userbin 1.2.0 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 744a85b12224637026c348146ce9e1baba43796a
-  data.tar.gz: 52e72314536f2f65636313f0efafd9b7901fb473
+  metadata.gz: 6ff1c34fbeae549c64eb471fb32b12818c6d9637
+  data.tar.gz: 721c77309b58382d53aad49a966663369c0a6740
 SHA512:
-  metadata.gz: 11c9a493bc34d29161da8657a397ea57c3a310a73758b8b2138075bf94ca9bcb52b55fc94c01622e8d90a73b6904d4d2563f68b438911dfd1ab02a2e09f645db
-  data.tar.gz: 6a29b61d8966dbb116f55711000a0e73cdef214cbca9faf6a3e366dcd7303eecca8d9d4def5b9d58e970cd82443c623d5d245886838e016f60d15aa684296c47
+  metadata.gz: a7f0791f6a8ac13d20270cc3e9db0dbc0f250aee85b272300ade32e2a82641e9164989ae437b2bc999aa6c0ad3324d7c81dfad7570f7bd937accd9efe2d0c589
+  data.tar.gz: 5642586f106c48fcabf09ccad5e07461151d782595b6479f7388b16c439a0c56e57a5e50b00e4f032130817019a7a77a6cbe90474fcf023508fd9e4c7d8017da

data/README.md

@@ -7,13 +7,22 @@
 
 [Userbin](https://userbin.com) provides an additional security layer to your application by adding user activity monitoring, real-time threat protection and two-factor authentication in a white-label package. Your users **do not** need to be signed up or registered for Userbin before using the service and there's no need for them to download any proprietary apps. Also, Userbin requires **no modification of your current database schema** as it uses your local user IDs.
 
-<!-- Your users can now easily activate two-factor authentication, configure the level of security in terms of monitoring and notifications and take action on suspicious behaviour. These settings are available as a per-user security settings page which is easily customized to fit your current layout. -->
-
-### Using Devise?
-
-If you're using [Devise](https://github.com/plataformatec/devise) for authentication, check out the **[Userbin extension for Devise](https://github.com/userbin/devise_userbin)** for an even easier integration.
-
-## Getting started
+## Table of Contents
+
+- [Getting Started](#getting-started)
+- [Setup User Monitoring](#setup-user-monitoring)
+- [Active Sessions](#active-sessions)
+- [Security Events](#security-events)
+- [Two-factor Authentication](#two-factor-authentication)
+  - [Pairing with Google Authenticator](#pairing-with-google-authenticator)
+  - [Pairing with Phone Number (SMS)](#pairing-with-phone-number-sms)
+  - [Pairing with YubiKey](#pairing-with-yubikey)
+  - [Enabling and Disabling](#enabling-and-disabling)
+  - [Authenticating](#authenticating)
+  - [Backup Codes](#backup-codes)
+  - [List Pairings](#list-pairings)
+
+## Getting Started
 
 Add the `userbin` gem to your `Gemfile`
 
@@ -34,178 +43,265 @@ require 'userbin'
 Userbin.api_secret = "YOUR_API_SECRET"
 ```
 
-## The basics
-
-First you'll need to initialize a Userbin client for every incoming HTTP request and preferrably add it to the environment so that it's accessible during the request lifetime.
+Add a reference to the Userbin client in your main controller so that it's globally accessible throughout a request. The initializer takes a Rack request as argument from which it extracts details such as IP address and user agent and sends it along all API requests.
 
 ```ruby
-env['userbin'] = Userbin::Client.new(request)
+class ApplicationController < ActionController::Base
+  def userbin
+    @userbin ||= Userbin::Client.new(request)
+  end
+  # ...
+end
 ```
 
-At any time, a call to Userbin might result in an exception, maybe because the user has been logged out. You should catch these errors in one place and take action. Just catch and display all Userbin errors for now.
+## Setup User Monitoring
+
+You should call `login` as soon as the user has logged in to your application. Pass a unique user identifier, and an *optional* hash of user properties which are used when searching for users in your dashboard. This will create a [Session](https://api.userbin.com/#POST--version-users--user_id-sessions---format-) resource and return a corresponding [session token](https://api.userbin.com/#session-tokens) which is stored in the Userbin client.
 
 ```ruby
-class ApplicationController < ActionController::Base
-  rescue_from Userbin::Error do |e|
-    redirect_to root_url, alert: e.message
-  end
+def your_after_login_hook
+  userbin.login(current_user.id, email: current_user.email)
 end
 ```
 
-## Tracking user sessions
+Once logged in to Userbin, all requests made through the Userbin instance are on behalf of the currently logged in user.
 
-You should call `login` as soon as the user has logged in to your application. Pass a unique user identifier, and an optional hash of user properties. This starts the Userbin session.
+When a user logs out from within your application, call `logout` to remove the session from the user's [active sessions](#active-sessions).
 
 ```ruby
-def after_login_hook
-  env['userbin'].login(current_user.id, email: current_user.email)
+def your_after_logout_hook
+  userbin.logout
 end
 ```
 
-And call `logout` just after the user has logged out from your application. This ends the Userbin session.
+The real magic happens when you use `authorize!` to control access to only those logged in to Userbin, which is probably everywhere you allow authenticated users. This makes sure that the session token created by `login` is valid and up to date, and raises `UserUnauthorizedError` if it's not. Reasons for this include being automatically locked down due to suspicious behavior or the session being remotely revoked.
+
+**Note:** The session token will be [refreshed](https://api.userbin.com/#monitoring) every 5 minutes. This means that even though a session becomes invalid, no exceptions will be generated until the next refresh. E.g. revoking a session from the dashboard might take up to 5 minutes to happen.
 
 ```ruby
-def after_logout_hook
-  env['userbin'].logout
+class AccountController < ApplicationController
+  before_filter :authenticate_user! # from e.g. Devise
+  before_filter { userbin.authorize! }
+  # ...
 end
 ```
 
-The session created by login expires typically every 5 minutes and needs to be refreshed with new metadata. This is done by calling authorize. Makes sure that the session hasn't been revoked or locked.
+You should catch these errors in one place and log out the authenticated user.
 
 ```ruby
-before_filter do
-  env['userbin'].authorize
+class ApplicationController < ActionController::Base
+  rescue_from Userbin::UserUnauthorizedError do |e|
+    sign_out # log out your user locally
+    redirect_to root_url
+  end
 end
 ```
 
-> **Verify that it works:** Log in to your Ruby application and watch a user appear in the [Userbin dashboard](https://dashboard.userbin.com).
 
 
-## Configuring two-factor authentication
+**That's it!** Now log in to your application and watch your user appear in the [Userbin dashboard](https://dashboard.userbin.com).
 
-### Pairing
+## Active Sessions
 
-#### Google Authenticator
+Show a list of sessions currently signed to a user's account.
 
-Create a new Authenticator pairing to get hold of the QR code image to show to the user.
+The *context* is from the last recorded [security event](#security-events) on a session.
 
 ```ruby
-authenticator = env['userbin'].pairings.create(type: 'authenticator')
-
-puts authenticator.qr_url # => "http://..."
+userbin.sessions.each do |session|
+  puts session.id          # => 'yt9BkoHzcQoou4jqbQbJUqqMdxyxvCBr'
+  puts session.context.ip  # => '88.12.129.1'
+end
 ```
 
-Catch the code from the user to pair the Authenticator app.
+Destroy a session to revoke access and trigger a `UserUnauthorizedError` the next time `authorize!` refreshes the session token, which is within 5 minutes.
 
 ```ruby
-authenticator = env['userbin'].pairings.build(id: params[:pairing_id])
+userbin.sessions.destroy('yt9BkoHzcQoou4jqbQbJUqqMdxyxvCBr')
+```
 
-begin
-  authenticator.verify(response: params[:code])
-rescue
-  flash.notice = 'Wrong code, try again'
+## Security Events
+
+List a user's recent account activity, which include security events such as user logins and failed two-factor attempts. See the [Event API](https://api.userbin.com/#events) for a list of all the available events.
+
+```ruby
+userbin.events.each do |event|
+  puts event.name                        # => 'session.created'
+  puts event.context.ip                  # => '88.12.129.1'
+  puts event.context.location.country    # => 'Sweden'
+  puts event.context.user_agent.browser  # => 'Chrome'
 end
 ```
 
-#### YubiKey
+## Two-factor Authentication
 
-YubiKeys are immediately verified for two-factor authentication.
+Using two-factor authentication involves two steps: **pairing** and **authenticating**.
+
+### Pairing
+
+Before your users can protect their account with two-factor authentication, they will need to pair their their preferred way of authenticating. The [Pairing API](https://api.userbin.com/#pairings) lets users add, verify, and remove authentication channels. Only *verified* pairings are valid for authentication.
+
+#### Pairing with Google Authenticator
+
+The user visits a page to add Google Authenticator to their account. First create a new Authenticator pairing to generate a QR code image.
+
+```ruby
+@authenticator = userbin.pairings.create(type: 'authenticator')
+```
+
+Render a page containing the QR code, which the user scans with Google Authenticator.
+
+```erb
+<img src="<%= @authenticator[:qr_url] %>">
+```
+
+After scanning the QR code, the user will enter the 6 digit token that Google Authenticator displays, and submit the form. Capture the response and verify the pairing.
 
 ```ruby
 begin
-  env['userbin'].pairings.create(type: 'yubikey', otp: code)
-rescue
+  userbin.pairings.verify(params[:pairing_id], response: params[:code])
+rescue Userbin::InvalidParametersError
   flash.notice = 'Wrong code, try again'
 end
 ```
 
-#### SMS
+#### Pairing with Phone Number (SMS)
 
 Create a new phone number pairing which will send out a verification SMS.
 
 ```ruby
-phone_number = env['userbin'].pairings.create(
+@phone_number = userbin.pairings.create(
   type: 'phone_number', number: '+1739855455')
 ```
 
 Catch the code from the user to pair the phone number.
 
 ```ruby
-phone_number = env['userbin'].pairings.build(id: params[:pairing_id])
+begin
+  userbin.pairings.verify(params[:pairing_id], response: params[:code])
+rescue Userbin::InvalidParametersError
+  flash.notice = 'Wrong code, try again'
+end
+```
+
+#### Pairing with YubiKey
 
+YubiKeys are immediately verified for two-factor authentication.
+
+```ruby
 begin
-  phone_number.verify(response: params[:code])
-rescue
+  userbin.pairings.create(type: 'yubikey', otp: params[:code])
+rescue Userbin::InvalidParametersError
   flash.notice = 'Wrong code, try again'
 end
 ```
 
+#### Enabling and Disabling
 
-### Usage
+For the sake of flexibility, two-factor authentication isn't enabled automatically when you add your first pairing.
 
-#### 1. Protect routes
+```ruby
+userbin.enable_mfa
+userbin.disable_mfa
+```
+
+### Authenticating
 
-If the user has enabled two-factor authentication, `two_factor_authenticate!` will return the second factor that is used to authenticate. If SMS is used, this call will also send out an SMS to the user's registered phone number.
+If the user has enabled two-factor authentication, `authorize!` might raise `ChallengeRequiredError`, which means they'll have to verify a challenge to proceed.
+
+Capture this error just as with UserUnauthorizedError and redirect the user.
+
+If the user tries to reach a path protected by `authorize!` after a challenge has been created but still not verified, the session will be destroyed and UserUnauthorizedError raised.
 
 ```ruby
-class UsersController < ApplicationController
-  before_filter :authenticate_with_userbin!
+class ApplicationController < ActionController::Base
+  rescue_from Userbin::ChallengeRequiredError do |exception|
+    redirect_to show_challenge_path
+  end
+  # ...
+end
+```
 
-  # Your controller code here
+Create a challenge, which will send the user and SMS if this is the default pairing. After the challenge has been verified, `authorize!` will not throw any further exceptions until any suspicious behavior is detected.
 
-  private
-  def authenticate_with_userbin!
-    begin
-      # Checks if two-factor authentication is needed. Returns nil if not.
-      factor = env['userbin'].two_factor_authenticate!
+```ruby
+class ChallengeController < ApplicationController
+  def show
+    @challenge = userbin.challenges.create
+  end
 
-      # Show form and message specific to the current factor
-      case factor
-      when :authenticator
-        redirect_to '/verify/authenticator'
-      when :sms
-        redirect_to '/verify/sms'
-      end
-    rescue Userbin::Error
-      # logged out from Userbin; clear your current_user and logout
-    end
+  def verify
+    challenge_id = params.require(:challenge_id)
+    code = params.require(:code)
+
+    userbin.challenges.verify(challenge_id, response: code)
+
+    # Yay, the challenge was verified!
+    redirect_to root_url
+
+  rescue Userbin::ForbiddenError
+    flash.notice = 'Wrong code, bye!'
   end
 end
 ```
 
-#### 2. Show the two-factor authentication form to the user
+### Backup Codes
+
+List or generate new backup codes used for when the user didn't bring their authentication device.
 
-```html
-<p>
-  Open the two-factor authentication app on your device to view your
-  authentication code and verify your identity.
-</p>
-<form action="/users/handle_two_factor_response" method="post">
-  <label for="code">Authentication code</label>
-  <input id="code" name="code" type="text" />
-  <input type="submit" value="Verify code" />
-</form>
+```ruby
+userbin.backup_codes
+userbin.generate_backup_codes(count: 8)
 ```
 
-#### 3. Verify the code from the user
+### List Pairings
 
-The user enters the authentication code in the form and posts it to your handler.
+List all pairings.
 
 ```ruby
-def handle_two_factor_response
-  # Get the authentication code from the form
-  authentication_code = params[:code]
+# List all pairings
+userbin.pairings.each do |pairing|
+  puts pairing.id      # => 'yt9BkoHzcQoou4jqbQbJUqqMdxyxvCBr'
+  puts pairing.type    # => 'authenticator'
+  puts pairing.default # => true
+end
+```
 
-  begin
-    env['userbin'].two_factor_verify(authentication_code)
-  rescue Userbin::UserUnauthorizedError
-    # invalid code, show the form again
-  rescue Userbin::ForbiddenError
-    # no tries remaining, log out
-  rescue Userbin::Error
-    # logged out from Userbin; clear your current_user and logout
-  end
+Set a pairing as the default one.
 
-  # We made it through two-factor authentication!
+```ruby
+userbin.pairings.set_default('yt9BkoHzcQoou4jqbQbJUqqMdxyxvCBr')
+```
+
+Remove a pairing. If you remove the default pairing, two-factor authentication will be disabled.
+
+```ruby
+userbin.pairings.destroy('yt9BkoHzcQoou4jqbQbJUqqMdxyxvCBr')
+```
+
+
+## Configuration
+
+```ruby
+Userbin.configure do |config|
+  # Same as setting it through Userbin.api_secret
+  config.api_secret = 'secret'
+
+  # Userbin::RequestError is raised when timing out (default: 2.0)
+  config.request_timeout = 2.0
 end
 ```
+
+## Handling Errors
+
+...
+
+```ruby
+class ApplicationController < ActionController::Base
+  rescue_from Userbin::RequestError do |e|
+    redirect_to root_url
+  end
+end
+```
+
+

data/lib/userbin.rb

@@ -1,4 +1,5 @@
 require 'her'
+require 'userbin/ext/her'
 require 'faraday_middleware'
 require 'multi_json'
 require 'openssl'
@@ -25,9 +26,8 @@ end
 require 'userbin/models/model'
 require 'userbin/models/event'
 require 'userbin/models/challenge'
-require 'userbin/models/channel'
 require 'userbin/models/monitoring'
 require 'userbin/models/pairing'
-require 'userbin/models/recovery_code'
+require 'userbin/models/recovery_codes'
 require 'userbin/models/session'
 require 'userbin/models/user'

data/lib/userbin/client.rb

@@ -3,6 +3,19 @@ module Userbin
 
     attr_accessor :request_context
 
+    def self.install_proxy_methods(*names)
+      names.each do |name|
+        class_eval <<-RUBY, __FILE__, __LINE__ + 1
+          def #{name}(*args)
+            Userbin::User.new('current').#{name}(*args)
+          end
+        RUBY
+      end
+    end
+
+    install_proxy_methods :challenges, :events, :sessions, :pairings,
+      :backup_codes, :generate_recovery_codes, :enable_mfa, :disable_mfa
+
     def initialize(request, opts = {})
       # Save a reference in the per-request store so that the request
       # middleware in request.rb can access it
@@ -43,6 +56,35 @@ module Userbin
       @session_store.user_id = user_id
     end
 
+    def authorize
+      return unless session_token
+
+      if session_token.expired?
+        Userbin::Monitoring.heartbeat
+      end
+    end
+
+    def authorized?
+      !!session_token
+    end
+
+    def authorize!
+      unless session_token
+        raise Userbin::UserUnauthorizedError,
+          'Need to call login before authorize'
+      end
+
+      authorize
+
+      if mfa_in_progress?
+        logout
+        raise Userbin::UserUnauthorizedError,
+            'Logged out due to being unverified'
+      end
+
+      raise Userbin::ChallengeRequiredError if mfa_required?
+    end
+
     def login(user_id, user_attrs = {})
       # Clear the session token if any
       self.session_token = nil
@@ -56,14 +98,6 @@ module Userbin
       self.session_token = session.token
     end
 
-    def authorize
-      return unless session_token
-
-      if session_token.expired?
-        Userbin::Monitoring.heartbeat
-      end
-    end
-
     # This method ends the current monitoring session. It should be called
     # whenever the user logs out from your system.
     #
@@ -72,7 +106,7 @@ module Userbin
 
       # Destroy the current session specified in the session token
       begin
-        Userbin::Session.destroy_existing('current')
+        sessions.destroy('current')
       rescue Userbin::Error # ignored
       end
 
@@ -80,90 +114,16 @@ module Userbin
       self.session_token = nil
     end
 
-    # This method creates a two-factor challenge for the current user, if the
-    # user has enabled a device for authentication.
-    #
-    # If there already exists a challenge on the current session, it will be
-    # returned. Otherwise a new will be created.
-    #
-    def two_factor_authenticate!
-      return unless session_token
-
-      if session_token.needs_challenge?
-        Userbin::Challenge.post("users/current/challenges")
-        return two_factor_method
-      end
-    end
-
-    # Once a two factor challenge has been created using
-    # two_factor_authenticate!, the response code from the user is verified
-    # using this method.
-    #
-    def two_factor_verify(response)
-      # Need to have an active challenge to verify it
-      return unless session_token && session_token.has_challenge?
-
-      challenge = Userbin::Challenge.new('current')
-      challenge.verify(response: response)
-    end
-
-    def security_settings_url
-      raise Userbin::Error unless session_token
-      return "https://security.userbin.com/?session_token=#{session_token}"
-    end
-
-     # If a two-factor authentication process has been started, this method will
-     # return the method which is used to perform the authentication. Eg.
-     # :authenticator or :sms
-     #
-    def two_factor_method
-      return unless session_token
-      return session_token.challenge_type
-    end
-
-    def authorized?
-      !!session_token
-    end
-
-    def two_factor_in_progress?
-      return false unless session_token
-      session_token.has_challenge?
-    end
-
-    def two_factor_enabled?
-      session_token.mfa_enabled?
-    end
-
-    def two_factor_required?
-      session_token.needs_challenge?
-    end
-
-    def events
-      Userbin::User.new('current').events
-    end
-
-    def sessions
-      Userbin::User.new('current').sessions
-    end
-
-    def pairings
-      Userbin::User.new('current').pairings
-    end
-
-    def channels
-      Userbin::User.new('current').channels
-    end
-
-    def recovery_codes
-      Userbin::User.new('current').recovery_codes
+    def mfa_enabled?
+      session_token ? session_token.mfa_enabled? : false
     end
 
-    def enable_mfa
-      Userbin::User.new('current').enable_mfa
+    def mfa_in_progress?
+      session_token ? session_token.has_challenge? : false
     end
 
-    def disable_mfa
-      Userbin::User.new('current').disable_mfa
+    def mfa_required?
+      session_token ? session_token.needs_challenge? : false
     end
 
   end

data/lib/userbin/configuration.rb

@@ -27,7 +27,7 @@ module Userbin
     end
 
     def api_secret
-      ENV['USERBIN_API_SECRET'] || @_api_secret
+      ENV['USERBIN_API_SECRET'] || @_api_secret || ''
     end
 
     def api_secret=(value)

data/lib/userbin/errors.rb

@@ -7,8 +7,10 @@ class Userbin::ConfigurationError < Userbin::Error; end
 class Userbin::ApiError < Userbin::Error; end
 
 class Userbin::BadRequestError < Userbin::ApiError; end
-class Userbin::UnauthorizedError < Userbin::ApiError; end
 class Userbin::ForbiddenError < Userbin::ApiError; end
 class Userbin::NotFoundError < Userbin::ApiError; end
 class Userbin::UserUnauthorizedError < Userbin::ApiError; end
 class Userbin::InvalidParametersError < Userbin::ApiError; end
+
+class Userbin::UnauthorizedError < Userbin::ApiError; end
+class Userbin::ChallengeRequiredError < Userbin::ApiError; end

data/lib/userbin/ext/her.rb

@@ -0,0 +1,14 @@
+#
+# Add destroy to association: user.challenges.destroy(id)
+#
+module Her::Model::Associations
+  class AssociationProxy
+    install_proxy_methods :association, :destroy
+  end
+
+  class HasManyAssociation < Association ## remove inheritance
+    def destroy(id)
+      @klass.destroy_existing(id, :"#{@parent.singularized_resource_name}_id" => @parent.id)
+    end
+  end
+end

data/lib/userbin/models/challenge.rb

@@ -1,6 +1,7 @@
 module Userbin
   class Challenge < Model
-    has_one :channel
+    collection_path "users/:user_id/challenges"
+    has_one :pairing
     instance_post :verify
   end
 end

data/lib/userbin/models/model.rb

@@ -20,6 +20,21 @@ module Userbin
     end
 
     def self.instance_custom(method, action)
+      #
+      # Add method calls to association: user.challenges.verify(id, attributes)
+      #
+      AssociationProxy.class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        install_proxy_methods :association, :#{action}
+      RUBY
+      HasManyAssociation.class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def #{action}(id, attributes={})
+          @klass.build({:id => id, :"\#{@parent.singularized_resource_name}_id" => @parent.id}).#{action}(attributes)
+        end
+      RUBY
+
+      #
+      # Add method call to instance: user.enable_mfa
+      #
       class_eval <<-RUBY, __FILE__, __LINE__ + 1
         def #{action}(params={})
           self.class.#{method}("\#{request_path}/#{action}", params)

data/lib/userbin/models/pairing.rb

@@ -2,6 +2,7 @@ module Userbin
   class Pairing < Model
     collection_path "users/:user_id/pairings"
     instance_post :verify
+    instance_post :set_default
     belongs_to :user
   end
 end

data/lib/userbin/models/recovery_codes.rb

@@ -0,0 +1,4 @@
+module Userbin
+  class RecoveryCodes < Model
+  end
+end

data/lib/userbin/models/session.rb

@@ -1,5 +1,6 @@
 module Userbin
   class Session < Model
+    collection_path "users/:user_id/sessions"
     instance_post :refresh
   end
 end

data/lib/userbin/models/user.rb

@@ -6,9 +6,17 @@ module Userbin
     instance_post :enable_mfa
     instance_post :disable_mfa
 
-    has_many :channels
+    has_many :challenges
     has_many :events
     has_many :pairings
     has_many :sessions
+
+    def backup_codes(params={})
+      Userbin::RecoveryCodes.get("/v1/users/#{id}/backup_codes", params)
+    end
+
+    def generate_backup_codes(params={})
+      Userbin::RecoveryCodes.post("/v1/users/#{id}/backup_codes", params)
+    end
   end
 end

data/lib/userbin/utils.rb

@@ -4,7 +4,7 @@ module Userbin
   class << self
     def setup_api(api_secret = nil)
       api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
-        "https://secure.userbin.com/v1"
+        "https://api.userbin.com/v1"
       }
 
       Her::API.setup url: api_endpoint do |c|

data/lib/userbin/version.rb

@@ -1,3 +1,3 @@
 module Userbin
-  VERSION = "1.2.0"
+  VERSION = "1.3.0"
 end

data/spec/fixtures/vcr_cassettes/challenge_create.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://:secretkey@secure.userbin.com/v1/users/dTxR68nzuRXT4wrB2HJ4hanYtcaGSz2y/challenges
+    uri: https://:secretkey@api.userbin.com/v1/users/dTxR68nzuRXT4wrB2HJ4hanYtcaGSz2y/challenges
     body:
       encoding: UTF-8
       string: "{}"

data/spec/fixtures/vcr_cassettes/challenge_verify.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://:secretkey@secure.userbin.com/v1/challenges/UWwy5FrWf9DTeoTpJz1LpBp4dPkWZ2Ne/verify
+    uri: https://:secretkey@api.userbin.com/v1/challenges/UWwy5FrWf9DTeoTpJz1LpBp4dPkWZ2Ne/verify
     body:
       encoding: UTF-8
       string: '{"response":"000000"}'

data/spec/fixtures/vcr_cassettes/session_create.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://:secretkey@secure.userbin.com/v1/users/user-2412/sessions
+    uri: https://:secretkey@api.userbin.com/v1/users/user-2412/sessions
     body:
       encoding: UTF-8
       string: '{"user":{"email":"valid@example.com"}}'

data/spec/fixtures/vcr_cassettes/session_refresh.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://:secretkey@secure.userbin.com/v1/sessions/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s/refresh
+    uri: https://:secretkey@api.userbin.com/v1/sessions/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s/refresh
     body:
       encoding: UTF-8
       string: '{"user":{"name":"New Name"}}'

data/spec/fixtures/vcr_cassettes/session_verify.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://:secretkey@secure.userbin.com/v1/sessions/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s/verify
+    uri: https://:secretkey@api.userbin.com/v1/sessions/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s/verify
     body:
       encoding: UTF-8
       string: '{"response":"017010"}'

data/spec/fixtures/vcr_cassettes/user_find.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://:secretkey@secure.userbin.com/v1/users/9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4
+    uri: https://:secretkey@api.userbin.com/v1/users/9RA2j3cYDxt8gefQUduKnxUxRRGy6Rz4
     body:
       encoding: US-ASCII
       string: ''

data/spec/fixtures/vcr_cassettes/user_find_non_existing.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://:secretkey@secure.userbin.com/v1/users/non_existing
+    uri: https://:secretkey@api.userbin.com/v1/users/non_existing
     body:
       encoding: US-ASCII
       string: ''

data/spec/fixtures/vcr_cassettes/user_import.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://:secretkey@secure.userbin.com/v1/users/import
+    uri: https://:secretkey@api.userbin.com/v1/users/import
     body:
       encoding: UTF-8
       string: '{"users":[{"email":"10@example.com","username":"10"},{"email":"20@example.com","username":"20"}]}'

data/spec/fixtures/vcr_cassettes/user_update.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: put
-    uri: https://:secretkey@secure.userbin.com/v1/users/AKfwtfrAzdDKp55aty8o14MoudkaS9BL
+    uri: https://:secretkey@api.userbin.com/v1/users/AKfwtfrAzdDKp55aty8o14MoudkaS9BL
     body:
       encoding: UTF-8
       string: '{"id":"AKfwtfrAzdDKp55aty8o14MoudkaS9BL","email":"updated@example.com","created_at":"2014-04-27

data/spec/models/challenge_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe 'Userbin::Challenge' do
-  it 'creates a challenge' do
+  xit 'creates a challenge' do
     VCR.use_cassette('challenge_create') do
       challenge = Userbin::Challenge.post(
         "users/dTxR68nzuRXT4wrB2HJ4hanYtcaGSz2y/challenges")
@@ -9,7 +9,7 @@ describe 'Userbin::Challenge' do
     end
   end
 
-  it 'verifies a challenge' do
+  xit 'verifies a challenge' do
     VCR.use_cassette('challenge_verify') do
       challenge = Userbin::Challenge.new(id: 'UWwy5FrWf9DTeoTpJz1LpBp4dPkWZ2Ne')
       challenge.verify(response: '000000')

data/spec/models/session_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 describe 'Userbin::Session' do
   let(:session_token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImlzcyI6InVzZXItMjQxMiIsInN1YiI6IlMyb2R4UmVabkdxaHF4UGFRN1Y3a05rTG9Ya0daUEZ6IiwiYXVkIjoiODAwMDAwMDAwMDAwMDAwIiwiZXhwIjoxMzk5NDc5Njc1LCJpYXQiOjEzOTk0Nzk2NjUsImp0aSI6MH0.eyJjaGFsbGVuZ2UiOnsiaWQiOiJUVENqd3VyM3lwbTRUR1ZwWU43cENzTXFxOW9mWEVBSCIsInR5cGUiOiJvdHBfYXV0aGVudGljYXRvciJ9fQ.LT9mUzJEbsizbFxcpMo3zbms0aCDBzfgMbveMGSi1-s' }
 
-  it 'creates a session' do
+  xit 'creates a session' do
     VCR.use_cassette('session_create') do
       user_id = 'user-2412'
       session = Userbin::Session.post(

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: userbin
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Johan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-10-02 00:00:00.000000000 Z
+date: 2014-10-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: her
@@ -176,14 +176,14 @@ files:
 - lib/userbin/client.rb
 - lib/userbin/configuration.rb
 - lib/userbin/errors.rb
+- lib/userbin/ext/her.rb
 - lib/userbin/jwt.rb
 - lib/userbin/models/challenge.rb
-- lib/userbin/models/channel.rb
 - lib/userbin/models/event.rb
 - lib/userbin/models/model.rb
 - lib/userbin/models/monitoring.rb
 - lib/userbin/models/pairing.rb
-- lib/userbin/models/recovery_code.rb
+- lib/userbin/models/recovery_codes.rb
 - lib/userbin/models/session.rb
 - lib/userbin/models/user.rb
 - lib/userbin/request.rb

data/lib/userbin/models/channel.rb

@@ -1,6 +0,0 @@
-module Userbin
-  class Channel < Model
-    collection_path "users/:user_id/channels"
-    belongs_to :user
-  end
-end

data/lib/userbin/models/recovery_code.rb

@@ -1,4 +0,0 @@
-module Userbin
-  class RecoveryCode < Model
-  end
-end