8d4da3beb5
Add support for remembering a user's 2FA session in a cookie
...
This makes the gem store a signed cookie for a configurable amount of
time that allows the user to bypass 2FA. Our use-case for this is that
we expire user’s Devise sessions after 12 hours, but don’t want to
force them to authenticate using 2FA every day.
Signed cookies are available since Rails 3. This requires the signing
functionality to be properly configured, but is disabled by setting the
config variable to `0`, the default.
10 years ago
7dd514a699
Test against Ruby 2.2 and Rails 4.2
...
Adds builds to the travisci matrix for Ruby 2.2 and Rails 4.2.4
Also fixes a couple of deprecation warnings that surface as part of
this change.
10 years ago
f833673c26
Sign in or Log in button indifferent
11 years ago
3076c6053b
Allows otp_length to be configurable
...
Adds otp_length to options in README
Sets default length to 6
11 years ago
677cb78d5f
Preserve query parameters in _return_to for redirect.
...
Storing just request.path drops the query string which makes two factory
authentication less useful when the guarded page needs those parameters.
This brings the two factor authentication redirect behavior in line with
devise's.
11 years ago
6610f83335
update rspec to version 3
11 years ago
7505dbf8c8
+cookies serializer for rails apps with version >= 4.1
12 years ago
29bddf19f6
Pad OTP codes with less than 6 digits
12 years ago
a8cea83253
is_fully_authenticated helper
12 years ago
bb1a619a3c
ensure return_to location is properly stored
...
fixes small typo in session key for what Devise expects when retrieving
stored return_to path for a given scope
12 years ago
c58640c6d2
adds integration spec to ensure authentication code is sent on sign in
12 years ago
0a57c06d15
feature spec for checking max attempts before show
12 years ago
c49c267928
Feature spec for max login attempts
...
adds nickname column to dummy app user
Update feature specs with user nickname; add max login attempt spec
regenerate schema
12 years ago
0e32309820
Updates to dummy app
...
update .gitignore
updates for rails 4
update dummy spec assets
remove dummy app home helper
update dummy spec README
Restore lib/two_factor_authentication.rb
12 years ago
957e6b144b
extract GuestUser for unit specs
12 years ago
f46a62720c
happy path feature specs for two factor auth
12 years ago
b25dd2ffc2
remove User model from spec/support; now loaded from spec rails app
12 years ago
6ea4db49fe
rename rails app in spec directory
12 years ago
269f4df246
install two_factor_authentication in dummy app User
12 years ago
eb392309d3
remove log and sqlite3 dummy app files from git
12 years ago
4c4f978d2e
Load dummy environment in specs and dummy tasks in Rakefile
12 years ago
cbc1d3dcda
generated dummy app with basic devise install
12 years ago
153a4531ca
extract method #max_login_attempts
...
Respects Law of Demeter, useful for stubbing out methods on instance or
for apps that use the NullObject pattern for guest user accounts.
12 years ago
9ef373482a
extract method #populate_otp_column
...
useful for populating column values for pre-existing devise-enabled records
12 years ago
404372e317
specs for Model#provisioning_uri
12 years ago
4d2dbe1c44
Spec: validate that send_two_factor_authentication_code can be overwritten
12 years ago
a57329534f
Test otp authentication.
12 years ago
d00f0ae35e
Introducing first spec to test otp code.
12 years ago
ea0799270e
Adding rspec.
12 years ago
Paul Bowsher
Dmitrii Golub
amoose
Albert J. Wong
Johan Brissmyr
Edger
Ross Kaffenberger
Matt Mueller