Paul Bowsher
8d4da3beb5
Add support for remembering a user's 2FA session in a cookie
...
This makes the gem store a signed cookie for a configurable amount of
time that allows the user to bypass 2FA. Our use-case for this is that
we expire user’s Devise sessions after 12 hours, but don’t want to
force them to authenticate using 2FA every day.
Signed cookies are available since Rails 3. This requires the signing
functionality to be properly configured, but is disabled by setting the
config variable to `0`, the default.
9 years ago
Dave Riess
10e0ebbd9d
replace request.path + '?' + request.query_string with request.original_fullpath in order to avoid appending '?' to redirects that have no query string
10 years ago
Dmitrii Golub
2e18e6ccb9
update version to 1.1.3
10 years ago
amoose
3076c6053b
Allows otp_length to be configurable
...
Adds otp_length to options in README
Sets default length to 6
10 years ago
Albert J. Wong
677cb78d5f
Preserve query parameters in _return_to for redirect.
...
Storing just request.path drops the query string which makes two factory
authentication less useful when the guarded page needs those parameters.
This brings the two factor authentication redirect behavior in line with
devise's.
10 years ago
Jack Turnbull
94dcc19e99
Add file extension to ActiveRecord generator
10 years ago
Dmitrii Golub
1e4a8b13ef
update version to 1.1.2
11 years ago
Laust Rud Jacobsen
20703c0397
Warden hook: refactor to not perform inline assignment for clarity
11 years ago
Laust Rud Jacobsen
c87d591541
Extract reused Warden key constant
11 years ago
Dmitrii Golub
28f9f6f8d9
new version 1.1.1
11 years ago
Karol Sarnacki
f3a39237fa
Use Strings and not Symbols for keys when storing variable in warden session
11 years ago
Johan Brissmyr
29bddf19f6
Pad OTP codes with less than 6 digits
11 years ago
Dmitrii Golub
d7599a8838
version 1.1
11 years ago
Edger
a8cea83253
is_fully_authenticated helper
11 years ago
Ross Kaffenberger
bb1a619a3c
ensure return_to location is properly stored
...
fixes small typo in session key for what Devise expects when retrieving
stored return_to path for a given scope
11 years ago
Ross Kaffenberger
153a4531ca
extract method #max_login_attempts
...
Respects Law of Demeter, useful for stubbing out methods on instance or
for apps that use the NullObject pattern for guest user accounts.
11 years ago
Ross Kaffenberger
9ef373482a
extract method #populate_otp_column
...
useful for populating column values for pre-existing devise-enabled records
11 years ago
Ross Kaffenberger
987c0feef6
provide options for #provisioning_uri
...
options are passed to the ROTP::TOTP constructor, which currently makes
use of :issuer and :interval option keys
11 years ago
Dmitrii Golub
6f0c1fb993
update version to 1
11 years ago
Matt Mueller
af6e150124
Adding unique index to otp secret key.
...
This prevents the potential of a leaking of a single secret key from effecting others.
11 years ago
Matt Mueller
d91d13fc1b
Remove code argument from send_two_factor_authentication_code
11 years ago
Matt Mueller
ffab2c2dd2
Allow for successful rollback of migration.
11 years ago
Matt Mueller
5094238c74
Allowing both config and override of allowed otp drift.
11 years ago
Matt Mueller
1961ae7535
otp_column_name: do not allow for override.
11 years ago
Matt Mueller
4d2dbe1c44
Spec: validate that send_two_factor_authentication_code can be overwritten
11 years ago
Matt Mueller
b4e8138b5a
Only max_login_attempts is now configurable.
11 years ago
Matt Mueller
d00f0ae35e
Introducing first spec to test otp code.
11 years ago
Matt Mueller
3e501a30b2
Misc renames for otp secret key.
11 years ago
Matt Mueller
13f33a9445
Adding otp methods.
11 years ago
Matt Mueller
98868bbece
Change migration to add otp secret key.
11 years ago
Wojtek Kruszewski
ab768d4784
Respond with 401 for request non-HTML requests [ #6 ]
12 years ago
Dmitrii Golub
8e78fc4027
version to 0.2
13 years ago
Vladimir
8da6ada802
need_two_factor_authentication? method should accept request param.
13 years ago
Carlos Vilhena
3c6b836dc0
change should be instance method
13 years ago
Carlos Vilhena
d1a4f4073a
trim empty lines
13 years ago
Carlos Vilhena
457f00dceb
change description
13 years ago
Carlos Vilhena
bf9f970cb6
refactor the schema
13 years ago
Carlos Vilhena
811e91079d
generate migration after adding :two_factor_authentication
13 years ago
Carlos Vilhena
3a7293218a
add active record generator
13 years ago
Carlos Vilhena
e2f54d9980
add migration template
13 years ago
Carlos Vilhena
6be4f7a051
adding generator which will include :two_factor_authenticable to devise
13 years ago
Carlos Vilhena
81fea21391
ActiveSupport::Concern deprecation warnings
13 years ago
Carlos Vilhena
2a0f37dc62
fix "The InstanceMethods module inside ActiveSupport::Concern will be no longer included automatically."
13 years ago
Dmitrii Golub
e4c812ad6d
first commit
13 years ago