Skip to content

mainio/decidim-module-adminauth

BranchesTags

Repository files navigation

Decidim::Adminauth

Build Status codecov

Hardened admin access for Decidim. Adds one time login codes requirement for admins to make admin access more restricted. The login codes are delivered by email to the user during their login attempts.

The gem has been developed by Mainio Tech.

The authentication logic is highly based on the MIT licensed devise-otp gem. This gem integrates more deeply with Decidim and narrows down the scope of the OTP logins for admins only. The OTP code is also delivered by email instead of an authentication application for ease of use and introduction.

The development has been sponsored by the City of Helsinki.

Installation

Add this line to your application's Gemfile:

gem "decidim-adminauth", github: "mainio/decidim-module-adminauth"

And then execute:

$ bundle
$ bundle exec rails decidim_adminauth:install:migrations
$ bundle exec rails db:migrate

Usage

After installing this gem, the features provided by this gem are automatically enabled.

Admins are required to enter a login code sent to their email addresses in order to harden the admin access for the platform. This way if passwords are leaked, there is a secondary step required for the attackers to gain access to the target user's email address.

Contributing

See Decidim.

Testing

To run the tests run the following in the gem development path:

$ bundle
$ DATABASE_USERNAME=<username> DATABASE_PASSWORD=<password> bundle exec rake test_app
$ DATABASE_USERNAME=<username> DATABASE_PASSWORD=<password> bundle exec rspec

Note that the database user has to have rights to create and drop a database in order to create the dummy test app database.

In case you are using rbenv and have the rbenv-vars plugin installed for it, you can add these environment variables to the root directory of the project in a file named .rbenv-vars. In this case, you can omit defining these in the commands shown above.

Test code coverage

If you want to generate the code coverage report for the tests, you can use the SIMPLECOV=1 environment variable in the rspec command as follows:

$ SIMPLECOV=1 bundle exec rspec

This will generate a folder named coverage in the project root which contains the code coverage report.

Localization

Currently localization of the module happens in this repository only.

License

See LICENSE-AGPLv3.txt.

About

Hardened admin access for Decidim.

Resources

Readme

License

AGPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages