two_factor_authentication/spec/rails_app/db/schema.rb

# This file is auto-generated from the current state of the database. Instead
# of editing this file, please use the migrations feature of Active Record to
# incrementally modify your database, and then regenerate this schema definition.
#
# Note that this schema.rb definition is the authoritative source for your
# database schema. If you need to create the application database on another
# system, you should be using db:schema:load, not running all the migrations
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
# you'll amass, the slower it'll run and the greater likelihood for issues).
#
# It's strongly recommended that you check this file into your version control system.

ActiveRecord::Schema.define(version: 2016_02_09_032439) do

  create_table "admins", force: :cascade do |t|
    t.string "email", default: "", null: false
    t.string "encrypted_password", default: "", null: false
    t.string "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer "sign_in_count", default: 0, null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string "current_sign_in_ip"
    t.string "last_sign_in_ip"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["email"], name: "index_admins_on_email", unique: true
    t.index ["reset_password_token"], name: "index_admins_on_reset_password_token", unique: true
  end

  create_table "users", force: :cascade do |t|
    t.string "email", default: "", null: false
    t.string "encrypted_password", default: "", null: false
    t.string "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer "sign_in_count", default: 0, null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string "current_sign_in_ip"
    t.string "last_sign_in_ip"
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.integer "second_factor_attempts_count", default: 0
    t.string "nickname", limit: 64
    t.string "encrypted_otp_secret_key"
    t.string "encrypted_otp_secret_key_iv"
    t.string "encrypted_otp_secret_key_salt"
    t.index ["email"], name: "index_users_on_email", unique: true
    t.index ["encrypted_otp_secret_key"], name: "index_users_on_encrypted_otp_secret_key", unique: true
    t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
  end

end
generated dummy app with basic devise install 11 years ago			`# This file is auto-generated from the current state of the database. Instead`
			`# of editing this file, please use the migrations feature of Active Record to`
			`# incrementally modify your database, and then regenerate this schema definition.`
			`#`
			`# Note that this schema.rb definition is the authoritative source for your`
			`# database schema. If you need to create the application database on another`
			`# system, you should be using db:schema:load, not running all the migrations`
			`# from scratch. The latter is a flawed and unsustainable approach (the more migrations`
			`# you'll amass, the slower it'll run and the greater likelihood for issues).`
			`#`
Add support for OTP secret key encryption Why: To provide an additional layer of security. The TOTP spec (RFC 6238) recommends encrypting the keys. http://tools.ietf.org/html/rfc6238 How: Borrow the encryption code from the `attr_encrypted` gem and use it to encrypt and decrypt the `otp_secret_key` attribute. Allow users to add encryption by passing in `encrypted: true` to `has_one_time_password`. This provides backwards-compatibility for existing users of the gem. See the README updates for more detailed instructions for both new and existing users. 9 years ago			`# It's strongly recommended that you check this file into your version control system.`
generated dummy app with basic devise install 11 years ago
update spec schema.rb 6 years ago			`ActiveRecord::Schema.define(version: 2016_02_09_032439) do`
Fix class detection in reset_otp_state_for(user) Why: When looking up a class with `Object.const_defined?`, `false` will be returned the first time it is called, even when the class exists in the Rails app. I think this might be due to the way Rails loads classes. How: Use `ActiveSupport::Inflector#constantize`, which returns the class all the time when the class exists, and throws a `NameError` when it doesn't. The only way I was able to properly test this was to create the `UserOtpSender` class as a real file in the test Rails app, and create a Devise Admin user to test the scenario where `AdminOtpSender` does not exist. I verified that with the old code, `reset_otp_state` was not being called when it should be, and that the new code makes the tests pass. 9 years ago
			`create_table "admins", force: :cascade do \|t\|`
Normalize migrations between Rails 4 and Rails 5 7 years ago			`t.string "email", default: "", null: false`
			`t.string "encrypted_password", default: "", null: false`
			`t.string "reset_password_token"`
Fix class detection in reset_otp_state_for(user) Why: When looking up a class with `Object.const_defined?`, `false` will be returned the first time it is called, even when the class exists in the Rails app. I think this might be due to the way Rails loads classes. How: Use `ActiveSupport::Inflector#constantize`, which returns the class all the time when the class exists, and throws a `NameError` when it doesn't. The only way I was able to properly test this was to create the `UserOtpSender` class as a real file in the test Rails app, and create a Devise Admin user to test the scenario where `AdminOtpSender` does not exist. I verified that with the old code, `reset_otp_state` was not being called when it should be, and that the new code makes the tests pass. 9 years ago			`t.datetime "reset_password_sent_at"`
			`t.datetime "remember_created_at"`
Normalize migrations between Rails 4 and Rails 5 7 years ago			`t.integer "sign_in_count", default: 0, null: false`
Fix class detection in reset_otp_state_for(user) Why: When looking up a class with `Object.const_defined?`, `false` will be returned the first time it is called, even when the class exists in the Rails app. I think this might be due to the way Rails loads classes. How: Use `ActiveSupport::Inflector#constantize`, which returns the class all the time when the class exists, and throws a `NameError` when it doesn't. The only way I was able to properly test this was to create the `UserOtpSender` class as a real file in the test Rails app, and create a Devise Admin user to test the scenario where `AdminOtpSender` does not exist. I verified that with the old code, `reset_otp_state` was not being called when it should be, and that the new code makes the tests pass. 9 years ago			`t.datetime "current_sign_in_at"`
			`t.datetime "last_sign_in_at"`
Normalize migrations between Rails 4 and Rails 5 7 years ago			`t.string "current_sign_in_ip"`
			`t.string "last_sign_in_ip"`
			`t.datetime "created_at", null: false`
			`t.datetime "updated_at", null: false`
			`t.index ["email"], name: "index_admins_on_email", unique: true`
			`t.index ["reset_password_token"], name: "index_admins_on_reset_password_token", unique: true`
Fix class detection in reset_otp_state_for(user) Why: When looking up a class with `Object.const_defined?`, `false` will be returned the first time it is called, even when the class exists in the Rails app. I think this might be due to the way Rails loads classes. How: Use `ActiveSupport::Inflector#constantize`, which returns the class all the time when the class exists, and throws a `NameError` when it doesn't. The only way I was able to properly test this was to create the `UserOtpSender` class as a real file in the test Rails app, and create a Devise Admin user to test the scenario where `AdminOtpSender` does not exist. I verified that with the old code, `reset_otp_state` was not being called when it should be, and that the new code makes the tests pass. 9 years ago			`end`

Add support for OTP secret key encryption Why: To provide an additional layer of security. The TOTP spec (RFC 6238) recommends encrypting the keys. http://tools.ietf.org/html/rfc6238 How: Borrow the encryption code from the `attr_encrypted` gem and use it to encrypt and decrypt the `otp_secret_key` attribute. Allow users to add encryption by passing in `encrypted: true` to `has_one_time_password`. This provides backwards-compatibility for existing users of the gem. See the README updates for more detailed instructions for both new and existing users. 9 years ago			`create_table "users", force: :cascade do \|t\|`
Normalize migrations between Rails 4 and Rails 5 7 years ago			`t.string "email", default: "", null: false`
			`t.string "encrypted_password", default: "", null: false`
			`t.string "reset_password_token"`
generated dummy app with basic devise install 11 years ago			`t.datetime "reset_password_sent_at"`
			`t.datetime "remember_created_at"`
Normalize migrations between Rails 4 and Rails 5 7 years ago			`t.integer "sign_in_count", default: 0, null: false`
generated dummy app with basic devise install 11 years ago			`t.datetime "current_sign_in_at"`
			`t.datetime "last_sign_in_at"`
Normalize migrations between Rails 4 and Rails 5 7 years ago			`t.string "current_sign_in_ip"`
			`t.string "last_sign_in_ip"`
			`t.datetime "created_at", null: false`
			`t.datetime "updated_at", null: false`
			`t.integer "second_factor_attempts_count", default: 0`
			`t.string "nickname", limit: 64`
			`t.string "encrypted_otp_secret_key"`
			`t.string "encrypted_otp_secret_key_iv"`
			`t.string "encrypted_otp_secret_key_salt"`
			`t.index ["email"], name: "index_users_on_email", unique: true`
			`t.index ["encrypted_otp_secret_key"], name: "index_users_on_encrypted_otp_secret_key", unique: true`
			`t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true`
generated dummy app with basic devise install 11 years ago			`end`

			`end`