two_factor_authentication/spec/support/authenticated_model_helper.rb

module AuthenticatedModelHelper
  def build_guest_user
    GuestUser.new
  end

  def create_user(type = 'encrypted', attributes = {})
    create_table_for_nonencrypted_user if type == 'not_encrypted'

    User.create!(valid_attributes(attributes))
  end

  def create_admin
    Admin.create!(valid_attributes.except(:nickname))
  end

  def valid_attributes(attributes={})
    {
      nickname: 'Marissa',
      email: generate_unique_email,
      password: 'password',
      password_confirmation: 'password'
    }.merge(attributes)
  end

  def generate_unique_email
    @@email_count ||= 0
    @@email_count += 1
    "user#{@@email_count}@example.com"
  end

  def create_table_for_nonencrypted_user
    silence_stream(STDOUT) do
      ActiveRecord::Schema.define(version: 1) do
        create_table 'users', force: :cascade do |t|
          t.string   'email', default: '', null: false
          t.string   'encrypted_password', default: '', null: false
          t.string   'reset_password_token'
          t.datetime 'reset_password_sent_at'
          t.datetime 'remember_created_at'
          t.integer  'sign_in_count', default: 0,  null: false
          t.datetime 'current_sign_in_at'
          t.datetime 'last_sign_in_at'
          t.string   'current_sign_in_ip'
          t.string   'last_sign_in_ip'
          t.datetime 'created_at', null: false
          t.datetime 'updated_at', null: false
          t.integer  'second_factor_attempts_count', default: 0
          t.string   'nickname', limit: 64
          t.string   'otp_secret_key'
          t.string   'direct_otp'
          t.datetime 'direct_otp_sent_at'
        end
      end
    end
  end
end

RSpec.configuration.send(:include, AuthenticatedModelHelper)
Introducing first spec to test otp code. 11 years ago			`module AuthenticatedModelHelper`
extract GuestUser for unit specs 11 years ago			`def build_guest_user`
			`GuestUser.new`
Spec: validate that send_two_factor_authentication_code can be overwritten 11 years ago			`end`

Add support for OTP secret key encryption Why: To provide an additional layer of security. The TOTP spec (RFC 6238) recommends encrypting the keys. http://tools.ietf.org/html/rfc6238 How: Borrow the encryption code from the `attr_encrypted` gem and use it to encrypt and decrypt the `otp_secret_key` attribute. Allow users to add encryption by passing in `encrypted: true` to `has_one_time_password`. This provides backwards-compatibility for existing users of the gem. See the README updates for more detailed instructions for both new and existing users. 9 years ago			`def create_user(type = 'encrypted', attributes = {})`
			`create_table_for_nonencrypted_user if type == 'not_encrypted'`

happy path feature specs for two factor auth 11 years ago			`User.create!(valid_attributes(attributes))`
			`end`

Fix class detection in reset_otp_state_for(user) Why: When looking up a class with `Object.const_defined?`, `false` will be returned the first time it is called, even when the class exists in the Rails app. I think this might be due to the way Rails loads classes. How: Use `ActiveSupport::Inflector#constantize`, which returns the class all the time when the class exists, and throws a `NameError` when it doesn't. The only way I was able to properly test this was to create the `UserOtpSender` class as a real file in the test Rails app, and create a Devise Admin user to test the scenario where `AdminOtpSender` does not exist. I verified that with the old code, `reset_otp_state` was not being called when it should be, and that the new code makes the tests pass. 9 years ago			`def create_admin`
			`Admin.create!(valid_attributes.except(:nickname))`
			`end`

happy path feature specs for two factor auth 11 years ago			`def valid_attributes(attributes={})`
			`{`
Feature spec for max login attempts adds nickname column to dummy app user Update feature specs with user nickname; add max login attempt spec regenerate schema 11 years ago			`nickname: 'Marissa',`
happy path feature specs for two factor auth 11 years ago			`email: generate_unique_email,`
			`password: 'password',`
			`password_confirmation: 'password'`
			`}.merge(attributes)`
			`end`

			`def generate_unique_email`
			`@@email_count \|\|= 0`
			`@@email_count += 1`
			`"user#{@@email_count}@example.com"`
			`end`

Add support for OTP secret key encryption Why: To provide an additional layer of security. The TOTP spec (RFC 6238) recommends encrypting the keys. http://tools.ietf.org/html/rfc6238 How: Borrow the encryption code from the `attr_encrypted` gem and use it to encrypt and decrypt the `otp_secret_key` attribute. Allow users to add encryption by passing in `encrypted: true` to `has_one_time_password`. This provides backwards-compatibility for existing users of the gem. See the README updates for more detailed instructions for both new and existing users. 9 years ago			`def create_table_for_nonencrypted_user`
			`silence_stream(STDOUT) do`
			`ActiveRecord::Schema.define(version: 1) do`
			`create_table 'users', force: :cascade do \|t\|`
			`t.string 'email', default: '', null: false`
			`t.string 'encrypted_password', default: '', null: false`
			`t.string 'reset_password_token'`
			`t.datetime 'reset_password_sent_at'`
			`t.datetime 'remember_created_at'`
			`t.integer 'sign_in_count', default: 0, null: false`
			`t.datetime 'current_sign_in_at'`
			`t.datetime 'last_sign_in_at'`
			`t.string 'current_sign_in_ip'`
			`t.string 'last_sign_in_ip'`
			`t.datetime 'created_at', null: false`
			`t.datetime 'updated_at', null: false`
			`t.integer 'second_factor_attempts_count', default: 0`
			`t.string 'nickname', limit: 64`
			`t.string 'otp_secret_key'`
Add support for directly delivered OTP codes Direct OTP codes are ones that are delivered directly to the user (e.g. SMS) via send_two_factor_authentication_code. These are randomly generated, short lived, and stored directly in the database. TOTP (and the rotp gem) is now only enabled for those user that have a shared secret (user.create_otp_secret). 9 years ago			`t.string 'direct_otp'`
			`t.datetime 'direct_otp_sent_at'`
Add support for OTP secret key encryption Why: To provide an additional layer of security. The TOTP spec (RFC 6238) recommends encrypting the keys. http://tools.ietf.org/html/rfc6238 How: Borrow the encryption code from the `attr_encrypted` gem and use it to encrypt and decrypt the `otp_secret_key` attribute. Allow users to add encryption by passing in `encrypted: true` to `has_one_time_password`. This provides backwards-compatibility for existing users of the gem. See the README updates for more detailed instructions for both new and existing users. 9 years ago			`end`
			`end`
			`end`
			`end`
extract method #max_login_attempts Respects Law of Demeter, useful for stubbing out methods on instance or for apps that use the NullObject pattern for guest user accounts. 11 years ago			`end`
happy path feature specs for two factor auth 11 years ago
			`RSpec.configuration.send(:include, AuthenticatedModelHelper)`