Initial commit

.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in has_one_time_password.gemspec
+gemspec

LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Guillermo Iguaran, Roberto Miranda, Firebase.co
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,66 @@
+# HasOneTimePassword
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'active_model_otp'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install active_model_otp
+
+## Usage
+
+### Setting Model
+Add otp_secret_key to your model
+
+    rails g migration AddOtpSecretKeyToUsers otp_secret_key:string
+
+```ruby
+class User < ActiveRecord::Base
+  has_otp_password
+end
+```
+
+### Authenticating using a code
+
+```ruby
+user.authenticate_otp('123456') # => true
+sleep 30
+user.authenticate_otp('123456') # => false
+```
+
+### Getting current code (ex. to send via SMS)
+
+```ruby
+user.otp_code # => '123456'
+```
+
+### Getting provision URI (to generate QR codes compatibles with Google Authenticator app)
+
+```ruby
+user.provision_uri # => 'otpauth://totp/[email protected]?secret=JBSWY3DPEHPK3PXP'
+```
+
+### Useful Examples
+
+#### Generating QR Code with Google Charts API
+
+#### Generating QR Code with rqrcode and chunky_png
+
+#### Sendind code via email with Twilio
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

active_model_otp.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'active_model/otp/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "active_model_otp"
+  spec.version       = ActiveModel::Otp::VERSION
+  spec.authors       = ["Guillermo Iguaran", "Roberto Miranda"]
+  spec.email         = ["[email protected]", "[email protected]"]
+  spec.description   = %q{Adds methods to set and authenticate against one time passwords. Inspired in AM::SecurePassword"}
+  spec.summary       = "Adds methods to set and authenticate against one time passwords."
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "activemodel"
+  spec.add_dependency "rotp"
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

lib/active_model/otp.rb

@@ -0,0 +1,31 @@
+module ActiveModel
+  module Otp
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      def has_one_time_password(options = {})
+        include InstanceMethodsOnActivation
+
+        if options.fetch(:validations, true)
+          before_create { self.otp_secret_key = ROTP::Base32.random_base32 }
+        end
+
+        if respond_to?(:attributes_protected_by_default)
+          def self.attributes_protected_by_default #:nodoc:
+            super + ['otp_secret_key']
+          end
+        end
+      end
+    end
+
+    module InstanceMethodsOnActivation
+      def authenticate_otp(code)
+        ROTP::TOTP.new(self.otp_secret_key).verify(code)
+      end
+
+      def provisioning_uri
+        ROTP::TOTP.new(self.otp_secret_key).provisioning_url(self.email)
+      end
+    end
+  end
+end

lib/active_model/otp/version.rb

@@ -0,0 +1,5 @@
+module ActiveModel
+  module Otp
+    VERSION = "0.0.1"
+  end
+end

lib/active_model_otp.rb

@@ -0,0 +1,7 @@
+require "active_model"
+require "rotp"
+require "active_model/otp"
+
+ActiveSupport.on_load(:active_record) do
+  include ActiveModel::Otp
+end