KEY']
|
|
99
99
|
config.second_factor_resource_id = 'id' # Field or method name used to set value for 2fA remember cookie
|
|
100
|
+
config.delete_cookie_on_logout = false # Delete cookie when user signs out, to force 2fA again on login
|
|
100
101
|
```
|
|
101
102
|
The `otp_secret_encryption_key` must be a random key that is not stored in the
|
|
102
103
|
DB, and is not checked in to your repo. It is recommended to store it in an
|
|
@@ -242,7 +243,7 @@ steps:
|
|
|
242
243
|
end
|
|
243
244
|
end
|
|
244
245
|
end
|
|
245
|
-
|
|
246
|
+
```
|
|
246
247
|
|
|
247
248
|
5. Generate a migration to remove the `:otp_secret_key` column:
|
|
248
249
|
```
|
|
@@ -12,8 +12,8 @@
|
|
|
12
12
|
<% end %>
|
|
13
13
|
|
|
14
14
|
<% if resource.direct_otp %>
|
|
15
|
-
<%= link_to "Resend Code",
|
|
15
|
+
<%= link_to "Resend Code", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
|
|
16
16
|
<% else %>
|
|
17
|
-
<%= link_to "Send me a code instead",
|
|
17
|
+
<%= link_to "Send me a code instead", send("resend_code_#{resource_name}_two_factor_authentication_path"), action: :get %>
|
|
18
18
|
<% end %>
|
|
19
|
-
<%= link_to "Sign out",
|
|
19
|
+
<%= link_to "Sign out", send("destroy_#{resource_name}_session_path"), :method => :delete %>
|
|
@@ -7,7 +7,11 @@ Warden::Manager.after_authentication do |user, auth, options|
|
|
|
7
7
|
|
|
8
8
|
if user.respond_to?(:need_two_factor_authentication?) && !bypass_by_cookie
|
|
9
9
|
if auth.session(options[:scope])[TwoFactorAuthentication::NEED_AUTHENTICATION] = user.need_two_factor_authentication?(auth.request)
|
|
10
|
-
user.send_new_otp
|
|
10
|
+
user.send_new_otp if user.send_new_otp_after_login?
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
|
+
|
|
15
|
+
Warden::Manager.before_logout do |user, auth, _options|
|
|
16
|
+
auth.cookies.delete TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME if Devise.delete_cookie_on_logout
|
|
17
|
+
end
|
|
@@ -16,7 +16,8 @@ module Devise
|
|
|
16
16
|
::Devise::Models.config(
|
|
17
17
|
self, :max_login_attempts, :allowed_otp_drift_seconds, :otp_length,
|
|
18
18
|
:remember_otp_session_for_seconds, :otp_secret_encryption_key,
|
|
19
|
-
:direct_otp_length, :direct_otp_valid_for, :totp_timestamp
|
|
19
|
+
:direct_otp_length, :direct_otp_valid_for, :totp_timestamp, :delete_cookie_on_logout
|
|
20
|
+
)
|
|
20
21
|
end
|
|
21
22
|
|
|
22
23
|
module InstanceMethodsOnActivation
|
|
@@ -61,6 +62,10 @@ module Devise
|
|
|
61
62
|
send_two_factor_authentication_code(direct_otp)
|
|
62
63
|
end
|
|
63
64
|
|
|
65
|
+
def send_new_otp_after_login?
|
|
66
|
+
!totp_enabled?
|
|
67
|
+
end
|
|
68
|
+
|
|
64
69
|
def send_two_factor_authentication_code(code)
|
|
65
70
|
raise NotImplementedError.new("No default implementation - please define in your class.")
|
|
66
71
|
end
|
|
@@ -174,6 +174,18 @@ feature "User of two factor authentication" do
|
|
|
174
174
|
visit dashboard_path
|
|
175
175
|
expect(page).to have_content("Enter the code that was sent to you")
|
|
176
176
|
end
|
|
177
|
+
|
|
178
|
+
scenario 'Delete cookie when user logs out if enabled' do
|
|
179
|
+
user.class.delete_cookie_on_logout = true
|
|
180
|
+
|
|
181
|
+
login_as user
|
|
182
|
+
logout
|
|
183
|
+
|
|
184
|
+
login_as user
|
|
185
|
+
|
|
186
|
+
visit dashboard_path
|
|
187
|
+
expect(page).to have_content("Enter the code that was sent to you")
|
|
188
|
+
end
|
|
177
189
|
end
|
|
178
190
|
|
|
179
191
|
it 'sets the warden session need_two_factor_authentication key to true' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: two_factor_authentication
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dmitrii Golub
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-03-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -286,7 +286,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
286
286
|
version: '0'
|
|
287
287
|
requirements: []
|
|
288
288
|
rubyforge_project: two_factor_authentication
|
|
289
|
-
rubygems_version: 2.6.
|
|
289
|
+
rubygems_version: 2.6.14
|
|
290
290
|
signing_key:
|
|
291
291
|
specification_version: 4
|
|
292
292
|
summary: Two factor authentication plugin for devise
|