Browse Source

RubyGems 2FA gem (#710)

* RubyGems 2FA gem

* Overriding private methods is a bad time
pull/711/head
baarkerlounger 3 years ago committed by GitHub
parent
commit
8ccac075a1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 5
      Gemfile
  2. 19
      Gemfile.lock
  3. 2
      app/controllers/auth/passwords_controller.rb
  4. 2
      app/controllers/auth/two_factor_authentication_controller.rb

5
Gemfile

@ -34,9 +34,8 @@ gem "json-schema"
# Authentication
# Point at branch until devise is compatible with Turbo, see https://github.com/heartcombo/devise/pull/5340
gem "devise", github: "baarkerlounger/devise", branch: "dluhc-fixes"
# Two-factor Authentication for devise models. Pointing at fork until this is merged for Rails 6 compatibility
# https://github.com/Houdini/two_factor_authentication/pull/204
gem "two_factor_authentication", github: "baarkerlounger/two_factor_authentication"
# Two-factor Authentication for devise models.
gem "devise_two_factor_authentication"
# UK postcode parsing and validation
gem "uk_postcode"
# Get rich data from postcode lookups. Wraps postcodes.io

19
Gemfile.lock

@ -10,17 +10,6 @@ GIT
responders
warden (~> 1.2.3)
GIT
remote: https://github.com/baarkerlounger/two_factor_authentication.git
revision: 5fa6ba40d90df9c1711d1b5eeff34686dda133a2
specs:
two_factor_authentication (2.2.0)
devise
encryptor
rails (>= 3.1.1)
randexp
rotp (>= 4.0.0)
GEM
remote: https://rubygems.org/
specs:
@ -145,6 +134,12 @@ GEM
crack (0.4.5)
rexml
crass (1.0.6)
devise_two_factor_authentication (3.0.0)
devise
encryptor
rails (>= 3.1.1)
randexp
rotp (>= 4.0.0)
diff-lcs (1.5.0)
digest (3.1.0)
docile (1.4.0)
@ -440,6 +435,7 @@ DEPENDENCIES
capybara
capybara-lockstep
devise!
devise_two_factor_authentication
dotenv-rails
erb_lint
factory_bot_rails
@ -475,7 +471,6 @@ DEPENDENCIES
simplecov
stimulus-rails
timecop (~> 0.9.4)
two_factor_authentication!
tzinfo-data
uk_postcode
view_component

2
app/controllers/auth/passwords_controller.rb

@ -55,7 +55,7 @@ protected
return unless resource.respond_to?(:need_two_factor_authentication?) &&
resource.need_two_factor_authentication?(request)
warden.session(resource_class.name.underscore)[TwoFactorAuthentication::NEED_AUTHENTICATION] = true
warden.session(resource_class.name.underscore)[DeviseTwoFactorAuthentication::NEED_AUTHENTICATION] = true
end
def password_update_flash_message

2
app/controllers/auth/two_factor_authentication_controller.rb

@ -25,7 +25,7 @@ private
def after_two_factor_success_for(resource)
set_remember_two_factor_cookie(resource)
warden.session(resource_name)[TwoFactorAuthentication::NEED_AUTHENTICATION] = false
warden.session(resource_name)[DeviseTwoFactorAuthentication::NEED_AUTHENTICATION] = false
bypass_sign_in(resource, scope: resource_name)
resource.update!(second_factor_attempts_count: 0)

Loading…
Cancel
Save