two_factor_cookies 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 8ccf0f45cecbc377af4bd82b5ac202731a8c09e160202199dd6133a613bbcc2c
|
4
|
+
data.tar.gz: 20d7518de754fbfe4fe5c58cd820d0d04544a55497485ce3ab22967d954cd7ba
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 696b69c8e9b4b08dbc886b5c7cbcb0fb1b7a085dc92488eecd3d8bcb1b430df5873b6196cc18d5612c1b179fb63a1a1aabaad1fd0e5cfbf622fe66e073ee38ee
|
7
|
+
data.tar.gz: e29110160189fe56898b998b68f33bff6d68af084773c57ea7791f68633b71f2f96371ff3cac01e9efb1c89ddc15c8ed0d9453ad1c6d759c7ade83ef33b6af52
|
data/README.md
CHANGED
@@ -94,21 +94,41 @@ If using ActiveRecord or Mongoid, `enabled_two_factor?` and `confirmed_phone_num
|
|
94
94
|
|
95
95
|
#### Example implementations
|
96
96
|
```ruby
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
97
|
+
def disable_two_factor!
|
98
|
+
self.enabled_two_factor = false
|
99
|
+
save
|
100
|
+
end
|
101
101
|
```
|
102
102
|
If for example you want to delete the phone number, when disabling 2fa, it could be done here
|
103
103
|
```ruby
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
104
|
+
def disaffirm_phone_number!
|
105
|
+
self.confirmed_phone_number = false
|
106
|
+
self.phone_number = nil
|
107
|
+
save
|
108
|
+
end
|
109
109
|
```
|
110
110
|
|
111
111
|
When disabling two factor authentication, `disaffirm_phone_number!` is also called and a new confirmation of the phone number is required, if 2fa is enabled again.
|
112
112
|
|
113
|
+
## ToggleTwoFactorController
|
114
|
+
### Toggling two factor on and off
|
115
|
+
Toggling two factor on and off is handled by the `ToggleTwoFactorController` in the action also named `toggle_two_factor`. It requires whatever form is used for this to supply parameters in the format
|
116
|
+
```ruby
|
117
|
+
{ user: { enabled_two_factor: '1' } }
|
118
|
+
```
|
119
|
+
`user` in the param is the name of the user model in the app, taken from the configuration. If enabled_two_factor is '1', two factor is toggled on. If enabled_two_factor is anything else, two factor will be toggled off
|
120
|
+
|
121
|
+
#### Logging
|
122
|
+
The gem can be configured to log, when 2fa is toggled on or off. To do this you must configure `logging_module` with a module that has `log` defined in whatever way makes sense in your project. The method will be passed a message consisting of a translation with a user id.
|
123
|
+
```
|
124
|
+
module Log
|
125
|
+
extend ActiveSupport::Concern
|
126
|
+
|
127
|
+
def log(message)
|
128
|
+
Rails.logger.info message
|
129
|
+
end
|
130
|
+
end
|
131
|
+
```
|
132
|
+
|
113
133
|
## License
|
114
134
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
@@ -1,5 +1,7 @@
|
|
1
1
|
TwoFactorCookies.const_set('ToggleTwoFactorController',
|
2
2
|
Class.new('TwoFactorCookies::TwoFactorAuthenticationController'.constantize) do
|
3
|
+
include TwoFactorCookies.configuration.logging_module.constantize if TwoFactorCookies.configuration.logging_module
|
4
|
+
|
3
5
|
def update
|
4
6
|
if TwoFactorCookies::OneTimePasswordGenerator.verify_code(
|
5
7
|
confirm_phone_number_params[:one_time_password],
|
@@ -23,9 +25,11 @@ TwoFactorCookies.const_set('ToggleTwoFactorController',
|
|
23
25
|
current_user.enable_two_factor!
|
24
26
|
current_user.update(update_params) if TwoFactorCookies.configuration.update_params
|
25
27
|
set_authenticated_cookie
|
28
|
+
log(I18n.t('two_factor_cookies.logger.toggle_2fa_on', id: current_user.id)) if TwoFactorCookies.configuration.logging_module
|
26
29
|
else
|
27
30
|
current_user.disable_two_factor!
|
28
31
|
current_user.disaffirm_phone_number!
|
32
|
+
log(I18n.t('two_factor_cookies.logger.toggle_2fa_off', id: current_user.id)) if TwoFactorCookies.configuration.logging_module
|
29
33
|
end
|
30
34
|
|
31
35
|
redirect_to eval(TwoFactorCookies.configuration.engine_name).public_send(
|
data/config/locales/en.yml
CHANGED
@@ -14,3 +14,9 @@ en:
|
|
14
14
|
flash:
|
15
15
|
confirmed: Phone number confirmed
|
16
16
|
wrong_one_time_password: Wrong code - try again
|
17
|
+
logger:
|
18
|
+
toggle_2fa_on: "Two factor toggled on for user id %{id}"
|
19
|
+
toggle_2fa_off: "Two factor toggled off for user id %{id}"
|
20
|
+
confirm_phone_number_success: "Confirmation of phone number %{phone_number} successful for user id %{id}"
|
21
|
+
confirm_phone_number_fail: "Confirmation of phone number %{phone_number} failed for user id %{id}"
|
22
|
+
|
@@ -4,7 +4,7 @@ module TwoFactorCookies
|
|
4
4
|
:toggle_two_factor_success_route, :two_factor_authentication_expiry, :otp_expiry, :twilio_account_sid,
|
5
5
|
:twilio_phone_number, :twilio_auth_token, :phone_number_field_name, :user_model_name, :username_field_name,
|
6
6
|
:two_factor_authentication_controller_parent, :skip_before_action, :layout_path, :additional_authentication_values,
|
7
|
-
:update_params, :engine_name
|
7
|
+
:update_params, :engine_name, :logging_module
|
8
8
|
|
9
9
|
def initialize
|
10
10
|
@otp_generation_secret_key = nil
|
@@ -24,6 +24,7 @@ module TwoFactorCookies
|
|
24
24
|
@confirm_phone_number_success_route = nil
|
25
25
|
@layout_path = nil
|
26
26
|
@two_factor_authentication_controller_parent = '::ApplicationController'
|
27
|
+
@logging_module = nil
|
27
28
|
|
28
29
|
@additional_authentication_values = {}
|
29
30
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: two_factor_cookies
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nicolai Bach Woller
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-08-
|
11
|
+
date: 2019-08-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -159,9 +159,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
159
159
|
version: '0'
|
160
160
|
requirements: []
|
161
161
|
rubyforge_project:
|
162
|
-
rubygems_version: 2.
|
162
|
+
rubygems_version: 2.7.6
|
163
163
|
signing_key:
|
164
164
|
specification_version: 4
|
165
165
|
summary: Simple two factor logon - with Twilio SMS for code delivery
|
166
166
|
test_files: []
|
167
|
-
has_rdoc:
|