two_factor_cookies 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +88 -9
- data/lib/two_factor_cookies/configuration.rb +1 -5
- data/lib/two_factor_cookies/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 241ec50e9eff97c7afea1414e8b29314cb583d22
|
|
4
|
+
data.tar.gz: ba4267a354328a32050c47c161494ecd5b7c46fc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 47991ccded64ecaf8a6986c0f04585527d37e5af6775ddfa75cd6bacba313a86406bf017da2b62c7826f57befae17e4a9249684b8f18983ba046da570d6a0706
|
|
7
|
+
data.tar.gz: 558a837a8afc2ccc4beca5a3a1331a1d324ce88e8c5a681f10e26422eec7f8e552749ae986f189a514f8958d4bef8c497969e8703611278c0da8ef517d44ef34
|
data/README.md
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
# TwoFactorCookies
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
How to use my plugin.
|
|
2
|
+
Simple two factor logon using Twilio SMS for code delivery and ROTP fpr code generation and verification.
|
|
3
|
+
The aim is to be configurable and work with as many kinds of authentication as possible.
|
|
4
|
+
All information needed is placed in encrypted cookies.
|
|
6
5
|
|
|
7
6
|
## Installation
|
|
8
7
|
Add this line to your application's Gemfile:
|
|
9
8
|
|
|
10
9
|
```ruby
|
|
11
|
-
gem 'two_factor_cookies',
|
|
10
|
+
gem 'two_factor_cookies', '0.1.1'
|
|
12
11
|
```
|
|
13
12
|
|
|
14
13
|
And then execute:
|
|
@@ -22,14 +21,94 @@ The gem is a rails engine, so it needs to be mounted to a location in `routes.rb
|
|
|
22
21
|
mount TwoFactorCookies::Engine, at: '/two_factor_cookies'
|
|
23
22
|
```
|
|
24
23
|
|
|
25
|
-
|
|
24
|
+
The gem needs to be configured. The example below can be copied and placed in an initializer, eg. `config/initializers/2fa_setup.rb`
|
|
25
|
+
```ruby
|
|
26
|
+
TwoFactorCookies.configure do |config|
|
|
27
|
+
# One time password (otp) generation and verification
|
|
28
|
+
# Must be a 160 bit (32 character) base32 secret. The rotp gem included in the project can generate such a key by typing this in the console: ROTP::Base32.random
|
|
29
|
+
config.otp_generation_secret_key = MUST BE FILLED
|
|
30
|
+
|
|
31
|
+
# Cookie expiry
|
|
32
|
+
# When a user will need to perform 2fa again
|
|
33
|
+
# config.two_factor_authentication_expiry = 30.days.from_now
|
|
34
|
+
# How much time a user has to type in the otp sent to his phone
|
|
35
|
+
# config.otp_expiry = 30.minutes.from_now
|
|
36
|
+
|
|
37
|
+
# Twilio API credentials
|
|
38
|
+
config.twilio_account_sid = MUST BE FILLED
|
|
39
|
+
# phone number is the number, that will be shown on the receiving phone. It can also be a string, for example the name of your company
|
|
40
|
+
config.twilio_phone_number = MUST BE FILLED
|
|
41
|
+
config.twilio_auth_token = MUST BE FILLED
|
|
42
|
+
|
|
43
|
+
# User model
|
|
44
|
+
# user_model_name is used as the permit option in toggle_two_factor_controller
|
|
45
|
+
# config.user_model_name = :user
|
|
46
|
+
# config.phone_number_field_name = :phone_number
|
|
47
|
+
# config.username_field_name = :username
|
|
48
|
+
|
|
49
|
+
# Controllers
|
|
50
|
+
# The route you want two_factor_authentication_controller to redirect to. Would typically be where, your user is redirected to after logging in.
|
|
51
|
+
config.two_factor_authentication_success_route = MUST BE FILLED
|
|
52
|
+
# The route you want toggle_two_factor_controller to route to after a user has toggled two factor
|
|
53
|
+
config.toggle_two_factor_success_route = MUST BE FILLED
|
|
54
|
+
# The route you want toggle_two_factor_controller to route to after a user has confirmed their phone number
|
|
55
|
+
config.confirm_phone_number_success_route = MUST BE FILLED
|
|
56
|
+
|
|
57
|
+
# If you need or want to replace the layout in the two_factor_authentication_controller, add a path here, eg. 'two_factor_cookies/two_factor_authentication'
|
|
58
|
+
#config.layout_path = nil
|
|
59
|
+
|
|
60
|
+
# In order to know which user is attempting to login, the two factor authentication controller checks current_user. It
|
|
61
|
+
# looks at its parent for this method. The default parent is ApplicationController. If you use devise or have
|
|
62
|
+
# implemented current_user elsewhere, you need to supply the parent constant here
|
|
63
|
+
# config.two_factor_authentication_controller_parent = '::ApplicationController'
|
|
64
|
+
|
|
65
|
+
# If you check for additional values when determining if a user is authenticated, you need to tell the controller how
|
|
66
|
+
# to determine these values. Add a hash of key-value pairs here, where the key is the name, you want in the cookie,
|
|
67
|
+
# the value is the method used to find whatever value you want as a string. Example:
|
|
68
|
+
# { customer_no: 'current_company.customer_no' }
|
|
69
|
+
# config.additional_authentication_values = nil
|
|
70
|
+
|
|
71
|
+
# any params sent along when enabling 2fa that needs to be updated on the user model, for example a phone number
|
|
72
|
+
# config.update_params = nil
|
|
73
|
+
|
|
74
|
+
# If another engine than main_app contains the routes you want the 2fa controllers to redirect to, write the engine
|
|
75
|
+
# name here as a string
|
|
76
|
+
#config.engine_name = 'main_app'
|
|
77
|
+
end
|
|
26
78
|
|
|
27
|
-
|
|
79
|
+
```
|
|
80
|
+
|
|
81
|
+
In your ApplicationController you must include TwoFactorAuthenticate
|
|
82
|
+
```ruby
|
|
83
|
+
class ApplicationController < ActionController::Base
|
|
84
|
+
include TwoFactorAuthenticate
|
|
85
|
+
```
|
|
28
86
|
|
|
87
|
+
### Using your own template for submitting otps
|
|
29
88
|
The gem includes a template for submitting one time passwords. To override it, a partial named 'show' must be placed under `two_factor_cookies/two_factor_authentication`
|
|
30
89
|
|
|
31
|
-
|
|
32
|
-
|
|
90
|
+
### Necessary methods on your user model
|
|
91
|
+
TwoFactorCookies relies on a number of methods being present on your user model: `enabled_two_factor?`, `confirmed_phone_number?`, `disable_two_factor!`, `enable_two_factor!`, `confirm_phone_number!` and `disaffirm_phone_number!`.
|
|
92
|
+
|
|
93
|
+
If using ActiveRecord or Mongoid, `enabled_two_factor?` and `confirmed_phone_number?` will be automatically added, if your user model has fields named `enabled_two_factor` and `confirmed_phone_number`
|
|
94
|
+
|
|
95
|
+
#### Example implementations
|
|
96
|
+
```ruby
|
|
97
|
+
def disable_two_factor!
|
|
98
|
+
self.enabled_two_factor = false
|
|
99
|
+
save
|
|
100
|
+
end
|
|
101
|
+
```
|
|
102
|
+
If for example you want to delete the phone number, when disabling 2fa, it could be done here
|
|
103
|
+
```ruby
|
|
104
|
+
def disaffirm_phone_number!
|
|
105
|
+
self.confirmed_phone_number = false
|
|
106
|
+
self.phone_number = nil
|
|
107
|
+
save
|
|
108
|
+
end
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
When disabling two factor authentication, `disaffirm_phone_number!` is also called and a new confirmation of the phone number is required, if 2fa is enabled again.
|
|
33
112
|
|
|
34
113
|
## License
|
|
35
114
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
|
@@ -2,7 +2,7 @@ module TwoFactorCookies
|
|
|
2
2
|
class Configuration
|
|
3
3
|
attr_accessor :otp_generation_secret_key, :two_factor_authentication_success_route, :confirm_phone_number_success_route,
|
|
4
4
|
:toggle_two_factor_success_route, :two_factor_authentication_expiry, :otp_expiry, :twilio_account_sid,
|
|
5
|
-
:twilio_phone_number, :twilio_auth_token, :phone_number_field_name, :user_model_name, :
|
|
5
|
+
:twilio_phone_number, :twilio_auth_token, :phone_number_field_name, :user_model_name, :username_field_name,
|
|
6
6
|
:two_factor_authentication_controller_parent, :skip_before_action, :layout_path, :additional_authentication_values,
|
|
7
7
|
:update_params, :engine_name
|
|
8
8
|
|
|
@@ -15,7 +15,6 @@ module TwoFactorCookies
|
|
|
15
15
|
@twilio_phone_number = nil
|
|
16
16
|
@twilio_auth_token = nil
|
|
17
17
|
|
|
18
|
-
@user_model_namespace = nil
|
|
19
18
|
@user_model_name = :user
|
|
20
19
|
@phone_number_field_name = :phone_number
|
|
21
20
|
@username_field_name = :username
|
|
@@ -29,9 +28,6 @@ module TwoFactorCookies
|
|
|
29
28
|
@additional_authentication_values = {}
|
|
30
29
|
|
|
31
30
|
@update_params = nil
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
31
|
@engine_name = 'main_app'
|
|
36
32
|
end
|
|
37
33
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: two_factor_cookies
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nicolai Bach Woller
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-08-
|
|
11
|
+
date: 2019-08-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|