From cbc1d3dcdab5973d0ece449444b09520f0497f58 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Thu, 3 Apr 2014 14:53:23 -0400
Subject: [PATCH 01/19] generated dummy app with basic devise install

---
 spec/dummy/README.rdoc                        | 261 ++++++++++++++++++
 spec/dummy/Rakefile                           |   7 +
 .../app/assets/javascripts/application.js     |  15 +
 spec/dummy/app/assets/javascripts/home.js     |   2 +
 .../app/assets/stylesheets/application.css    |  13 +
 spec/dummy/app/assets/stylesheets/home.css    |   4 +
 .../app/controllers/application_controller.rb |   3 +
 spec/dummy/app/controllers/home_controller.rb |   4 +
 spec/dummy/app/helpers/application_helper.rb  |   2 +
 spec/dummy/app/helpers/home_helper.rb         |   2 +
 spec/dummy/app/mailers/.gitkeep               |   0
 spec/dummy/app/models/.gitkeep                |   0
 spec/dummy/app/models/user.rb                 |  10 +
 spec/dummy/app/views/home/index.html.erb      |   2 +
 .../app/views/layouts/application.html.erb    |  14 +
 spec/dummy/config.ru                          |   4 +
 spec/dummy/config/application.rb              |  60 ++++
 spec/dummy/config/boot.rb                     |  10 +
 spec/dummy/config/database.yml                |  25 ++
 spec/dummy/config/environment.rb              |   5 +
 spec/dummy/config/environments/development.rb |  31 +++
 spec/dummy/config/environments/production.rb  |  68 +++++
 spec/dummy/config/environments/test.rb        |  35 +++
 .../initializers/backtrace_silencers.rb       |   7 +
 spec/dummy/config/initializers/devise.rb      | 256 +++++++++++++++++
 spec/dummy/config/initializers/inflections.rb |  15 +
 spec/dummy/config/initializers/mime_types.rb  |   5 +
 .../dummy/config/initializers/secret_token.rb |   7 +
 .../config/initializers/session_store.rb      |   8 +
 .../config/initializers/wrap_parameters.rb    |  14 +
 spec/dummy/config/locales/devise.en.yml       |  59 ++++
 spec/dummy/config/locales/en.yml              |   5 +
 spec/dummy/config/routes.rb                   |  62 +++++
 spec/dummy/db/development.sqlite3             | Bin 0 -> 28672 bytes
 .../20140403184646_devise_create_users.rb     |  42 +++
 spec/dummy/db/schema.rb                       |  34 +++
 spec/dummy/db/test.sqlite3                    | Bin 0 -> 28672 bytes
 spec/dummy/lib/assets/.gitkeep                |   0
 spec/dummy/log/.gitkeep                       |   0
 spec/dummy/log/development.log                |  31 +++
 spec/dummy/log/test.log                       |   2 +
 spec/dummy/public/404.html                    |  26 ++
 spec/dummy/public/422.html                    |  26 ++
 spec/dummy/public/500.html                    |  25 ++
 spec/dummy/public/favicon.ico                 |   0
 spec/dummy/script/rails                       |   6 +
 46 files changed, 1207 insertions(+)
 create mode 100644 spec/dummy/README.rdoc
 create mode 100644 spec/dummy/Rakefile
 create mode 100644 spec/dummy/app/assets/javascripts/application.js
 create mode 100644 spec/dummy/app/assets/javascripts/home.js
 create mode 100644 spec/dummy/app/assets/stylesheets/application.css
 create mode 100644 spec/dummy/app/assets/stylesheets/home.css
 create mode 100644 spec/dummy/app/controllers/application_controller.rb
 create mode 100644 spec/dummy/app/controllers/home_controller.rb
 create mode 100644 spec/dummy/app/helpers/application_helper.rb
 create mode 100644 spec/dummy/app/helpers/home_helper.rb
 create mode 100644 spec/dummy/app/mailers/.gitkeep
 create mode 100644 spec/dummy/app/models/.gitkeep
 create mode 100644 spec/dummy/app/models/user.rb
 create mode 100644 spec/dummy/app/views/home/index.html.erb
 create mode 100644 spec/dummy/app/views/layouts/application.html.erb
 create mode 100644 spec/dummy/config.ru
 create mode 100644 spec/dummy/config/application.rb
 create mode 100644 spec/dummy/config/boot.rb
 create mode 100644 spec/dummy/config/database.yml
 create mode 100644 spec/dummy/config/environment.rb
 create mode 100644 spec/dummy/config/environments/development.rb
 create mode 100644 spec/dummy/config/environments/production.rb
 create mode 100644 spec/dummy/config/environments/test.rb
 create mode 100644 spec/dummy/config/initializers/backtrace_silencers.rb
 create mode 100644 spec/dummy/config/initializers/devise.rb
 create mode 100644 spec/dummy/config/initializers/inflections.rb
 create mode 100644 spec/dummy/config/initializers/mime_types.rb
 create mode 100644 spec/dummy/config/initializers/secret_token.rb
 create mode 100644 spec/dummy/config/initializers/session_store.rb
 create mode 100644 spec/dummy/config/initializers/wrap_parameters.rb
 create mode 100644 spec/dummy/config/locales/devise.en.yml
 create mode 100644 spec/dummy/config/locales/en.yml
 create mode 100644 spec/dummy/config/routes.rb
 create mode 100644 spec/dummy/db/development.sqlite3
 create mode 100644 spec/dummy/db/migrate/20140403184646_devise_create_users.rb
 create mode 100644 spec/dummy/db/schema.rb
 create mode 100644 spec/dummy/db/test.sqlite3
 create mode 100644 spec/dummy/lib/assets/.gitkeep
 create mode 100644 spec/dummy/log/.gitkeep
 create mode 100644 spec/dummy/log/development.log
 create mode 100644 spec/dummy/log/test.log
 create mode 100644 spec/dummy/public/404.html
 create mode 100644 spec/dummy/public/422.html
 create mode 100644 spec/dummy/public/500.html
 create mode 100644 spec/dummy/public/favicon.ico
 create mode 100755 spec/dummy/script/rails

diff --git a/spec/dummy/README.rdoc b/spec/dummy/README.rdoc
new file mode 100644
index 0000000..3e1c15c
--- /dev/null
+++ b/spec/dummy/README.rdoc
@@ -0,0 +1,261 @@
+== Welcome to Rails
+
+Rails is a web-application framework that includes everything needed to create
+database-backed web applications according to the Model-View-Control pattern.
+
+This pattern splits the view (also called the presentation) into "dumb"
+templates that are primarily responsible for inserting pre-built data in between
+HTML tags. The model contains the "smart" domain objects (such as Account,
+Product, Person, Post) that holds all the business logic and knows how to
+persist themselves to a database. The controller handles the incoming requests
+(such as Save New Account, Update Product, Show Post) by manipulating the model
+and directing data to the view.
+
+In Rails, the model is handled by what's called an object-relational mapping
+layer entitled Active Record. This layer allows you to present the data from
+database rows as objects and embellish these data objects with business logic
+methods. You can read more about Active Record in
+link:files/vendor/rails/activerecord/README.html.
+
+The controller and view are handled by the Action Pack, which handles both
+layers by its two parts: Action View and Action Controller. These two layers
+are bundled in a single package due to their heavy interdependence. This is
+unlike the relationship between the Active Record and Action Pack that is much
+more separate. Each of these packages can be used independently outside of
+Rails. You can read more about Action Pack in
+link:files/vendor/rails/actionpack/README.html.
+
+
+== Getting Started
+
+1. At the command prompt, create a new Rails application:
+       <tt>rails new myapp</tt> (where <tt>myapp</tt> is the application name)
+
+2. Change directory to <tt>myapp</tt> and start the web server:
+       <tt>cd myapp; rails server</tt> (run with --help for options)
+
+3. Go to http://localhost:3000/ and you'll see:
+       "Welcome aboard: You're riding Ruby on Rails!"
+
+4. Follow the guidelines to start developing your application. You can find
+the following resources handy:
+
+* The Getting Started Guide: http://guides.rubyonrails.org/getting_started.html
+* Ruby on Rails Tutorial Book: http://www.railstutorial.org/
+
+
+== Debugging Rails
+
+Sometimes your application goes wrong. Fortunately there are a lot of tools that
+will help you debug it and get it back on the rails.
+
+First area to check is the application log files. Have "tail -f" commands
+running on the server.log and development.log. Rails will automatically display
+debugging and runtime information to these files. Debugging info will also be
+shown in the browser on requests from 127.0.0.1.
+
+You can also log your own messages directly into the log file from your code
+using the Ruby logger class from inside your controllers. Example:
+
+  class WeblogController < ActionController::Base
+    def destroy
+      @weblog = Weblog.find(params[:id])
+      @weblog.destroy
+      logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
+    end
+  end
+
+The result will be a message in your log file along the lines of:
+
+  Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1!
+
+More information on how to use the logger is at http://www.ruby-doc.org/core/
+
+Also, Ruby documentation can be found at http://www.ruby-lang.org/. There are
+several books available online as well:
+
+* Programming Ruby: http://www.ruby-doc.org/docs/ProgrammingRuby/ (Pickaxe)
+* Learn to Program: http://pine.fm/LearnToProgram/ (a beginners guide)
+
+These two books will bring you up to speed on the Ruby language and also on
+programming in general.
+
+
+== Debugger
+
+Debugger support is available through the debugger command when you start your
+Mongrel or WEBrick server with --debugger. This means that you can break out of
+execution at any point in the code, investigate and change the model, and then,
+resume execution! You need to install ruby-debug to run the server in debugging
+mode. With gems, use <tt>sudo gem install ruby-debug</tt>. Example:
+
+  class WeblogController < ActionController::Base
+    def index
+      @posts = Post.all
+      debugger
+    end
+  end
+
+So the controller will accept the action, run the first line, then present you
+with a IRB prompt in the server window. Here you can do things like:
+
+  >> @posts.inspect
+  => "[#<Post:0x14a6be8
+          @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>,
+       #<Post:0x14a6620
+          @attributes={"title"=>"Rails", "body"=>"Only ten..", "id"=>"2"}>]"
+  >> @posts.first.title = "hello from a debugger"
+  => "hello from a debugger"
+
+...and even better, you can examine how your runtime objects actually work:
+
+  >> f = @posts.first
+  => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
+  >> f.
+  Display all 152 possibilities? (y or n)
+
+Finally, when you're ready to resume execution, you can enter "cont".
+
+
+== Console
+
+The console is a Ruby shell, which allows you to interact with your
+application's domain model. Here you'll have all parts of the application
+configured, just like it is when the application is running. You can inspect
+domain models, change values, and save to the database. Starting the script
+without arguments will launch it in the development environment.
+
+To start the console, run <tt>rails console</tt> from the application
+directory.
+
+Options:
+
+* Passing the <tt>-s, --sandbox</tt> argument will rollback any modifications
+  made to the database.
+* Passing an environment name as an argument will load the corresponding
+  environment. Example: <tt>rails console production</tt>.
+
+To reload your controllers and models after launching the console run
+<tt>reload!</tt>
+
+More information about irb can be found at:
+link:http://www.rubycentral.org/pickaxe/irb.html
+
+
+== dbconsole
+
+You can go to the command line of your database directly through <tt>rails
+dbconsole</tt>. You would be connected to the database with the credentials
+defined in database.yml. Starting the script without arguments will connect you
+to the development database. Passing an argument will connect you to a different
+database, like <tt>rails dbconsole production</tt>. Currently works for MySQL,
+PostgreSQL and SQLite 3.
+
+== Description of Contents
+
+The default directory structure of a generated Ruby on Rails application:
+
+  |-- app
+  |   |-- assets
+  |   |   |-- images
+  |   |   |-- javascripts
+  |   |   `-- stylesheets
+  |   |-- controllers
+  |   |-- helpers
+  |   |-- mailers
+  |   |-- models
+  |   `-- views
+  |       `-- layouts
+  |-- config
+  |   |-- environments
+  |   |-- initializers
+  |   `-- locales
+  |-- db
+  |-- doc
+  |-- lib
+  |   |-- assets
+  |   `-- tasks
+  |-- log
+  |-- public
+  |-- script
+  |-- test
+  |   |-- fixtures
+  |   |-- functional
+  |   |-- integration
+  |   |-- performance
+  |   `-- unit
+  |-- tmp
+  |   `-- cache
+  |       `-- assets
+  `-- vendor
+      |-- assets
+      |   |-- javascripts
+      |   `-- stylesheets
+      `-- plugins
+
+app
+  Holds all the code that's specific to this particular application.
+
+app/assets
+  Contains subdirectories for images, stylesheets, and JavaScript files.
+
+app/controllers
+  Holds controllers that should be named like weblogs_controller.rb for
+  automated URL mapping. All controllers should descend from
+  ApplicationController which itself descends from ActionController::Base.
+
+app/models
+  Holds models that should be named like post.rb. Models descend from
+  ActiveRecord::Base by default.
+
+app/views
+  Holds the template files for the view that should be named like
+  weblogs/index.html.erb for the WeblogsController#index action. All views use
+  eRuby syntax by default.
+
+app/views/layouts
+  Holds the template files for layouts to be used with views. This models the
+  common header/footer method of wrapping views. In your views, define a layout
+  using the <tt>layout :default</tt> and create a file named default.html.erb.
+  Inside default.html.erb, call <% yield %> to render the view using this
+  layout.
+
+app/helpers
+  Holds view helpers that should be named like weblogs_helper.rb. These are
+  generated for you automatically when using generators for controllers.
+  Helpers can be used to wrap functionality for your views into methods.
+
+config
+  Configuration files for the Rails environment, the routing map, the database,
+  and other dependencies.
+
+db
+  Contains the database schema in schema.rb. db/migrate contains all the
+  sequence of Migrations for your schema.
+
+doc
+  This directory is where your application documentation will be stored when
+  generated using <tt>rake doc:app</tt>
+
+lib
+  Application specific libraries. Basically, any kind of custom code that
+  doesn't belong under controllers, models, or helpers. This directory is in
+  the load path.
+
+public
+  The directory available for the web server. Also contains the dispatchers and the
+  default HTML files. This should be set as the DOCUMENT_ROOT of your web
+  server.
+
+script
+  Helper scripts for automation and generation.
+
+test
+  Unit and functional tests along with fixtures. When using the rails generate
+  command, template test files will be generated for you and placed in this
+  directory.
+
+vendor
+  External libraries that the application depends on. Also includes the plugins
+  subdirectory. If the app has frozen rails, those gems also go here, under
+  vendor/rails/. This directory is in the load path.
diff --git a/spec/dummy/Rakefile b/spec/dummy/Rakefile
new file mode 100644
index 0000000..3645852
--- /dev/null
+++ b/spec/dummy/Rakefile
@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks
diff --git a/spec/dummy/app/assets/javascripts/application.js b/spec/dummy/app/assets/javascripts/application.js
new file mode 100644
index 0000000..9097d83
--- /dev/null
+++ b/spec/dummy/app/assets/javascripts/application.js
@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require jquery
+//= require jquery_ujs
+//= require_tree .
diff --git a/spec/dummy/app/assets/javascripts/home.js b/spec/dummy/app/assets/javascripts/home.js
new file mode 100644
index 0000000..dee720f
--- /dev/null
+++ b/spec/dummy/app/assets/javascripts/home.js
@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.
diff --git a/spec/dummy/app/assets/stylesheets/application.css b/spec/dummy/app/assets/stylesheets/application.css
new file mode 100644
index 0000000..3192ec8
--- /dev/null
+++ b/spec/dummy/app/assets/stylesheets/application.css
@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */
diff --git a/spec/dummy/app/assets/stylesheets/home.css b/spec/dummy/app/assets/stylesheets/home.css
new file mode 100644
index 0000000..afad32d
--- /dev/null
+++ b/spec/dummy/app/assets/stylesheets/home.css
@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/
diff --git a/spec/dummy/app/controllers/application_controller.rb b/spec/dummy/app/controllers/application_controller.rb
new file mode 100644
index 0000000..e8065d9
--- /dev/null
+++ b/spec/dummy/app/controllers/application_controller.rb
@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+end
diff --git a/spec/dummy/app/controllers/home_controller.rb b/spec/dummy/app/controllers/home_controller.rb
new file mode 100644
index 0000000..95f2992
--- /dev/null
+++ b/spec/dummy/app/controllers/home_controller.rb
@@ -0,0 +1,4 @@
+class HomeController < ApplicationController
+  def index
+  end
+end
diff --git a/spec/dummy/app/helpers/application_helper.rb b/spec/dummy/app/helpers/application_helper.rb
new file mode 100644
index 0000000..de6be79
--- /dev/null
+++ b/spec/dummy/app/helpers/application_helper.rb
@@ -0,0 +1,2 @@
+module ApplicationHelper
+end
diff --git a/spec/dummy/app/helpers/home_helper.rb b/spec/dummy/app/helpers/home_helper.rb
new file mode 100644
index 0000000..23de56a
--- /dev/null
+++ b/spec/dummy/app/helpers/home_helper.rb
@@ -0,0 +1,2 @@
+module HomeHelper
+end
diff --git a/spec/dummy/app/mailers/.gitkeep b/spec/dummy/app/mailers/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/spec/dummy/app/models/.gitkeep b/spec/dummy/app/models/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/spec/dummy/app/models/user.rb b/spec/dummy/app/models/user.rb
new file mode 100644
index 0000000..5378daf
--- /dev/null
+++ b/spec/dummy/app/models/user.rb
@@ -0,0 +1,10 @@
+class User < ActiveRecord::Base
+  # Include default devise modules. Others available are:
+  # :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+
+  # Setup accessible (or protected) attributes for your model
+  attr_accessible :email, :password, :password_confirmation, :remember_me
+  # attr_accessible :title, :body
+end
diff --git a/spec/dummy/app/views/home/index.html.erb b/spec/dummy/app/views/home/index.html.erb
new file mode 100644
index 0000000..2085730
--- /dev/null
+++ b/spec/dummy/app/views/home/index.html.erb
@@ -0,0 +1,2 @@
+<h1>Home#index</h1>
+<p>Find me in app/views/home/index.html.erb</p>
diff --git a/spec/dummy/app/views/layouts/application.html.erb b/spec/dummy/app/views/layouts/application.html.erb
new file mode 100644
index 0000000..7bc3a49
--- /dev/null
+++ b/spec/dummy/app/views/layouts/application.html.erb
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Dummy</title>
+    <%= stylesheet_link_tag    "application", :media => "all" %>
+    <%= javascript_include_tag "application" %>
+    <%= csrf_meta_tags %>
+  </head>
+  <body>
+    <p class="notice"><%= notice %></p>
+    <p class="alert"><%= alert %></p>
+    <%= yield %>
+  </body>
+</html>
diff --git a/spec/dummy/config.ru b/spec/dummy/config.ru
new file mode 100644
index 0000000..1989ed8
--- /dev/null
+++ b/spec/dummy/config.ru
@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Dummy::Application
diff --git a/spec/dummy/config/application.rb b/spec/dummy/config/application.rb
new file mode 100644
index 0000000..f633485
--- /dev/null
+++ b/spec/dummy/config/application.rb
@@ -0,0 +1,60 @@
+require File.expand_path('../boot', __FILE__)
+
+# Pick the frameworks you want:
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "sprockets/railtie"
+# require "rails/test_unit/railtie"
+
+Bundler.require(*Rails.groups)
+require "two_factor_authentication"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Custom directories with classes and modules you want to be autoloadable.
+    # config.autoload_paths += %W(#{config.root}/extras)
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = "utf-8"
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+
+    # Enable escaping HTML in JSON.
+    config.active_support.escape_html_entities_in_json = true
+
+    # Use SQL instead of Active Record's schema dumper when creating the database.
+    # This is necessary if your schema can't be completely dumped by the schema dumper,
+    # like if you have constraints or database-specific column types
+    # config.active_record.schema_format = :sql
+
+    # Enable the asset pipeline
+    config.assets.enabled = true
+
+    # Version of your assets, change this if you want to expire all your assets
+    config.assets.version = '1.0'
+
+    config.action_mailer.default_url_options = { host: 'localhost:3000' }
+  end
+end
+
diff --git a/spec/dummy/config/boot.rb b/spec/dummy/config/boot.rb
new file mode 100644
index 0000000..eba0681
--- /dev/null
+++ b/spec/dummy/config/boot.rb
@@ -0,0 +1,10 @@
+require 'rubygems'
+gemfile = File.expand_path('../../../../Gemfile', __FILE__)
+
+if File.exist?(gemfile)
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+  Bundler.setup
+end
+
+$:.unshift File.expand_path('../../../../lib', __FILE__)
\ No newline at end of file
diff --git a/spec/dummy/config/database.yml b/spec/dummy/config/database.yml
new file mode 100644
index 0000000..51a4dd4
--- /dev/null
+++ b/spec/dummy/config/database.yml
@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  adapter: sqlite3
+  database: db/test.sqlite3
+  pool: 5
+  timeout: 5000
+
+production:
+  adapter: sqlite3
+  database: db/production.sqlite3
+  pool: 5
+  timeout: 5000
diff --git a/spec/dummy/config/environment.rb b/spec/dummy/config/environment.rb
new file mode 100644
index 0000000..3da5eb9
--- /dev/null
+++ b/spec/dummy/config/environment.rb
@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Dummy::Application.initialize!
diff --git a/spec/dummy/config/environments/development.rb b/spec/dummy/config/environments/development.rb
new file mode 100644
index 0000000..677b4ff
--- /dev/null
+++ b/spec/dummy/config/environments/development.rb
@@ -0,0 +1,31 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+  config.eager_load = false
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger
+  config.active_support.deprecation = :log
+
+  # Only use best-standards-support built into browsers
+  config.action_dispatch.best_standards_support = :builtin
+
+  # Raise exception on mass assignment protection for Active Record models
+  config.active_record.mass_assignment_sanitizer = :strict
+
+  # Do not compress assets
+  config.assets.compress = false
+
+  # Expands the lines which load the assets
+  config.assets.debug = true
+end
diff --git a/spec/dummy/config/environments/production.rb b/spec/dummy/config/environments/production.rb
new file mode 100644
index 0000000..d674b16
--- /dev/null
+++ b/spec/dummy/config/environments/production.rb
@@ -0,0 +1,68 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # Code is not reloaded between requests
+  config.cache_classes = true
+  config.eager_load = false
+
+  # Full error reports are disabled and caching is turned on
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Disable Rails's static asset server (Apache or nginx will already do this)
+  config.serve_static_assets = false
+
+  # Compress JavaScripts and CSS
+  config.assets.compress = true
+
+  # Don't fallback to assets pipeline if a precompiled asset is missed
+  config.assets.compile = false
+
+  # Generate digests for assets URLs
+  config.assets.digest = true
+
+  # Defaults to nil and saved in location specified by config.assets.prefix
+  # config.assets.manifest = YOUR_PATH
+
+  # Specifies the header that your server uses for sending files
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # See everything in the log (default is :info)
+  # config.log_level = :debug
+
+  # Prepend all log lines with the following tags
+  # config.log_tags = [ :subdomain, :uuid ]
+
+  # Use a different logger for distributed setups
+  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+
+  # Use a different cache store in production
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
+  # config.assets.precompile += %w( search.js )
+
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable threaded mode
+  # config.threadsafe!
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation can not be found)
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners
+  config.active_support.deprecation = :notify
+
+  # Log the query plan for queries taking more than this (works
+  # with SQLite, MySQL, and PostgreSQL)
+  # config.active_record.auto_explain_threshold_in_seconds = 0.5
+end
diff --git a/spec/dummy/config/environments/test.rb b/spec/dummy/config/environments/test.rb
new file mode 100644
index 0000000..fc10177
--- /dev/null
+++ b/spec/dummy/config/environments/test.rb
@@ -0,0 +1,35 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+  config.eager_load = false
+
+  # Configure static asset server for tests with Cache-Control for performance
+  config.serve_static_assets = true
+  config.static_cache_control = "public, max-age=3600"
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection    = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Raise exception on mass assignment protection for Active Record models
+  config.active_record.mass_assignment_sanitizer = :strict
+
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+end
diff --git a/spec/dummy/config/initializers/backtrace_silencers.rb b/spec/dummy/config/initializers/backtrace_silencers.rb
new file mode 100644
index 0000000..59385cd
--- /dev/null
+++ b/spec/dummy/config/initializers/backtrace_silencers.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!
diff --git a/spec/dummy/config/initializers/devise.rb b/spec/dummy/config/initializers/devise.rb
new file mode 100644
index 0000000..3840c1b
--- /dev/null
+++ b/spec/dummy/config/initializers/devise.rb
@@ -0,0 +1,256 @@
+# Use this hook to configure devise mailer, warden hooks and so forth.
+# Many of these configuration options can be set straight in your model.
+Devise.setup do |config|
+  # The secret key used by Devise. Devise uses this key to generate
+  # random tokens. Changing this key will render invalid all existing
+  # confirmation, reset password and unlock tokens in the database.
+  config.secret_key = 'd13ac2811507a08f5af301635a806f4e438d053def28750d6ae77d8c9dd9470dc56df6cf1c40f9fcd8ce5730c2ce69097f7d5a78f6a303b31c5b8d8cbe907a3a'
+
+  # ==> Mailer Configuration
+  # Configure the e-mail address which will be shown in Devise::Mailer,
+  # note that it will be overwritten if you use your own mailer class
+  # with default "from" parameter.
+  config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
+
+  # Configure the class responsible to send e-mails.
+  # config.mailer = 'Devise::Mailer'
+
+  # ==> ORM configuration
+  # Load and configure the ORM. Supports :active_record (default) and
+  # :mongoid (bson_ext recommended) by default. Other ORMs may be
+  # available as additional gems.
+  require 'devise/orm/active_record'
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating a user. The default is
+  # just :email. You can configure it to use [:username, :subdomain], so for
+  # authenticating a user, both parameters are required. Remember that those
+  # parameters are used only when authenticating and not when retrieving from
+  # session. If you need permissions, you should implement that in a before filter.
+  # You can also supply a hash where the value is a boolean determining whether
+  # or not authentication should be aborted when the value is not present.
+  # config.authentication_keys = [ :email ]
+
+  # Configure parameters from the request object used for authentication. Each entry
+  # given should be a request method and it will automatically be passed to the
+  # find_for_authentication method and considered in your model lookup. For instance,
+  # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
+  # The same considerations mentioned for authentication_keys also apply to request_keys.
+  # config.request_keys = []
+
+  # Configure which authentication keys should be case-insensitive.
+  # These keys will be downcased upon creating or modifying a user and when used
+  # to authenticate or find a user. Default is :email.
+  config.case_insensitive_keys = [ :email ]
+
+  # Configure which authentication keys should have whitespace stripped.
+  # These keys will have whitespace before and after removed upon creating or
+  # modifying a user and when used to authenticate or find a user. Default is :email.
+  config.strip_whitespace_keys = [ :email ]
+
+  # Tell if authentication through request.params is enabled. True by default.
+  # It can be set to an array that will enable params authentication only for the
+  # given strategies, for example, `config.params_authenticatable = [:database]` will
+  # enable it only for database (email + password) authentication.
+  # config.params_authenticatable = true
+
+  # Tell if authentication through HTTP Auth is enabled. False by default.
+  # It can be set to an array that will enable http authentication only for the
+  # given strategies, for example, `config.http_authenticatable = [:database]` will
+  # enable it only for database authentication. The supported strategies are:
+  # :database      = Support basic authentication with authentication key + password
+  # config.http_authenticatable = false
+
+  # If http headers should be returned for AJAX requests. True by default.
+  # config.http_authenticatable_on_xhr = true
+
+  # The realm used in Http Basic Authentication. 'Application' by default.
+  # config.http_authentication_realm = 'Application'
+
+  # It will change confirmation, password recovery and other workflows
+  # to behave the same regardless if the e-mail provided was right or wrong.
+  # Does not affect registerable.
+  # config.paranoid = true
+
+  # By default Devise will store the user in session. You can skip storage for
+  # particular strategies by setting this option.
+  # Notice that if you are skipping storage for all authentication paths, you
+  # may want to disable generating routes to Devise's sessions controller by
+  # passing skip: :sessions to `devise_for` in your config/routes.rb
+  config.skip_session_storage = [:http_auth]
+
+  # By default, Devise cleans up the CSRF token on authentication to
+  # avoid CSRF token fixation attacks. This means that, when using AJAX
+  # requests for sign in and sign up, you need to get a new CSRF token
+  # from the server. You can disable this option at your own risk.
+  # config.clean_up_csrf_token_on_authentication = true
+
+  # ==> Configuration for :database_authenticatable
+  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
+  # using other encryptors, it sets how many times you want the password re-encrypted.
+  #
+  # Limiting the stretches to just one in testing will increase the performance of
+  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
+  # a value less than 10 in other environments. Note that, for bcrypt (the default
+  # encryptor), the cost increases exponentially with the number of stretches (e.g.
+  # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
+  config.stretches = Rails.env.test? ? 1 : 10
+
+  # Setup a pepper to generate the encrypted password.
+  # config.pepper = '4ee5a40e29eaa2141d0d30fe4dbec3e5f11386452c42f4f2e8e159092b839ae4edac028709d4c604c16354a4dab5f70a88bda9d1bb6258bf01b9c3915df472c5'
+
+  # ==> Configuration for :confirmable
+  # A period that the user is allowed to access the website even without
+  # confirming their account. For instance, if set to 2.days, the user will be
+  # able to access the website for two days without confirming their account,
+  # access will be blocked just in the third day. Default is 0.days, meaning
+  # the user cannot access the website without confirming their account.
+  # config.allow_unconfirmed_access_for = 2.days
+
+  # A period that the user is allowed to confirm their account before their
+  # token becomes invalid. For example, if set to 3.days, the user can confirm
+  # their account within 3 days after the mail was sent, but on the fourth day
+  # their account can't be confirmed with the token any more.
+  # Default is nil, meaning there is no restriction on how long a user can take
+  # before confirming their account.
+  # config.confirm_within = 3.days
+
+  # If true, requires any email changes to be confirmed (exactly the same way as
+  # initial account confirmation) to be applied. Requires additional unconfirmed_email
+  # db field (see migrations). Until confirmed, new email is stored in
+  # unconfirmed_email column, and copied to email column on successful confirmation.
+  config.reconfirmable = true
+
+  # Defines which key will be used when confirming an account
+  # config.confirmation_keys = [ :email ]
+
+  # ==> Configuration for :rememberable
+  # The time the user will be remembered without asking for credentials again.
+  # config.remember_for = 2.weeks
+
+  # If true, extends the user's remember period when remembered via cookie.
+  # config.extend_remember_period = false
+
+  # Options to be passed to the created cookie. For instance, you can set
+  # secure: true in order to force SSL only cookies.
+  # config.rememberable_options = {}
+
+  # ==> Configuration for :validatable
+  # Range for password length.
+  config.password_length = 8..128
+
+  # Email regex used to validate email formats. It simply asserts that
+  # one (and only one) @ exists in the given string. This is mainly
+  # to give user feedback and not to assert the e-mail validity.
+  # config.email_regexp = /\A[^@]+@[^@]+\z/
+
+  # ==> Configuration for :timeoutable
+  # The time you want to timeout the user session without activity. After this
+  # time the user will be asked for credentials again. Default is 30 minutes.
+  # config.timeout_in = 30.minutes
+
+  # If true, expires auth token on session timeout.
+  # config.expire_auth_token_on_timeout = false
+
+  # ==> Configuration for :lockable
+  # Defines which strategy will be used to lock an account.
+  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
+  # :none            = No lock strategy. You should handle locking by yourself.
+  # config.lock_strategy = :failed_attempts
+
+  # Defines which key will be used when locking and unlocking an account
+  # config.unlock_keys = [ :email ]
+
+  # Defines which strategy will be used to unlock an account.
+  # :email = Sends an unlock link to the user email
+  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
+  # :both  = Enables both strategies
+  # :none  = No unlock strategy. You should handle unlocking by yourself.
+  # config.unlock_strategy = :both
+
+  # Number of authentication tries before locking an account if lock_strategy
+  # is failed attempts.
+  # config.maximum_attempts = 20
+
+  # Time interval to unlock the account if :time is enabled as unlock_strategy.
+  # config.unlock_in = 1.hour
+
+  # Warn on the last attempt before the account is locked.
+  # config.last_attempt_warning = false
+
+  # ==> Configuration for :recoverable
+  #
+  # Defines which key will be used when recovering the password for an account
+  # config.reset_password_keys = [ :email ]
+
+  # Time interval you can reset your password with a reset password key.
+  # Don't put a too small interval or your users won't have the time to
+  # change their passwords.
+  config.reset_password_within = 6.hours
+
+  # ==> Configuration for :encryptable
+  # Allow you to use another encryption algorithm besides bcrypt (default). You can use
+  # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
+  # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
+  # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
+  # REST_AUTH_SITE_KEY to pepper).
+  #
+  # Require the `devise-encryptable` gem when using anything other than bcrypt
+  # config.encryptor = :sha512
+
+  # ==> Scopes configuration
+  # Turn scoped views on. Before rendering "sessions/new", it will first check for
+  # "users/sessions/new". It's turned off by default because it's slower if you
+  # are using only default views.
+  # config.scoped_views = false
+
+  # Configure the default scope given to Warden. By default it's the first
+  # devise role declared in your routes (usually :user).
+  # config.default_scope = :user
+
+  # Set this configuration to false if you want /users/sign_out to sign out
+  # only the current scope. By default, Devise signs out all scopes.
+  # config.sign_out_all_scopes = true
+
+  # ==> Navigation configuration
+  # Lists the formats that should be treated as navigational. Formats like
+  # :html, should redirect to the sign in page when the user does not have
+  # access, but formats like :xml or :json, should return 401.
+  #
+  # If you have any extra navigational formats, like :iphone or :mobile, you
+  # should add them to the navigational formats lists.
+  #
+  # The "*/*" below is required to match Internet Explorer requests.
+  # config.navigational_formats = ['*/*', :html]
+
+  # The default HTTP method used to sign out a resource. Default is :delete.
+  config.sign_out_via = :delete
+
+  # ==> OmniAuth
+  # Add a new OmniAuth provider. Check the wiki for more information on setting
+  # up on your models and hooks.
+  # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+
+  # ==> Warden configuration
+  # If you want to use other strategies, that are not supported by Devise, or
+  # change the failure app, you can configure them inside the config.warden block.
+  #
+  # config.warden do |manager|
+  #   manager.intercept_401 = false
+  #   manager.default_strategies(scope: :user).unshift :some_external_strategy
+  # end
+
+  # ==> Mountable engine configurations
+  # When using Devise inside an engine, let's call it `MyEngine`, and this engine
+  # is mountable, there are some extra configurations to be taken into account.
+  # The following options are available, assuming the engine is mounted as:
+  #
+  #     mount MyEngine, at: '/my_engine'
+  #
+  # The router that invoked `devise_for`, in the example above, would be:
+  # config.router_name = :my_engine
+  #
+  # When using omniauth, Devise cannot automatically set Omniauth path,
+  # so you need to do it manually. For the users scope, it would be:
+  # config.omniauth_path_prefix = '/my_engine/users/auth'
+end
diff --git a/spec/dummy/config/initializers/inflections.rb b/spec/dummy/config/initializers/inflections.rb
new file mode 100644
index 0000000..5d8d9be
--- /dev/null
+++ b/spec/dummy/config/initializers/inflections.rb
@@ -0,0 +1,15 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
+#
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.acronym 'RESTful'
+# end
diff --git a/spec/dummy/config/initializers/mime_types.rb b/spec/dummy/config/initializers/mime_types.rb
new file mode 100644
index 0000000..72aca7e
--- /dev/null
+++ b/spec/dummy/config/initializers/mime_types.rb
@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone
diff --git a/spec/dummy/config/initializers/secret_token.rb b/spec/dummy/config/initializers/secret_token.rb
new file mode 100644
index 0000000..7aae2df
--- /dev/null
+++ b/spec/dummy/config/initializers/secret_token.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Dummy::Application.config.secret_token = 'e75d8cdfc7c99757a5d4b427bde4b4b1072eb169c022cdbb038bdbcefb3901ef60ac912b6fb14260db099156520b9cc8838e4bf8e209b7246fad891950825032'
diff --git a/spec/dummy/config/initializers/session_store.rb b/spec/dummy/config/initializers/session_store.rb
new file mode 100644
index 0000000..952473f
--- /dev/null
+++ b/spec/dummy/config/initializers/session_store.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+Dummy::Application.config.session_store :cookie_store, key: '_dummy_session'
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rails generate session_migration")
+# Dummy::Application.config.session_store :active_record_store
diff --git a/spec/dummy/config/initializers/wrap_parameters.rb b/spec/dummy/config/initializers/wrap_parameters.rb
new file mode 100644
index 0000000..999df20
--- /dev/null
+++ b/spec/dummy/config/initializers/wrap_parameters.rb
@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters format: [:json]
+end
+
+# Disable root element in JSON by default.
+ActiveSupport.on_load(:active_record) do
+  self.include_root_in_json = false
+end
diff --git a/spec/dummy/config/locales/devise.en.yml b/spec/dummy/config/locales/devise.en.yml
new file mode 100644
index 0000000..abccdb0
--- /dev/null
+++ b/spec/dummy/config/locales/devise.en.yml
@@ -0,0 +1,59 @@
+# Additional translations at https://github.com/plataformatec/devise/wiki/I18n
+
+en:
+  devise:
+    confirmations:
+      confirmed: "Your account was successfully confirmed."
+      send_instructions: "You will receive an email with instructions about how to confirm your account in a few minutes."
+      send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions about how to confirm your account in a few minutes."
+    failure:
+      already_authenticated: "You are already signed in."
+      inactive: "Your account is not activated yet."
+      invalid: "Invalid email or password."
+      locked: "Your account is locked."
+      last_attempt: "You have one more attempt before your account will be locked."
+      not_found_in_database: "Invalid email or password."
+      timeout: "Your session expired. Please sign in again to continue."
+      unauthenticated: "You need to sign in or sign up before continuing."
+      unconfirmed: "You have to confirm your account before continuing."
+    mailer:
+      confirmation_instructions:
+        subject: "Confirmation instructions"
+      reset_password_instructions:
+        subject: "Reset password instructions"
+      unlock_instructions:
+        subject: "Unlock Instructions"
+    omniauth_callbacks:
+      failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
+      success: "Successfully authenticated from %{kind} account."
+    passwords:
+      no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
+      send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
+      send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
+      updated: "Your password was changed successfully. You are now signed in."
+      updated_not_active: "Your password was changed successfully."
+    registrations:
+      destroyed: "Bye! Your account was successfully cancelled. We hope to see you again soon."
+      signed_up: "Welcome! You have signed up successfully."
+      signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
+      signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
+      signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please open the link to activate your account."
+      update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and click on the confirm link to finalize confirming your new email address."
+      updated: "You updated your account successfully."
+    sessions:
+      signed_in: "Signed in successfully."
+      signed_out: "Signed out successfully."
+    unlocks:
+      send_instructions: "You will receive an email with instructions about how to unlock your account in a few minutes."
+      send_paranoid_instructions: "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
+      unlocked: "Your account has been unlocked successfully. Please sign in to continue."
+  errors:
+    messages:
+      already_confirmed: "was already confirmed, please try signing in"
+      confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
+      expired: "has expired, please request a new one"
+      not_found: "not found"
+      not_locked: "was not locked"
+      not_saved:
+        one: "1 error prohibited this %{resource} from being saved:"
+        other: "%{count} errors prohibited this %{resource} from being saved:"
diff --git a/spec/dummy/config/locales/en.yml b/spec/dummy/config/locales/en.yml
new file mode 100644
index 0000000..179c14c
--- /dev/null
+++ b/spec/dummy/config/locales/en.yml
@@ -0,0 +1,5 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+  hello: "Hello world"
diff --git a/spec/dummy/config/routes.rb b/spec/dummy/config/routes.rb
new file mode 100644
index 0000000..4563c92
--- /dev/null
+++ b/spec/dummy/config/routes.rb
@@ -0,0 +1,62 @@
+Dummy::Application.routes.draw do
+  root to: "home#index"
+
+  devise_for :users
+
+  # The priority is based upon order of creation:
+  # first created -> highest priority.
+
+  # Sample of regular route:
+  #   match 'products/:id' => 'catalog#view'
+  # Keep in mind you can assign values other than :controller and :action
+
+  # Sample of named route:
+  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
+  # This route can be invoked with purchase_url(:id => product.id)
+
+  # Sample resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Sample resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Sample resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Sample resource route with more complex sub-resources
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', :on => :collection
+  #     end
+  #   end
+
+  # Sample resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+
+  # You can have the root of your site routed with "root"
+  # just remember to delete public/index.html.
+  # root :to => 'welcome#index'
+
+  # See how all your routes lay out with "rake routes"
+
+  # This is a legacy wild controller route that's not recommended for RESTful applications.
+  # Note: This route will make all actions in every controller accessible via GET requests.
+  # match ':controller(/:action(/:id))(.:format)'
+end
diff --git a/spec/dummy/db/development.sqlite3 b/spec/dummy/db/development.sqlite3
new file mode 100644
index 0000000000000000000000000000000000000000..5123ac76e1ea136d63142ebf8ad27fa67d617646
GIT binary patch
literal 28672
zcmeI&(Qnc~90%}rY&1H|HedRBX-u|eGh-V}Ura<-7b1g=LE@g8uAHn94!D-7Plm+A
zC;tT>{L}mcjDLc^cED&?bkF45P-uJiySv}#j)x1JpH;kov-dsObpm#vtShRjyktyK
zlnk93os(mQE|w=Z^r_BV&%4YhPk%jmM5Wo)pUT?zwM_0$?nmw!-Qa)#1Rwwb2tWV=
z5P$##QUpeivzmUctD|F2wD_m!%^vz(`gTv)lKVWc`;PB_?8%lL^geJA6>6{RR;gjJ
zX0?3Qv{<=%WW8g?J)#X(t1=^M!(dxRS_g*7S2VpyV_Hoc6Yn}+Cu$&jpFu>`6TRL%
zGf$VZ`u4VZ5jd9}?hiV&Rk3|O7;@nzZ&$`$HA=547E9FK5>A)zP^9^FJ)`Nmu73Lx
zwHb{vdRvag-{$YN48m(z$5x%4*2^cQ`UQJyU9eKKQ7cy|=)|fvShYrHvr^e%#yFj8
zN4i&z+}bY|O?G6xDK#q%wz(OrDO~xvAMn<6{tR}Hu+$le1=1)Im3%G&+X)QTasnQB
zgb`Nh^6n*<wktV3Z6(WnuPtm(*luqqDAE%FZ*w`#B|n>rJCri)ViJ?+s^j=`%aWm9
zKdwL{jfJO_rzJ2ux?w*|JD%XQ+#G33n*L%}9qmSoc_=(uV7BjG(M;N1uPvRx>k0qP
zgG}n;o)><z!0$8?e#NfoyG%V8=0Mf-T^h*7&3gau2$te&_MeT%7RYV#;oe+b`>oIm
z2LvDh0SG_<0uX=z1Rwwb2tWV=3n8$sE}8rJy+Xc_KiGR-I4m4Kq`a{IUx>*?5)gm@
z1Rwwb2tWV=5P$##AOL}}z(&S=5a0iYzyH&p{&7G60uX=z1Rwwb2tWV=5P$##Ah5s!
z*#9r^<RUc)KmY;|fB*y_009U<00Izzz*r#s|37~J$8vxG1Rwwb2tWV=5P$##AOHaf
iEVcml|BF4p$PNM!fB*y_009U<00Izz00bZq3j76ZwvM;}

literal 0
HcmV?d00001

diff --git a/spec/dummy/db/migrate/20140403184646_devise_create_users.rb b/spec/dummy/db/migrate/20140403184646_devise_create_users.rb
new file mode 100644
index 0000000..cf497c2
--- /dev/null
+++ b/spec/dummy/db/migrate/20140403184646_devise_create_users.rb
@@ -0,0 +1,42 @@
+class DeviseCreateUsers < ActiveRecord::Migration
+  def change
+    create_table(:users) do |t|
+      ## Database authenticatable
+      t.string :email,              null: false, default: ""
+      t.string :encrypted_password, null: false, default: ""
+
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+
+      ## Rememberable
+      t.datetime :remember_created_at
+
+      ## Trackable
+      t.integer  :sign_in_count, default: 0, null: false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string   :current_sign_in_ip
+      t.string   :last_sign_in_ip
+
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+
+      ## Lockable
+      # t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+
+
+      t.timestamps
+    end
+
+    add_index :users, :email,                unique: true
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,         unique: true
+  end
+end
diff --git a/spec/dummy/db/schema.rb b/spec/dummy/db/schema.rb
new file mode 100644
index 0000000..f70f406
--- /dev/null
+++ b/spec/dummy/db/schema.rb
@@ -0,0 +1,34 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20140403184646) do
+
+  create_table "users", :force => true do |t|
+    t.string   "email",                  :default => "", :null => false
+    t.string   "encrypted_password",     :default => "", :null => false
+    t.string   "reset_password_token"
+    t.datetime "reset_password_sent_at"
+    t.datetime "remember_created_at"
+    t.integer  "sign_in_count",          :default => 0,  :null => false
+    t.datetime "current_sign_in_at"
+    t.datetime "last_sign_in_at"
+    t.string   "current_sign_in_ip"
+    t.string   "last_sign_in_ip"
+    t.datetime "created_at",                             :null => false
+    t.datetime "updated_at",                             :null => false
+  end
+
+  add_index "users", ["email"], :name => "index_users_on_email", :unique => true
+  add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true
+
+end
diff --git a/spec/dummy/db/test.sqlite3 b/spec/dummy/db/test.sqlite3
new file mode 100644
index 0000000000000000000000000000000000000000..675301fb22efa53810414e99bea23fc7d324d334
GIT binary patch
literal 28672
zcmeI&%Wm306b4|Mo7E<$q#JKXR;6Ht3X(w7O{LPtjZle62uNjRIc7?%!T@8FwyO%M
zQXis=N`18M+h^$5T!g`>S)<?LVteMyob!!0Be=P)yFMi!hJ0ZA<W$N@vMjwKM3SV8
zcq`()IMU)IwYU)9^2+(P(~R`|_p_{M&FuY>vVXEavgQ4s`vq}<0|F3$00bZa0SG_<
z0uYE1m?{}XeOZ*JMVEEy=LvJi6KZ+R9Ua)#!0mC{cZbZ|xS_mh8r7CT+Gg##ZIGII
zZoDVjws4I!OrmWJqLI9IPq`;%(DZRyQHvsx1K+;w(~Z6xH!|}KTGiKe<3EFwdz(9V
zHqW0_DmpP6En>Fob$$9YrKmTmJiQ2u4?nDlCo-~z%;MCezBRHv@6(WXEr0ltvam57
zTl)i|XAI#OLFsW5XgW<QYDMI<7nhS*6}KM_ka|cGVfVFJXZQ50L`FS2k~=f)abN7y
zERTxCXAbqEm&u6qT4SEs16mM~`nQ~{sH!S|{~C@NW*L4YBJtX?ez&WM2d8CR7)^53
ztX)={9rDiTkZQZtsF@<@(lEtJ%~z{Hw0Sv^#XL9OR@?O!IXsN?WDfr_@@aRuep>Vy
zh!2Zhkw~D(Vy%-$nQz&?M!L37eOF)vT?TY;OS$E6D(-gI+da3(ESFi%aKc2S%Y53S
zoGg+mt(M|UI1i>+#H>x#x4o@x>!I!_svt6rgvYeU6|kD!WE7MgEpXYc2YYj|>Bj*9
z2tWV=5P$##AOHafKmY;|fWQt5VE@0vi;L1A009U<00Izz00bZa0SG_<0&{`K!8d;Y
z$MXOI2tWV=5P$##AOHafKmY;|*l7Xm|95(MQ5*yy009U<00Izz00bZa0SG`K6bSzR
zFF*M!i5CtCKmY;|fB*y_009U<00Izz00eeIASWmElhSdyR4$z!zbK!T&w}6ovH#zR
i#YGVifB*y_009U<00Izz00bZafw{mzQhyZP|NjFFwvO!p

literal 0
HcmV?d00001

diff --git a/spec/dummy/lib/assets/.gitkeep b/spec/dummy/lib/assets/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/spec/dummy/log/.gitkeep b/spec/dummy/log/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/spec/dummy/log/development.log b/spec/dummy/log/development.log
new file mode 100644
index 0000000..feed15b
--- /dev/null
+++ b/spec/dummy/log/development.log
@@ -0,0 +1,31 @@
+Connecting to database specified by database.yml
+Connecting to database specified by database.yml
+Connecting to database specified by database.yml
+Connecting to database specified by database.yml
+Connecting to database specified by database.yml
+Connecting to database specified by database.yml
+   (0.1ms)  select sqlite_version(*)
+   (1.7ms)  CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL) 
+   (1.6ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
+   (1.2ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
+Connecting to database specified by database.yml
+   (1.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
+Migrating to DeviseCreateUsers (20140403184646)
+   (0.0ms)  select sqlite_version(*)
+   (0.0ms)  begin transaction
+   (0.5ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar(255) DEFAULT '' NOT NULL, "encrypted_password" varchar(255) DEFAULT '' NOT NULL, "reset_password_token" varchar(255), "reset_password_sent_at" datetime, "remember_created_at" datetime, "sign_in_count" integer DEFAULT 0 NOT NULL, "current_sign_in_at" datetime, "last_sign_in_at" datetime, "current_sign_in_ip" varchar(255), "last_sign_in_ip" varchar(255), "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
+   (0.3ms)  CREATE UNIQUE INDEX "index_users_on_email" ON "users" ("email")
+   (0.1ms)  CREATE UNIQUE INDEX "index_users_on_reset_password_token" ON "users" ("reset_password_token")
+   (0.1ms)  INSERT INTO "schema_migrations" ("version") VALUES ('20140403184646')
+   (1.5ms)  commit transaction
+   (0.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
+Connecting to database specified by database.yml
+   (1.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
+   (0.2ms)  select sqlite_version(*)
+   (3.5ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar(255) DEFAULT '' NOT NULL, "encrypted_password" varchar(255) DEFAULT '' NOT NULL, "reset_password_token" varchar(255), "reset_password_sent_at" datetime, "remember_created_at" datetime, "sign_in_count" integer DEFAULT 0 NOT NULL, "current_sign_in_at" datetime, "last_sign_in_at" datetime, "current_sign_in_ip" varchar(255), "last_sign_in_ip" varchar(255), "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
+   (2.1ms)  CREATE UNIQUE INDEX "index_users_on_email" ON "users" ("email")
+   (1.6ms)  CREATE UNIQUE INDEX "index_users_on_reset_password_token" ON "users" ("reset_password_token")
+   (1.3ms)  CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL) 
+   (1.0ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
+   (0.1ms)  SELECT version FROM "schema_migrations"
+   (1.4ms)  INSERT INTO "schema_migrations" (version) VALUES ('20140403184646')
diff --git a/spec/dummy/log/test.log b/spec/dummy/log/test.log
new file mode 100644
index 0000000..bbf63d5
--- /dev/null
+++ b/spec/dummy/log/test.log
@@ -0,0 +1,2 @@
+Connecting to database specified by database.yml
+Connecting to database specified by database.yml
diff --git a/spec/dummy/public/404.html b/spec/dummy/public/404.html
new file mode 100644
index 0000000..9a48320
--- /dev/null
+++ b/spec/dummy/public/404.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+</body>
+</html>
diff --git a/spec/dummy/public/422.html b/spec/dummy/public/422.html
new file mode 100644
index 0000000..83660ab
--- /dev/null
+++ b/spec/dummy/public/422.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+</body>
+</html>
diff --git a/spec/dummy/public/500.html b/spec/dummy/public/500.html
new file mode 100644
index 0000000..f3648a0
--- /dev/null
+++ b/spec/dummy/public/500.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+  </div>
+</body>
+</html>
diff --git a/spec/dummy/public/favicon.ico b/spec/dummy/public/favicon.ico
new file mode 100644
index 0000000..e69de29
diff --git a/spec/dummy/script/rails b/spec/dummy/script/rails
new file mode 100755
index 0000000..f8da2cf
--- /dev/null
+++ b/spec/dummy/script/rails
@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

From cc12f171e6f8621a56b3dd6970652f1cda014749 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Thu, 3 Apr 2014 14:53:58 -0400
Subject: [PATCH 02/19] scope to rails 3

---
 Gemfile                           | 6 ++++++
 two_factor_authentication.gemspec | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 0c560a1..7bdd1a5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,3 +2,9 @@ source "http://rubygems.org"
 
 # Specify your gem's dependencies in devise_ip_filter.gemspec
 gemspec
+
+gem 'rails', '~> 3.2'
+
+group :test do
+  gem "sqlite3"
+end
diff --git a/two_factor_authentication.gemspec b/two_factor_authentication.gemspec
index 60955a8..6d3225d 100644
--- a/two_factor_authentication.gemspec
+++ b/two_factor_authentication.gemspec
@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  s.add_development_dependency "rspec"
+  s.add_development_dependency "rspec-rails"
   s.add_runtime_dependency 'rails', '>= 3.1.1'
   s.add_runtime_dependency 'devise'
   s.add_runtime_dependency 'randexp'

From 4c4f978d2e45fa545c13acb42a53518a314429f5 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Thu, 3 Apr 2014 14:54:23 -0400
Subject: [PATCH 03/19] Load dummy environment in specs and dummy tasks in
 Rakefile

---
 Rakefile            | 8 ++++++++
 spec/spec_helper.rb | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/Rakefile b/Rakefile
index 2995527..f09aec6 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1 +1,9 @@
 require "bundler/gem_tasks"
+
+APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+desc "Run all specs in spec directory (excluding plugin specs)"
+RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
+
+task :default => :spec
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 05ae4d4..3c943c8 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,5 +1,5 @@
-require "rubygems"
-require "bundler/setup"
+ENV["RAILS_ENV"] ||= "test"
+require File.expand_path("../dummy/config/environment.rb",  __FILE__)
 
 require 'two_factor_authentication'
 

From eb392309d3bbe754884ef1902fc538888f5d2943 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 13:32:09 -0400
Subject: [PATCH 04/19] remove log and sqlite3 dummy app files from git

---
 .gitignore                        |   2 ++
 spec/dummy/db/development.sqlite3 | Bin 28672 -> 0 bytes
 spec/dummy/log/development.log    |  31 ------------------------------
 spec/dummy/log/test.log           |   2 --
 4 files changed, 2 insertions(+), 33 deletions(-)
 delete mode 100644 spec/dummy/db/development.sqlite3
 delete mode 100644 spec/dummy/log/development.log
 delete mode 100644 spec/dummy/log/test.log

diff --git a/.gitignore b/.gitignore
index ec16439..313b296 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,3 +19,5 @@ capybara-*.html
 dump.rdb
 *.ids
 .rbenv-version
+*/**/log/*
+*/**/*.sqlite3
diff --git a/spec/dummy/db/development.sqlite3 b/spec/dummy/db/development.sqlite3
deleted file mode 100644
index 5123ac76e1ea136d63142ebf8ad27fa67d617646..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 28672
zcmeI&(Qnc~90%}rY&1H|HedRBX-u|eGh-V}Ura<-7b1g=LE@g8uAHn94!D-7Plm+A
zC;tT>{L}mcjDLc^cED&?bkF45P-uJiySv}#j)x1JpH;kov-dsObpm#vtShRjyktyK
zlnk93os(mQE|w=Z^r_BV&%4YhPk%jmM5Wo)pUT?zwM_0$?nmw!-Qa)#1Rwwb2tWV=
z5P$##QUpeivzmUctD|F2wD_m!%^vz(`gTv)lKVWc`;PB_?8%lL^geJA6>6{RR;gjJ
zX0?3Qv{<=%WW8g?J)#X(t1=^M!(dxRS_g*7S2VpyV_Hoc6Yn}+Cu$&jpFu>`6TRL%
zGf$VZ`u4VZ5jd9}?hiV&Rk3|O7;@nzZ&$`$HA=547E9FK5>A)zP^9^FJ)`Nmu73Lx
zwHb{vdRvag-{$YN48m(z$5x%4*2^cQ`UQJyU9eKKQ7cy|=)|fvShYrHvr^e%#yFj8
zN4i&z+}bY|O?G6xDK#q%wz(OrDO~xvAMn<6{tR}Hu+$le1=1)Im3%G&+X)QTasnQB
zgb`Nh^6n*<wktV3Z6(WnuPtm(*luqqDAE%FZ*w`#B|n>rJCri)ViJ?+s^j=`%aWm9
zKdwL{jfJO_rzJ2ux?w*|JD%XQ+#G33n*L%}9qmSoc_=(uV7BjG(M;N1uPvRx>k0qP
zgG}n;o)><z!0$8?e#NfoyG%V8=0Mf-T^h*7&3gau2$te&_MeT%7RYV#;oe+b`>oIm
z2LvDh0SG_<0uX=z1Rwwb2tWV=3n8$sE}8rJy+Xc_KiGR-I4m4Kq`a{IUx>*?5)gm@
z1Rwwb2tWV=5P$##AOL}}z(&S=5a0iYzyH&p{&7G60uX=z1Rwwb2tWV=5P$##Ah5s!
z*#9r^<RUc)KmY;|fB*y_009U<00Izzz*r#s|37~J$8vxG1Rwwb2tWV=5P$##AOHaf
iEVcml|BF4p$PNM!fB*y_009U<00Izz00bZq3j76ZwvM;}

diff --git a/spec/dummy/log/development.log b/spec/dummy/log/development.log
deleted file mode 100644
index feed15b..0000000
--- a/spec/dummy/log/development.log
+++ /dev/null
@@ -1,31 +0,0 @@
-Connecting to database specified by database.yml
-Connecting to database specified by database.yml
-Connecting to database specified by database.yml
-Connecting to database specified by database.yml
-Connecting to database specified by database.yml
-Connecting to database specified by database.yml
-   (0.1ms)  select sqlite_version(*)
-   (1.7ms)  CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL) 
-   (1.6ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
-   (1.2ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
-Connecting to database specified by database.yml
-   (1.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
-Migrating to DeviseCreateUsers (20140403184646)
-   (0.0ms)  select sqlite_version(*)
-   (0.0ms)  begin transaction
-   (0.5ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar(255) DEFAULT '' NOT NULL, "encrypted_password" varchar(255) DEFAULT '' NOT NULL, "reset_password_token" varchar(255), "reset_password_sent_at" datetime, "remember_created_at" datetime, "sign_in_count" integer DEFAULT 0 NOT NULL, "current_sign_in_at" datetime, "last_sign_in_at" datetime, "current_sign_in_ip" varchar(255), "last_sign_in_ip" varchar(255), "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
-   (0.3ms)  CREATE UNIQUE INDEX "index_users_on_email" ON "users" ("email")
-   (0.1ms)  CREATE UNIQUE INDEX "index_users_on_reset_password_token" ON "users" ("reset_password_token")
-   (0.1ms)  INSERT INTO "schema_migrations" ("version") VALUES ('20140403184646')
-   (1.5ms)  commit transaction
-   (0.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
-Connecting to database specified by database.yml
-   (1.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" 
-   (0.2ms)  select sqlite_version(*)
-   (3.5ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar(255) DEFAULT '' NOT NULL, "encrypted_password" varchar(255) DEFAULT '' NOT NULL, "reset_password_token" varchar(255), "reset_password_sent_at" datetime, "remember_created_at" datetime, "sign_in_count" integer DEFAULT 0 NOT NULL, "current_sign_in_at" datetime, "last_sign_in_at" datetime, "current_sign_in_ip" varchar(255), "last_sign_in_ip" varchar(255), "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
-   (2.1ms)  CREATE UNIQUE INDEX "index_users_on_email" ON "users" ("email")
-   (1.6ms)  CREATE UNIQUE INDEX "index_users_on_reset_password_token" ON "users" ("reset_password_token")
-   (1.3ms)  CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL) 
-   (1.0ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
-   (0.1ms)  SELECT version FROM "schema_migrations"
-   (1.4ms)  INSERT INTO "schema_migrations" (version) VALUES ('20140403184646')
diff --git a/spec/dummy/log/test.log b/spec/dummy/log/test.log
deleted file mode 100644
index bbf63d5..0000000
--- a/spec/dummy/log/test.log
+++ /dev/null
@@ -1,2 +0,0 @@
-Connecting to database specified by database.yml
-Connecting to database specified by database.yml

From 5c000fe605e446f0aa6b2da419764eb2eca73f37 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 13:32:43 -0400
Subject: [PATCH 05/19] ability to specify rails version on command line

---
 Gemfile | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 7bdd1a5..c1e7728 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,7 +3,18 @@ source "http://rubygems.org"
 # Specify your gem's dependencies in devise_ip_filter.gemspec
 gemspec
 
-gem 'rails', '~> 3.2'
+rails_version = ENV["RAILS_VERSION"] || "default"
+
+rails = case rails_version
+        when "master"
+          {github: "rails/rails"}
+        when "default"
+          "~> 3.2"
+        else
+          "~> #{rails_version}"
+        end
+
+gem "rails", rails
 
 group :test do
   gem "sqlite3"

From 269f4df246a5868f6a73c8a42dd3771a7e153593 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 13:33:03 -0400
Subject: [PATCH 06/19] install two_factor_authentication in dummy app User

---
 spec/dummy/app/models/user.rb                     |  5 +++--
 ...2619_two_factor_authentication_add_to_users.rb | 15 +++++++++++++++
 spec/dummy/db/schema.rb                           | 15 +++++++++------
 3 files changed, 27 insertions(+), 8 deletions(-)
 create mode 100644 spec/dummy/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb

diff --git a/spec/dummy/app/models/user.rb b/spec/dummy/app/models/user.rb
index 5378daf..d61264f 100644
--- a/spec/dummy/app/models/user.rb
+++ b/spec/dummy/app/models/user.rb
@@ -1,8 +1,9 @@
 class User < ActiveRecord::Base
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable, :registerable,
-         :recoverable, :rememberable, :trackable, :validatable
+  devise :two_factor_authenticatable, :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable,
+         :two_factor_authenticatable
 
   # Setup accessible (or protected) attributes for your model
   attr_accessible :email, :password, :password_confirmation, :remember_me
diff --git a/spec/dummy/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb b/spec/dummy/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
new file mode 100644
index 0000000..5720bb8
--- /dev/null
+++ b/spec/dummy/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
@@ -0,0 +1,15 @@
+class TwoFactorAuthenticationAddToUsers < ActiveRecord::Migration
+  def up
+    change_table :users do |t|
+      t.string   :otp_secret_key
+      t.integer  :second_factor_attempts_count, :default => 0
+    end
+
+    add_index :users, :otp_secret_key, :unique => true
+  end
+
+  def down
+    remove_column :users, :otp_secret_key
+    remove_column :users, :second_factor_attempts_count
+  end
+end
diff --git a/spec/dummy/db/schema.rb b/spec/dummy/db/schema.rb
index f70f406..e378f2b 100644
--- a/spec/dummy/db/schema.rb
+++ b/spec/dummy/db/schema.rb
@@ -11,24 +11,27 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20140403184646) do
+ActiveRecord::Schema.define(:version => 20140407172619) do
 
   create_table "users", :force => true do |t|
-    t.string   "email",                  :default => "", :null => false
-    t.string   "encrypted_password",     :default => "", :null => false
+    t.string   "email",                        :default => "", :null => false
+    t.string   "encrypted_password",           :default => "", :null => false
     t.string   "reset_password_token"
     t.datetime "reset_password_sent_at"
     t.datetime "remember_created_at"
-    t.integer  "sign_in_count",          :default => 0,  :null => false
+    t.integer  "sign_in_count",                :default => 0,  :null => false
     t.datetime "current_sign_in_at"
     t.datetime "last_sign_in_at"
     t.string   "current_sign_in_ip"
     t.string   "last_sign_in_ip"
-    t.datetime "created_at",                             :null => false
-    t.datetime "updated_at",                             :null => false
+    t.datetime "created_at",                                   :null => false
+    t.datetime "updated_at",                                   :null => false
+    t.string   "otp_secret_key"
+    t.integer  "second_factor_attempts_count", :default => 0
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true
+  add_index "users", ["otp_secret_key"], :name => "index_users_on_otp_secret_key", :unique => true
   add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true
 
 end

From 6ea4db49feee3477c8df99ea9647e3672ac295e5 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 13:45:07 -0400
Subject: [PATCH 07/19] rename rails app in spec directory

---
 Rakefile                                        |   2 +-
 spec/dummy/app/models/user.rb                   |  11 -----------
 spec/dummy/db/test.sqlite3                      | Bin 28672 -> 0 bytes
 spec/dummy/log/.gitkeep                         |   0
 spec/{dummy => rails_app}/README.rdoc           |   0
 spec/{dummy => rails_app}/Rakefile              |   0
 .../app/assets/javascripts/application.js       |   0
 .../app/assets/javascripts/home.js              |   0
 .../app/assets/stylesheets/application.css      |   0
 .../app/assets/stylesheets/home.css             |   0
 .../app/controllers/application_controller.rb   |   0
 .../app/controllers/home_controller.rb          |   0
 .../app/helpers/application_helper.rb           |   0
 .../app/helpers/home_helper.rb                  |   0
 spec/{dummy => rails_app}/app/mailers/.gitkeep  |   0
 spec/{dummy => rails_app}/app/models/.gitkeep   |   0
 spec/rails_app/app/models/user.rb               |   7 +++++++
 .../app/views/home/index.html.erb               |   0
 .../app/views/layouts/application.html.erb      |   0
 spec/{dummy => rails_app}/config.ru             |   0
 spec/{dummy => rails_app}/config/application.rb |   0
 spec/{dummy => rails_app}/config/boot.rb        |   0
 spec/{dummy => rails_app}/config/database.yml   |   0
 spec/{dummy => rails_app}/config/environment.rb |   0
 .../config/environments/development.rb          |   3 ---
 .../config/environments/production.rb           |   0
 .../config/environments/test.rb                 |   3 ---
 .../config/initializers/backtrace_silencers.rb  |   0
 .../config/initializers/devise.rb               |   0
 .../config/initializers/inflections.rb          |   0
 .../config/initializers/mime_types.rb           |   0
 .../config/initializers/secret_token.rb         |   0
 .../config/initializers/session_store.rb        |   2 +-
 .../config/initializers/wrap_parameters.rb      |   0
 .../config/locales/devise.en.yml                |   0
 spec/{dummy => rails_app}/config/locales/en.yml |   0
 spec/{dummy => rails_app}/config/routes.rb      |   0
 .../20140403184646_devise_create_users.rb       |   0
 ...19_two_factor_authentication_add_to_users.rb |   0
 spec/{dummy => rails_app}/db/schema.rb          |   0
 spec/{dummy => rails_app}/lib/assets/.gitkeep   |   0
 spec/{dummy => rails_app}/public/404.html       |   0
 spec/{dummy => rails_app}/public/422.html       |   0
 spec/{dummy => rails_app}/public/500.html       |   0
 spec/{dummy => rails_app}/public/favicon.ico    |   0
 spec/{dummy => rails_app}/script/rails          |   0
 spec/spec_helper.rb                             |   2 +-
 47 files changed, 10 insertions(+), 20 deletions(-)
 delete mode 100644 spec/dummy/app/models/user.rb
 delete mode 100644 spec/dummy/db/test.sqlite3
 delete mode 100644 spec/dummy/log/.gitkeep
 rename spec/{dummy => rails_app}/README.rdoc (100%)
 rename spec/{dummy => rails_app}/Rakefile (100%)
 rename spec/{dummy => rails_app}/app/assets/javascripts/application.js (100%)
 rename spec/{dummy => rails_app}/app/assets/javascripts/home.js (100%)
 rename spec/{dummy => rails_app}/app/assets/stylesheets/application.css (100%)
 rename spec/{dummy => rails_app}/app/assets/stylesheets/home.css (100%)
 rename spec/{dummy => rails_app}/app/controllers/application_controller.rb (100%)
 rename spec/{dummy => rails_app}/app/controllers/home_controller.rb (100%)
 rename spec/{dummy => rails_app}/app/helpers/application_helper.rb (100%)
 rename spec/{dummy => rails_app}/app/helpers/home_helper.rb (100%)
 rename spec/{dummy => rails_app}/app/mailers/.gitkeep (100%)
 rename spec/{dummy => rails_app}/app/models/.gitkeep (100%)
 create mode 100644 spec/rails_app/app/models/user.rb
 rename spec/{dummy => rails_app}/app/views/home/index.html.erb (100%)
 rename spec/{dummy => rails_app}/app/views/layouts/application.html.erb (100%)
 rename spec/{dummy => rails_app}/config.ru (100%)
 rename spec/{dummy => rails_app}/config/application.rb (100%)
 rename spec/{dummy => rails_app}/config/boot.rb (100%)
 rename spec/{dummy => rails_app}/config/database.yml (100%)
 rename spec/{dummy => rails_app}/config/environment.rb (100%)
 rename spec/{dummy => rails_app}/config/environments/development.rb (88%)
 rename spec/{dummy => rails_app}/config/environments/production.rb (100%)
 rename spec/{dummy => rails_app}/config/environments/test.rb (90%)
 rename spec/{dummy => rails_app}/config/initializers/backtrace_silencers.rb (100%)
 rename spec/{dummy => rails_app}/config/initializers/devise.rb (100%)
 rename spec/{dummy => rails_app}/config/initializers/inflections.rb (100%)
 rename spec/{dummy => rails_app}/config/initializers/mime_types.rb (100%)
 rename spec/{dummy => rails_app}/config/initializers/secret_token.rb (100%)
 rename spec/{dummy => rails_app}/config/initializers/session_store.rb (80%)
 rename spec/{dummy => rails_app}/config/initializers/wrap_parameters.rb (100%)
 rename spec/{dummy => rails_app}/config/locales/devise.en.yml (100%)
 rename spec/{dummy => rails_app}/config/locales/en.yml (100%)
 rename spec/{dummy => rails_app}/config/routes.rb (100%)
 rename spec/{dummy => rails_app}/db/migrate/20140403184646_devise_create_users.rb (100%)
 rename spec/{dummy => rails_app}/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb (100%)
 rename spec/{dummy => rails_app}/db/schema.rb (100%)
 rename spec/{dummy => rails_app}/lib/assets/.gitkeep (100%)
 rename spec/{dummy => rails_app}/public/404.html (100%)
 rename spec/{dummy => rails_app}/public/422.html (100%)
 rename spec/{dummy => rails_app}/public/500.html (100%)
 rename spec/{dummy => rails_app}/public/favicon.ico (100%)
 rename spec/{dummy => rails_app}/script/rails (100%)

diff --git a/Rakefile b/Rakefile
index f09aec6..8dc1875 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1,6 +1,6 @@
 require "bundler/gem_tasks"
 
-APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+APP_RAKEFILE = File.expand_path("../spec/rails_app/Rakefile", __FILE__)
 load 'rails/tasks/engine.rake'
 
 desc "Run all specs in spec directory (excluding plugin specs)"
diff --git a/spec/dummy/app/models/user.rb b/spec/dummy/app/models/user.rb
deleted file mode 100644
index d61264f..0000000
--- a/spec/dummy/app/models/user.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-class User < ActiveRecord::Base
-  # Include default devise modules. Others available are:
-  # :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :two_factor_authenticatable, :database_authenticatable, :registerable,
-         :recoverable, :rememberable, :trackable, :validatable,
-         :two_factor_authenticatable
-
-  # Setup accessible (or protected) attributes for your model
-  attr_accessible :email, :password, :password_confirmation, :remember_me
-  # attr_accessible :title, :body
-end
diff --git a/spec/dummy/db/test.sqlite3 b/spec/dummy/db/test.sqlite3
deleted file mode 100644
index 675301fb22efa53810414e99bea23fc7d324d334..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 28672
zcmeI&%Wm306b4|Mo7E<$q#JKXR;6Ht3X(w7O{LPtjZle62uNjRIc7?%!T@8FwyO%M
zQXis=N`18M+h^$5T!g`>S)<?LVteMyob!!0Be=P)yFMi!hJ0ZA<W$N@vMjwKM3SV8
zcq`()IMU)IwYU)9^2+(P(~R`|_p_{M&FuY>vVXEavgQ4s`vq}<0|F3$00bZa0SG_<
z0uYE1m?{}XeOZ*JMVEEy=LvJi6KZ+R9Ua)#!0mC{cZbZ|xS_mh8r7CT+Gg##ZIGII
zZoDVjws4I!OrmWJqLI9IPq`;%(DZRyQHvsx1K+;w(~Z6xH!|}KTGiKe<3EFwdz(9V
zHqW0_DmpP6En>Fob$$9YrKmTmJiQ2u4?nDlCo-~z%;MCezBRHv@6(WXEr0ltvam57
zTl)i|XAI#OLFsW5XgW<QYDMI<7nhS*6}KM_ka|cGVfVFJXZQ50L`FS2k~=f)abN7y
zERTxCXAbqEm&u6qT4SEs16mM~`nQ~{sH!S|{~C@NW*L4YBJtX?ez&WM2d8CR7)^53
ztX)={9rDiTkZQZtsF@<@(lEtJ%~z{Hw0Sv^#XL9OR@?O!IXsN?WDfr_@@aRuep>Vy
zh!2Zhkw~D(Vy%-$nQz&?M!L37eOF)vT?TY;OS$E6D(-gI+da3(ESFi%aKc2S%Y53S
zoGg+mt(M|UI1i>+#H>x#x4o@x>!I!_svt6rgvYeU6|kD!WE7MgEpXYc2YYj|>Bj*9
z2tWV=5P$##AOHafKmY;|fWQt5VE@0vi;L1A009U<00Izz00bZa0SG_<0&{`K!8d;Y
z$MXOI2tWV=5P$##AOHafKmY;|*l7Xm|95(MQ5*yy009U<00Izz00bZa0SG`K6bSzR
zFF*M!i5CtCKmY;|fB*y_009U<00Izz00eeIASWmElhSdyR4$z!zbK!T&w}6ovH#zR
i#YGVifB*y_009U<00Izz00bZafw{mzQhyZP|NjFFwvO!p

diff --git a/spec/dummy/log/.gitkeep b/spec/dummy/log/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/spec/dummy/README.rdoc b/spec/rails_app/README.rdoc
similarity index 100%
rename from spec/dummy/README.rdoc
rename to spec/rails_app/README.rdoc
diff --git a/spec/dummy/Rakefile b/spec/rails_app/Rakefile
similarity index 100%
rename from spec/dummy/Rakefile
rename to spec/rails_app/Rakefile
diff --git a/spec/dummy/app/assets/javascripts/application.js b/spec/rails_app/app/assets/javascripts/application.js
similarity index 100%
rename from spec/dummy/app/assets/javascripts/application.js
rename to spec/rails_app/app/assets/javascripts/application.js
diff --git a/spec/dummy/app/assets/javascripts/home.js b/spec/rails_app/app/assets/javascripts/home.js
similarity index 100%
rename from spec/dummy/app/assets/javascripts/home.js
rename to spec/rails_app/app/assets/javascripts/home.js
diff --git a/spec/dummy/app/assets/stylesheets/application.css b/spec/rails_app/app/assets/stylesheets/application.css
similarity index 100%
rename from spec/dummy/app/assets/stylesheets/application.css
rename to spec/rails_app/app/assets/stylesheets/application.css
diff --git a/spec/dummy/app/assets/stylesheets/home.css b/spec/rails_app/app/assets/stylesheets/home.css
similarity index 100%
rename from spec/dummy/app/assets/stylesheets/home.css
rename to spec/rails_app/app/assets/stylesheets/home.css
diff --git a/spec/dummy/app/controllers/application_controller.rb b/spec/rails_app/app/controllers/application_controller.rb
similarity index 100%
rename from spec/dummy/app/controllers/application_controller.rb
rename to spec/rails_app/app/controllers/application_controller.rb
diff --git a/spec/dummy/app/controllers/home_controller.rb b/spec/rails_app/app/controllers/home_controller.rb
similarity index 100%
rename from spec/dummy/app/controllers/home_controller.rb
rename to spec/rails_app/app/controllers/home_controller.rb
diff --git a/spec/dummy/app/helpers/application_helper.rb b/spec/rails_app/app/helpers/application_helper.rb
similarity index 100%
rename from spec/dummy/app/helpers/application_helper.rb
rename to spec/rails_app/app/helpers/application_helper.rb
diff --git a/spec/dummy/app/helpers/home_helper.rb b/spec/rails_app/app/helpers/home_helper.rb
similarity index 100%
rename from spec/dummy/app/helpers/home_helper.rb
rename to spec/rails_app/app/helpers/home_helper.rb
diff --git a/spec/dummy/app/mailers/.gitkeep b/spec/rails_app/app/mailers/.gitkeep
similarity index 100%
rename from spec/dummy/app/mailers/.gitkeep
rename to spec/rails_app/app/mailers/.gitkeep
diff --git a/spec/dummy/app/models/.gitkeep b/spec/rails_app/app/models/.gitkeep
similarity index 100%
rename from spec/dummy/app/models/.gitkeep
rename to spec/rails_app/app/models/.gitkeep
diff --git a/spec/rails_app/app/models/user.rb b/spec/rails_app/app/models/user.rb
new file mode 100644
index 0000000..743d176
--- /dev/null
+++ b/spec/rails_app/app/models/user.rb
@@ -0,0 +1,7 @@
+class User < ActiveRecord::Base
+  devise :two_factor_authenticatable, :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable,
+         :two_factor_authenticatable
+
+  has_one_time_password
+end
diff --git a/spec/dummy/app/views/home/index.html.erb b/spec/rails_app/app/views/home/index.html.erb
similarity index 100%
rename from spec/dummy/app/views/home/index.html.erb
rename to spec/rails_app/app/views/home/index.html.erb
diff --git a/spec/dummy/app/views/layouts/application.html.erb b/spec/rails_app/app/views/layouts/application.html.erb
similarity index 100%
rename from spec/dummy/app/views/layouts/application.html.erb
rename to spec/rails_app/app/views/layouts/application.html.erb
diff --git a/spec/dummy/config.ru b/spec/rails_app/config.ru
similarity index 100%
rename from spec/dummy/config.ru
rename to spec/rails_app/config.ru
diff --git a/spec/dummy/config/application.rb b/spec/rails_app/config/application.rb
similarity index 100%
rename from spec/dummy/config/application.rb
rename to spec/rails_app/config/application.rb
diff --git a/spec/dummy/config/boot.rb b/spec/rails_app/config/boot.rb
similarity index 100%
rename from spec/dummy/config/boot.rb
rename to spec/rails_app/config/boot.rb
diff --git a/spec/dummy/config/database.yml b/spec/rails_app/config/database.yml
similarity index 100%
rename from spec/dummy/config/database.yml
rename to spec/rails_app/config/database.yml
diff --git a/spec/dummy/config/environment.rb b/spec/rails_app/config/environment.rb
similarity index 100%
rename from spec/dummy/config/environment.rb
rename to spec/rails_app/config/environment.rb
diff --git a/spec/dummy/config/environments/development.rb b/spec/rails_app/config/environments/development.rb
similarity index 88%
rename from spec/dummy/config/environments/development.rb
rename to spec/rails_app/config/environments/development.rb
index 677b4ff..85f5319 100644
--- a/spec/dummy/config/environments/development.rb
+++ b/spec/rails_app/config/environments/development.rb
@@ -20,9 +20,6 @@ Dummy::Application.configure do
   # Only use best-standards-support built into browsers
   config.action_dispatch.best_standards_support = :builtin
 
-  # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
-
   # Do not compress assets
   config.assets.compress = false
 
diff --git a/spec/dummy/config/environments/production.rb b/spec/rails_app/config/environments/production.rb
similarity index 100%
rename from spec/dummy/config/environments/production.rb
rename to spec/rails_app/config/environments/production.rb
diff --git a/spec/dummy/config/environments/test.rb b/spec/rails_app/config/environments/test.rb
similarity index 90%
rename from spec/dummy/config/environments/test.rb
rename to spec/rails_app/config/environments/test.rb
index fc10177..4feff96 100644
--- a/spec/dummy/config/environments/test.rb
+++ b/spec/rails_app/config/environments/test.rb
@@ -27,9 +27,6 @@ Dummy::Application.configure do
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
-
   # Print deprecation notices to the stderr
   config.active_support.deprecation = :stderr
 end
diff --git a/spec/dummy/config/initializers/backtrace_silencers.rb b/spec/rails_app/config/initializers/backtrace_silencers.rb
similarity index 100%
rename from spec/dummy/config/initializers/backtrace_silencers.rb
rename to spec/rails_app/config/initializers/backtrace_silencers.rb
diff --git a/spec/dummy/config/initializers/devise.rb b/spec/rails_app/config/initializers/devise.rb
similarity index 100%
rename from spec/dummy/config/initializers/devise.rb
rename to spec/rails_app/config/initializers/devise.rb
diff --git a/spec/dummy/config/initializers/inflections.rb b/spec/rails_app/config/initializers/inflections.rb
similarity index 100%
rename from spec/dummy/config/initializers/inflections.rb
rename to spec/rails_app/config/initializers/inflections.rb
diff --git a/spec/dummy/config/initializers/mime_types.rb b/spec/rails_app/config/initializers/mime_types.rb
similarity index 100%
rename from spec/dummy/config/initializers/mime_types.rb
rename to spec/rails_app/config/initializers/mime_types.rb
diff --git a/spec/dummy/config/initializers/secret_token.rb b/spec/rails_app/config/initializers/secret_token.rb
similarity index 100%
rename from spec/dummy/config/initializers/secret_token.rb
rename to spec/rails_app/config/initializers/secret_token.rb
diff --git a/spec/dummy/config/initializers/session_store.rb b/spec/rails_app/config/initializers/session_store.rb
similarity index 80%
rename from spec/dummy/config/initializers/session_store.rb
rename to spec/rails_app/config/initializers/session_store.rb
index 952473f..6e1fcac 100644
--- a/spec/dummy/config/initializers/session_store.rb
+++ b/spec/rails_app/config/initializers/session_store.rb
@@ -1,6 +1,6 @@
 # Be sure to restart your server when you modify this file.
 
-Dummy::Application.config.session_store :cookie_store, key: '_dummy_session'
+Dummy::Application.config.session_store :cookie_store, key: '_rails_app_session'
 
 # Use the database for sessions instead of the cookie-based default,
 # which shouldn't be used to store highly confidential information
diff --git a/spec/dummy/config/initializers/wrap_parameters.rb b/spec/rails_app/config/initializers/wrap_parameters.rb
similarity index 100%
rename from spec/dummy/config/initializers/wrap_parameters.rb
rename to spec/rails_app/config/initializers/wrap_parameters.rb
diff --git a/spec/dummy/config/locales/devise.en.yml b/spec/rails_app/config/locales/devise.en.yml
similarity index 100%
rename from spec/dummy/config/locales/devise.en.yml
rename to spec/rails_app/config/locales/devise.en.yml
diff --git a/spec/dummy/config/locales/en.yml b/spec/rails_app/config/locales/en.yml
similarity index 100%
rename from spec/dummy/config/locales/en.yml
rename to spec/rails_app/config/locales/en.yml
diff --git a/spec/dummy/config/routes.rb b/spec/rails_app/config/routes.rb
similarity index 100%
rename from spec/dummy/config/routes.rb
rename to spec/rails_app/config/routes.rb
diff --git a/spec/dummy/db/migrate/20140403184646_devise_create_users.rb b/spec/rails_app/db/migrate/20140403184646_devise_create_users.rb
similarity index 100%
rename from spec/dummy/db/migrate/20140403184646_devise_create_users.rb
rename to spec/rails_app/db/migrate/20140403184646_devise_create_users.rb
diff --git a/spec/dummy/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb b/spec/rails_app/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
similarity index 100%
rename from spec/dummy/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
rename to spec/rails_app/db/migrate/20140407172619_two_factor_authentication_add_to_users.rb
diff --git a/spec/dummy/db/schema.rb b/spec/rails_app/db/schema.rb
similarity index 100%
rename from spec/dummy/db/schema.rb
rename to spec/rails_app/db/schema.rb
diff --git a/spec/dummy/lib/assets/.gitkeep b/spec/rails_app/lib/assets/.gitkeep
similarity index 100%
rename from spec/dummy/lib/assets/.gitkeep
rename to spec/rails_app/lib/assets/.gitkeep
diff --git a/spec/dummy/public/404.html b/spec/rails_app/public/404.html
similarity index 100%
rename from spec/dummy/public/404.html
rename to spec/rails_app/public/404.html
diff --git a/spec/dummy/public/422.html b/spec/rails_app/public/422.html
similarity index 100%
rename from spec/dummy/public/422.html
rename to spec/rails_app/public/422.html
diff --git a/spec/dummy/public/500.html b/spec/rails_app/public/500.html
similarity index 100%
rename from spec/dummy/public/500.html
rename to spec/rails_app/public/500.html
diff --git a/spec/dummy/public/favicon.ico b/spec/rails_app/public/favicon.ico
similarity index 100%
rename from spec/dummy/public/favicon.ico
rename to spec/rails_app/public/favicon.ico
diff --git a/spec/dummy/script/rails b/spec/rails_app/script/rails
similarity index 100%
rename from spec/dummy/script/rails
rename to spec/rails_app/script/rails
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 3c943c8..2c61751 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,5 +1,5 @@
 ENV["RAILS_ENV"] ||= "test"
-require File.expand_path("../dummy/config/environment.rb",  __FILE__)
+require File.expand_path("../rails_app/config/environment.rb",  __FILE__)
 
 require 'two_factor_authentication'
 

From b25dd2ffc2f960864bafe4efa2fa52a7000fb413 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 13:45:45 -0400
Subject: [PATCH 08/19] remove User model from spec/support; now loaded from
 spec rails app

---
 spec/support/authenticated_model_helper.rb | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/spec/support/authenticated_model_helper.rb b/spec/support/authenticated_model_helper.rb
index 3ed2256..f2c6a6a 100644
--- a/spec/support/authenticated_model_helper.rb
+++ b/spec/support/authenticated_model_helper.rb
@@ -1,16 +1,5 @@
 module AuthenticatedModelHelper
 
-  class User
-    extend ActiveModel::Callbacks
-    include ActiveModel::Validations
-    include Devise::Models::TwoFactorAuthenticatable
-
-    define_model_callbacks :create
-    attr_accessor :otp_secret_key, :email, :second_factor_attempts_count
-
-    has_one_time_password
-  end
-
   class UserWithOverrides < User
 
     def send_two_factor_authentication_code

From c9192a2e076e16a5d9112b56e976a02913e1d4cc Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 13:53:44 -0400
Subject: [PATCH 09/19] add .travis.yml with multile rails and ruby versions

---
 .travis.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..41c7138
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,14 @@
+env:
+  - "RAILS_VERSION=3.1"
+  - "RAILS_VERSION=3.2"
+  - "RAILS_VERSION=4.0"
+  - "RAILS_VERSION=master"
+
+rvm:
+  - 1.9.3
+  - 2.0
+  - 2.1
+
+matrix:
+  allow_failures:
+    - env: "RAILS_VERSION=master"

From c6e08dd379af83cc87c8d18b35d07fb4b2f67c41 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 14:06:37 -0400
Subject: [PATCH 10/19] update travis and gemspec with rake dependency

---
 .travis.yml                       | 2 ++
 two_factor_authentication.gemspec | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 41c7138..f22db05 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,3 +1,5 @@
+language: ruby
+
 env:
   - "RAILS_VERSION=3.1"
   - "RAILS_VERSION=3.2"
diff --git a/two_factor_authentication.gemspec b/two_factor_authentication.gemspec
index 6d3225d..2f1053f 100644
--- a/two_factor_authentication.gemspec
+++ b/two_factor_authentication.gemspec
@@ -24,11 +24,12 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  s.add_development_dependency "rspec-rails"
   s.add_runtime_dependency 'rails', '>= 3.1.1'
   s.add_runtime_dependency 'devise'
   s.add_runtime_dependency 'randexp'
   s.add_runtime_dependency 'rotp'
 
+  s.add_development_dependency 'rspec-rails'
   s.add_development_dependency 'bundler'
+  s.add_development_dependency 'rake'
 end

From 6c13b3f23968b2c1120fce8a9117aaf844743c71 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 15:17:31 -0400
Subject: [PATCH 11/19] require rspec/core/rake_task

---
 Rakefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Rakefile b/Rakefile
index 8dc1875..9a36334 100644
--- a/Rakefile
+++ b/Rakefile
@@ -3,6 +3,8 @@ require "bundler/gem_tasks"
 APP_RAKEFILE = File.expand_path("../spec/rails_app/Rakefile", __FILE__)
 load 'rails/tasks/engine.rake'
 
+require 'rspec/core/rake_task'
+
 desc "Run all specs in spec directory (excluding plugin specs)"
 RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
 

From f46a62720c8e84ac6e846688ce09607874a8f629 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 16:45:52 -0400
Subject: [PATCH 12/19] happy path feature specs for two factor auth

---
 .../two_factor_authentication_controller.rb   |  1 +
 config/locales/en.yml                         |  1 +
 .../two_factor_authenticatable_spec.rb        | 42 +++++++++++++++++++
 .../app/controllers/home_controller.rb        | 12 ++++++
 spec/rails_app/app/models/user.rb             |  4 ++
 .../app/views/home/dashboard.html.erb         |  5 +++
 spec/rails_app/app/views/home/index.html.erb  |  3 +-
 .../app/views/layouts/application.html.erb    |  4 +-
 spec/rails_app/config/application.rb          |  2 +
 spec/rails_app/config/routes.rb               |  2 +
 spec/spec_helper.rb                           |  8 ++--
 spec/support/authenticated_model_helper.rb    | 34 ++++++++++++++-
 spec/support/capybara.rb                      |  9 ++++
 spec/support/features_spec_helper.rb          | 13 ++++++
 two_factor_authentication.gemspec             |  3 +-
 15 files changed, 134 insertions(+), 9 deletions(-)
 create mode 100644 spec/features/two_factor_authenticatable_spec.rb
 create mode 100644 spec/rails_app/app/views/home/dashboard.html.erb
 create mode 100644 spec/support/capybara.rb
 create mode 100644 spec/support/features_spec_helper.rb

diff --git a/app/controllers/devise/two_factor_authentication_controller.rb b/app/controllers/devise/two_factor_authentication_controller.rb
index 7d756a0..5f5b4b4 100644
--- a/app/controllers/devise/two_factor_authentication_controller.rb
+++ b/app/controllers/devise/two_factor_authentication_controller.rb
@@ -11,6 +11,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
     if resource.authenticate_otp(params[:code])
       warden.session(resource_name)[:need_two_factor_authentication] = false
       sign_in resource_name, resource, :bypass => true
+      set_flash_message :notice, :success
       redirect_to stored_location_for(resource_name) || :root
       resource.update_attribute(:second_factor_attempts_count, 0)
     else
diff --git a/config/locales/en.yml b/config/locales/en.yml
index ab459a0..9db4c28 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -1,4 +1,5 @@
 en:
   devise:
     two_factor_authentication:
+      success: "Two factor authentication successful."
       attempt_failed: "Attempt failed."
diff --git a/spec/features/two_factor_authenticatable_spec.rb b/spec/features/two_factor_authenticatable_spec.rb
new file mode 100644
index 0000000..b16f6fb
--- /dev/null
+++ b/spec/features/two_factor_authenticatable_spec.rb
@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+feature "User of two factor authentication" do
+
+  scenario "must be logged in" do
+    visit user_two_factor_authentication_path
+
+    page.should have_content("Welcome Home")
+  end
+
+  context "when logged in" do
+    let(:user) { create_user }
+
+    background do
+      login_as user
+    end
+
+    scenario "can fill in TFA code" do
+      visit user_two_factor_authentication_path
+
+      page.should have_content("Enter your personal code")
+
+      fill_in "code", with: user.otp_code
+      click_button "Submit"
+
+      within(".flash.notice") do
+        expect(page).to have_content("Two factor authentication successful.")
+      end
+    end
+
+    scenario "is redirected to TFA when path requires authentication" do
+      visit dashboard_path
+
+      expect(page).to_not have_content("Your Personal Dashboard")
+
+      fill_in "code", with: user.otp_code
+      click_button "Submit"
+
+      expect(page).to have_content("Your Personal Dashboard")
+    end
+  end
+end
diff --git a/spec/rails_app/app/controllers/home_controller.rb b/spec/rails_app/app/controllers/home_controller.rb
index 95f2992..740af84 100644
--- a/spec/rails_app/app/controllers/home_controller.rb
+++ b/spec/rails_app/app/controllers/home_controller.rb
@@ -1,4 +1,16 @@
 class HomeController < ApplicationController
+  prepend_before_filter :store_location, only: :dashboard
+  before_filter :authenticate_user!, only: :dashboard
+
   def index
   end
+
+  def dashboard
+  end
+
+  private
+
+  def store_location
+    store_location_for(:user, dashboard_path)
+  end
 end
diff --git a/spec/rails_app/app/models/user.rb b/spec/rails_app/app/models/user.rb
index 743d176..b7b937f 100644
--- a/spec/rails_app/app/models/user.rb
+++ b/spec/rails_app/app/models/user.rb
@@ -4,4 +4,8 @@ class User < ActiveRecord::Base
          :two_factor_authenticatable
 
   has_one_time_password
+
+  def send_two_factor_authentication_code
+    # No op
+  end
 end
diff --git a/spec/rails_app/app/views/home/dashboard.html.erb b/spec/rails_app/app/views/home/dashboard.html.erb
new file mode 100644
index 0000000..d48f903
--- /dev/null
+++ b/spec/rails_app/app/views/home/dashboard.html.erb
@@ -0,0 +1,5 @@
+<h1>Your Personal Dashboard</h1>
+
+<p>Your email is <%= current_user.email %></p>
+
+<p>You will only be able to see this page after successfully completing two factor authentication</p>
diff --git a/spec/rails_app/app/views/home/index.html.erb b/spec/rails_app/app/views/home/index.html.erb
index 2085730..43a267a 100644
--- a/spec/rails_app/app/views/home/index.html.erb
+++ b/spec/rails_app/app/views/home/index.html.erb
@@ -1,2 +1,3 @@
-<h1>Home#index</h1>
+<h1>Welcome Home</h1>
+
 <p>Find me in app/views/home/index.html.erb</p>
diff --git a/spec/rails_app/app/views/layouts/application.html.erb b/spec/rails_app/app/views/layouts/application.html.erb
index 7bc3a49..8d56308 100644
--- a/spec/rails_app/app/views/layouts/application.html.erb
+++ b/spec/rails_app/app/views/layouts/application.html.erb
@@ -7,8 +7,8 @@
     <%= csrf_meta_tags %>
   </head>
   <body>
-    <p class="notice"><%= notice %></p>
-    <p class="alert"><%= alert %></p>
+    <p class="flash notice"><%= notice %></p>
+    <p class="flash alert"><%= alert %></p>
     <%= yield %>
   </body>
 </html>
diff --git a/spec/rails_app/config/application.rb b/spec/rails_app/config/application.rb
index f633485..8a1ebd2 100644
--- a/spec/rails_app/config/application.rb
+++ b/spec/rails_app/config/application.rb
@@ -55,6 +55,8 @@ module Dummy
     config.assets.version = '1.0'
 
     config.action_mailer.default_url_options = { host: 'localhost:3000' }
+
+    config.i18n.enforce_available_locales = false
   end
 end
 
diff --git a/spec/rails_app/config/routes.rb b/spec/rails_app/config/routes.rb
index 4563c92..60cf37d 100644
--- a/spec/rails_app/config/routes.rb
+++ b/spec/rails_app/config/routes.rb
@@ -1,6 +1,8 @@
 Dummy::Application.routes.draw do
   root to: "home#index"
 
+  match "/dashboard", to: "home#dashboard", as: :dashboard
+
   devise_for :users
 
   # The priority is based upon order of creation:
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 2c61751..07f08df 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,9 +1,7 @@
 ENV["RAILS_ENV"] ||= "test"
 require File.expand_path("../rails_app/config/environment.rb",  __FILE__)
 
-require 'two_factor_authentication'
-
-Dir["#{Dir.pwd}/spec/support/**/*.rb"].each {|f| require f}
+require 'rspec/rails'
 
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|
@@ -11,9 +9,13 @@ RSpec.configure do |config|
   config.run_all_when_everything_filtered = true
   config.filter_run :focus
 
+  config.use_transactional_examples = true
+
   # Run specs in random order to surface order dependencies. If you find an
   # order dependency and want to debug it, you can fix the order by providing
   # the seed, which is printed after each run.
   #     --seed 1234
   config.order = 'random'
 end
+
+Dir["#{Dir.pwd}/spec/support/**/*.rb"].each {|f| require f}
diff --git a/spec/support/authenticated_model_helper.rb b/spec/support/authenticated_model_helper.rb
index f2c6a6a..b469ea6 100644
--- a/spec/support/authenticated_model_helper.rb
+++ b/spec/support/authenticated_model_helper.rb
@@ -1,18 +1,48 @@
 module AuthenticatedModelHelper
 
-  class UserWithOverrides < User
+  class POROUser
+    extend ActiveModel::Callbacks
+    include ActiveModel::Validations
+    include Devise::Models::TwoFactorAuthenticatable
 
+    define_model_callbacks :create
+    attr_accessor :otp_secret_key, :email, :second_factor_attempts_count
+
+    has_one_time_password
+  end
+
+  class UserWithOverrides < POROUser
     def send_two_factor_authentication_code
       "Code sent"
     end
   end
 
   def create_new_user
-    User.new
+    POROUser.new
   end
 
   def create_new_user_with_overrides
     UserWithOverrides.new
   end
 
+  def create_user(attributes={})
+    User.create!(valid_attributes(attributes))
+  end
+
+  def valid_attributes(attributes={})
+    {
+      email: generate_unique_email,
+      password: 'password',
+      password_confirmation: 'password'
+    }.merge(attributes)
+  end
+
+  def generate_unique_email
+    @@email_count ||= 0
+    @@email_count += 1
+    "user#{@@email_count}@example.com"
+  end
+
 end
+
+RSpec.configuration.send(:include, AuthenticatedModelHelper)
diff --git a/spec/support/capybara.rb b/spec/support/capybara.rb
new file mode 100644
index 0000000..c112d19
--- /dev/null
+++ b/spec/support/capybara.rb
@@ -0,0 +1,9 @@
+require 'capybara/rspec'
+
+Capybara.app = Dummy::Application
+
+RSpec.configure do |config|
+  config.before(:each, :feature) do
+
+  end
+end
diff --git a/spec/support/features_spec_helper.rb b/spec/support/features_spec_helper.rb
new file mode 100644
index 0000000..72cc218
--- /dev/null
+++ b/spec/support/features_spec_helper.rb
@@ -0,0 +1,13 @@
+require 'warden'
+
+module FeaturesSpecHelper
+  def warden
+    request.env['warden']
+  end
+end
+
+RSpec.configure do |config|
+  config.include Warden::Test::Helpers, type: :feature
+  config.include FeaturesSpecHelper, type: :feature
+end
+
diff --git a/two_factor_authentication.gemspec b/two_factor_authentication.gemspec
index 2f1053f..8efe54b 100644
--- a/two_factor_authentication.gemspec
+++ b/two_factor_authentication.gemspec
@@ -29,7 +29,8 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'randexp'
   s.add_runtime_dependency 'rotp'
 
-  s.add_development_dependency 'rspec-rails'
   s.add_development_dependency 'bundler'
   s.add_development_dependency 'rake'
+  s.add_development_dependency 'rspec-rails'
+  s.add_development_dependency 'capybara'
 end

From 957e6b144b1092c2e894beb8faf03590c234a327 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 17:08:30 -0400
Subject: [PATCH 13/19] extract GuestUser for unit specs

---
 .../models/two_factor_authenticatable_spec.rb | 22 ++++++++--------
 spec/rails_app/app/models/guest_user.rb       | 10 ++++++++
 spec/support/authenticated_model_helper.rb    | 25 ++-----------------
 3 files changed, 24 insertions(+), 33 deletions(-)
 create mode 100644 spec/rails_app/app/models/guest_user.rb

diff --git a/spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb b/spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb
index ea529e0..efa8e37 100644
--- a/spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb
+++ b/spec/lib/two_factor_authentication/models/two_factor_authenticatable_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 include AuthenticatedModelHelper
 
 describe Devise::Models::TwoFactorAuthenticatable, '#otp_code' do
-  let(:instance) { AuthenticatedModelHelper.create_new_user }
+  let(:instance) { build_guest_user }
   subject { instance.otp_code(time) }
   let(:time) { 1392852456 }
 
@@ -32,7 +32,7 @@ describe Devise::Models::TwoFactorAuthenticatable, '#otp_code' do
 end
 
 describe Devise::Models::TwoFactorAuthenticatable, '#authenticate_otp' do
-  let(:instance) { AuthenticatedModelHelper.create_new_user }
+  let(:instance) { build_guest_user }
 
   before :each do
     instance.otp_secret_key = "2z6hxkdwi3uvrnpn"
@@ -54,22 +54,24 @@ describe Devise::Models::TwoFactorAuthenticatable, '#authenticate_otp' do
 end
 
 describe Devise::Models::TwoFactorAuthenticatable, '#send_two_factor_authentication_code' do
+  let(:instance) { build_guest_user }
 
   it "should raise an error by default" do
-    instance = AuthenticatedModelHelper.create_new_user
     expect {
       instance.send_two_factor_authentication_code
     }.to raise_error(NotImplementedError)
   end
 
   it "should be overrideable" do
-    instance = AuthenticatedModelHelper.create_new_user_with_overrides
+    def instance.send_two_factor_authentication_code
+      "Code sent"
+    end
     expect(instance.send_two_factor_authentication_code).to eq("Code sent")
   end
 end
 
 describe Devise::Models::TwoFactorAuthenticatable, '#provisioning_uri' do
-  let(:instance) { AuthenticatedModelHelper.create_new_user }
+  let(:instance) { build_guest_user }
 
   before do
     instance.email = "houdini@example.com"
@@ -99,7 +101,7 @@ describe Devise::Models::TwoFactorAuthenticatable, '#provisioning_uri' do
 end
 
 describe Devise::Models::TwoFactorAuthenticatable, '#populate_otp_column' do
-  let(:instance) { AuthenticatedModelHelper.create_new_user }
+  let(:instance) { build_guest_user }
 
   it "populates otp_column on create" do
     expect(instance.otp_secret_key).to be_nil
@@ -121,14 +123,14 @@ describe Devise::Models::TwoFactorAuthenticatable, '#populate_otp_column' do
 end
 
 describe Devise::Models::TwoFactorAuthenticatable, '#max_login_attempts' do
-  let(:instance) { AuthenticatedModelHelper.create_new_user }
+  let(:instance) { build_guest_user }
 
   before do
-    @original_max_login_attempts = User.max_login_attempts
-    User.max_login_attempts = 3
+    @original_max_login_attempts = GuestUser.max_login_attempts
+    GuestUser.max_login_attempts = 3
   end
 
-  after { User.max_login_attempts = @original_max_login_attempts }
+  after { GuestUser.max_login_attempts = @original_max_login_attempts }
 
   it "returns class setting" do
     expect(instance.max_login_attempts).to eq(3)
diff --git a/spec/rails_app/app/models/guest_user.rb b/spec/rails_app/app/models/guest_user.rb
new file mode 100644
index 0000000..84049fe
--- /dev/null
+++ b/spec/rails_app/app/models/guest_user.rb
@@ -0,0 +1,10 @@
+class GuestUser
+  extend ActiveModel::Callbacks
+  include ActiveModel::Validations
+  include Devise::Models::TwoFactorAuthenticatable
+
+  define_model_callbacks :create
+  attr_accessor :otp_secret_key, :email, :second_factor_attempts_count
+
+  has_one_time_password
+end
diff --git a/spec/support/authenticated_model_helper.rb b/spec/support/authenticated_model_helper.rb
index b469ea6..7195d97 100644
--- a/spec/support/authenticated_model_helper.rb
+++ b/spec/support/authenticated_model_helper.rb
@@ -1,28 +1,7 @@
 module AuthenticatedModelHelper
 
-  class POROUser
-    extend ActiveModel::Callbacks
-    include ActiveModel::Validations
-    include Devise::Models::TwoFactorAuthenticatable
-
-    define_model_callbacks :create
-    attr_accessor :otp_secret_key, :email, :second_factor_attempts_count
-
-    has_one_time_password
-  end
-
-  class UserWithOverrides < POROUser
-    def send_two_factor_authentication_code
-      "Code sent"
-    end
-  end
-
-  def create_new_user
-    POROUser.new
-  end
-
-  def create_new_user_with_overrides
-    UserWithOverrides.new
+  def build_guest_user
+    GuestUser.new
   end
 
   def create_user(attributes={})

From 0e323098208970d1643839b44860fbb0d91a966e Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 17:28:11 -0400
Subject: [PATCH 14/19] Updates to dummy app

update .gitignore

updates for rails 4

update dummy spec assets

remove dummy app home helper

update dummy spec README

Restore lib/two_factor_authentication.rb
---
 .gitignore                                    |   2 -
 spec/rails_app/.gitignore                     |   3 +
 spec/rails_app/README.md                      |   3 +
 spec/rails_app/README.rdoc                    | 261 ------------------
 .../app/assets/javascripts/application.js     |  14 -
 spec/rails_app/app/assets/javascripts/home.js |   2 -
 .../app/assets/stylesheets/application.css    |   9 -
 .../rails_app/app/assets/stylesheets/home.css |   4 -
 spec/rails_app/app/helpers/home_helper.rb     |   2 -
 spec/rails_app/config/application.rb          |   4 +-
 spec/rails_app/config/routes.rb               |   2 +-
 11 files changed, 9 insertions(+), 297 deletions(-)
 create mode 100644 spec/rails_app/.gitignore
 create mode 100644 spec/rails_app/README.md
 delete mode 100644 spec/rails_app/README.rdoc
 delete mode 100644 spec/rails_app/app/assets/javascripts/home.js
 delete mode 100644 spec/rails_app/app/assets/stylesheets/home.css
 delete mode 100644 spec/rails_app/app/helpers/home_helper.rb

diff --git a/.gitignore b/.gitignore
index 313b296..ec16439 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,5 +19,3 @@ capybara-*.html
 dump.rdb
 *.ids
 .rbenv-version
-*/**/log/*
-*/**/*.sqlite3
diff --git a/spec/rails_app/.gitignore b/spec/rails_app/.gitignore
new file mode 100644
index 0000000..3212533
--- /dev/null
+++ b/spec/rails_app/.gitignore
@@ -0,0 +1,3 @@
+log/
+tmp/
+*.sqlite3
diff --git a/spec/rails_app/README.md b/spec/rails_app/README.md
new file mode 100644
index 0000000..170f668
--- /dev/null
+++ b/spec/rails_app/README.md
@@ -0,0 +1,3 @@
+# Dummy
+
+You have found the dummy rails app used for integration testing of the `two_factor_authentication` gem.
diff --git a/spec/rails_app/README.rdoc b/spec/rails_app/README.rdoc
deleted file mode 100644
index 3e1c15c..0000000
--- a/spec/rails_app/README.rdoc
+++ /dev/null
@@ -1,261 +0,0 @@
-== Welcome to Rails
-
-Rails is a web-application framework that includes everything needed to create
-database-backed web applications according to the Model-View-Control pattern.
-
-This pattern splits the view (also called the presentation) into "dumb"
-templates that are primarily responsible for inserting pre-built data in between
-HTML tags. The model contains the "smart" domain objects (such as Account,
-Product, Person, Post) that holds all the business logic and knows how to
-persist themselves to a database. The controller handles the incoming requests
-(such as Save New Account, Update Product, Show Post) by manipulating the model
-and directing data to the view.
-
-In Rails, the model is handled by what's called an object-relational mapping
-layer entitled Active Record. This layer allows you to present the data from
-database rows as objects and embellish these data objects with business logic
-methods. You can read more about Active Record in
-link:files/vendor/rails/activerecord/README.html.
-
-The controller and view are handled by the Action Pack, which handles both
-layers by its two parts: Action View and Action Controller. These two layers
-are bundled in a single package due to their heavy interdependence. This is
-unlike the relationship between the Active Record and Action Pack that is much
-more separate. Each of these packages can be used independently outside of
-Rails. You can read more about Action Pack in
-link:files/vendor/rails/actionpack/README.html.
-
-
-== Getting Started
-
-1. At the command prompt, create a new Rails application:
-       <tt>rails new myapp</tt> (where <tt>myapp</tt> is the application name)
-
-2. Change directory to <tt>myapp</tt> and start the web server:
-       <tt>cd myapp; rails server</tt> (run with --help for options)
-
-3. Go to http://localhost:3000/ and you'll see:
-       "Welcome aboard: You're riding Ruby on Rails!"
-
-4. Follow the guidelines to start developing your application. You can find
-the following resources handy:
-
-* The Getting Started Guide: http://guides.rubyonrails.org/getting_started.html
-* Ruby on Rails Tutorial Book: http://www.railstutorial.org/
-
-
-== Debugging Rails
-
-Sometimes your application goes wrong. Fortunately there are a lot of tools that
-will help you debug it and get it back on the rails.
-
-First area to check is the application log files. Have "tail -f" commands
-running on the server.log and development.log. Rails will automatically display
-debugging and runtime information to these files. Debugging info will also be
-shown in the browser on requests from 127.0.0.1.
-
-You can also log your own messages directly into the log file from your code
-using the Ruby logger class from inside your controllers. Example:
-
-  class WeblogController < ActionController::Base
-    def destroy
-      @weblog = Weblog.find(params[:id])
-      @weblog.destroy
-      logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
-    end
-  end
-
-The result will be a message in your log file along the lines of:
-
-  Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1!
-
-More information on how to use the logger is at http://www.ruby-doc.org/core/
-
-Also, Ruby documentation can be found at http://www.ruby-lang.org/. There are
-several books available online as well:
-
-* Programming Ruby: http://www.ruby-doc.org/docs/ProgrammingRuby/ (Pickaxe)
-* Learn to Program: http://pine.fm/LearnToProgram/ (a beginners guide)
-
-These two books will bring you up to speed on the Ruby language and also on
-programming in general.
-
-
-== Debugger
-
-Debugger support is available through the debugger command when you start your
-Mongrel or WEBrick server with --debugger. This means that you can break out of
-execution at any point in the code, investigate and change the model, and then,
-resume execution! You need to install ruby-debug to run the server in debugging
-mode. With gems, use <tt>sudo gem install ruby-debug</tt>. Example:
-
-  class WeblogController < ActionController::Base
-    def index
-      @posts = Post.all
-      debugger
-    end
-  end
-
-So the controller will accept the action, run the first line, then present you
-with a IRB prompt in the server window. Here you can do things like:
-
-  >> @posts.inspect
-  => "[#<Post:0x14a6be8
-          @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>,
-       #<Post:0x14a6620
-          @attributes={"title"=>"Rails", "body"=>"Only ten..", "id"=>"2"}>]"
-  >> @posts.first.title = "hello from a debugger"
-  => "hello from a debugger"
-
-...and even better, you can examine how your runtime objects actually work:
-
-  >> f = @posts.first
-  => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
-  >> f.
-  Display all 152 possibilities? (y or n)
-
-Finally, when you're ready to resume execution, you can enter "cont".
-
-
-== Console
-
-The console is a Ruby shell, which allows you to interact with your
-application's domain model. Here you'll have all parts of the application
-configured, just like it is when the application is running. You can inspect
-domain models, change values, and save to the database. Starting the script
-without arguments will launch it in the development environment.
-
-To start the console, run <tt>rails console</tt> from the application
-directory.
-
-Options:
-
-* Passing the <tt>-s, --sandbox</tt> argument will rollback any modifications
-  made to the database.
-* Passing an environment name as an argument will load the corresponding
-  environment. Example: <tt>rails console production</tt>.
-
-To reload your controllers and models after launching the console run
-<tt>reload!</tt>
-
-More information about irb can be found at:
-link:http://www.rubycentral.org/pickaxe/irb.html
-
-
-== dbconsole
-
-You can go to the command line of your database directly through <tt>rails
-dbconsole</tt>. You would be connected to the database with the credentials
-defined in database.yml. Starting the script without arguments will connect you
-to the development database. Passing an argument will connect you to a different
-database, like <tt>rails dbconsole production</tt>. Currently works for MySQL,
-PostgreSQL and SQLite 3.
-
-== Description of Contents
-
-The default directory structure of a generated Ruby on Rails application:
-
-  |-- app
-  |   |-- assets
-  |   |   |-- images
-  |   |   |-- javascripts
-  |   |   `-- stylesheets
-  |   |-- controllers
-  |   |-- helpers
-  |   |-- mailers
-  |   |-- models
-  |   `-- views
-  |       `-- layouts
-  |-- config
-  |   |-- environments
-  |   |-- initializers
-  |   `-- locales
-  |-- db
-  |-- doc
-  |-- lib
-  |   |-- assets
-  |   `-- tasks
-  |-- log
-  |-- public
-  |-- script
-  |-- test
-  |   |-- fixtures
-  |   |-- functional
-  |   |-- integration
-  |   |-- performance
-  |   `-- unit
-  |-- tmp
-  |   `-- cache
-  |       `-- assets
-  `-- vendor
-      |-- assets
-      |   |-- javascripts
-      |   `-- stylesheets
-      `-- plugins
-
-app
-  Holds all the code that's specific to this particular application.
-
-app/assets
-  Contains subdirectories for images, stylesheets, and JavaScript files.
-
-app/controllers
-  Holds controllers that should be named like weblogs_controller.rb for
-  automated URL mapping. All controllers should descend from
-  ApplicationController which itself descends from ActionController::Base.
-
-app/models
-  Holds models that should be named like post.rb. Models descend from
-  ActiveRecord::Base by default.
-
-app/views
-  Holds the template files for the view that should be named like
-  weblogs/index.html.erb for the WeblogsController#index action. All views use
-  eRuby syntax by default.
-
-app/views/layouts
-  Holds the template files for layouts to be used with views. This models the
-  common header/footer method of wrapping views. In your views, define a layout
-  using the <tt>layout :default</tt> and create a file named default.html.erb.
-  Inside default.html.erb, call <% yield %> to render the view using this
-  layout.
-
-app/helpers
-  Holds view helpers that should be named like weblogs_helper.rb. These are
-  generated for you automatically when using generators for controllers.
-  Helpers can be used to wrap functionality for your views into methods.
-
-config
-  Configuration files for the Rails environment, the routing map, the database,
-  and other dependencies.
-
-db
-  Contains the database schema in schema.rb. db/migrate contains all the
-  sequence of Migrations for your schema.
-
-doc
-  This directory is where your application documentation will be stored when
-  generated using <tt>rake doc:app</tt>
-
-lib
-  Application specific libraries. Basically, any kind of custom code that
-  doesn't belong under controllers, models, or helpers. This directory is in
-  the load path.
-
-public
-  The directory available for the web server. Also contains the dispatchers and the
-  default HTML files. This should be set as the DOCUMENT_ROOT of your web
-  server.
-
-script
-  Helper scripts for automation and generation.
-
-test
-  Unit and functional tests along with fixtures. When using the rails generate
-  command, template test files will be generated for you and placed in this
-  directory.
-
-vendor
-  External libraries that the application depends on. Also includes the plugins
-  subdirectory. If the app has frozen rails, those gems also go here, under
-  vendor/rails/. This directory is in the load path.
diff --git a/spec/rails_app/app/assets/javascripts/application.js b/spec/rails_app/app/assets/javascripts/application.js
index 9097d83..2c03f2d 100644
--- a/spec/rails_app/app/assets/javascripts/application.js
+++ b/spec/rails_app/app/assets/javascripts/application.js
@@ -1,15 +1 @@
-// This is a manifest file that'll be compiled into application.js, which will include all the files
-// listed below.
-//
-// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
-//
-// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
-// the compiled file.
-//
-// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
-// GO AFTER THE REQUIRES BELOW.
-//
-//= require jquery
-//= require jquery_ujs
 //= require_tree .
diff --git a/spec/rails_app/app/assets/javascripts/home.js b/spec/rails_app/app/assets/javascripts/home.js
deleted file mode 100644
index dee720f..0000000
--- a/spec/rails_app/app/assets/javascripts/home.js
+++ /dev/null
@@ -1,2 +0,0 @@
-// Place all the behaviors and hooks related to the matching controller here.
-// All this logic will automatically be available in application.js.
diff --git a/spec/rails_app/app/assets/stylesheets/application.css b/spec/rails_app/app/assets/stylesheets/application.css
index 3192ec8..fdca7c0 100644
--- a/spec/rails_app/app/assets/stylesheets/application.css
+++ b/spec/rails_app/app/assets/stylesheets/application.css
@@ -1,13 +1,4 @@
 /*
- * This is a manifest file that'll be compiled into application.css, which will include all the files
- * listed below.
- *
- * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
- * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
- *
- * You're free to add application-wide styles to this file and they'll appear at the top of the
- * compiled file, but it's generally better to create a new file per style scope.
- *
  *= require_self
  *= require_tree .
  */
diff --git a/spec/rails_app/app/assets/stylesheets/home.css b/spec/rails_app/app/assets/stylesheets/home.css
deleted file mode 100644
index afad32d..0000000
--- a/spec/rails_app/app/assets/stylesheets/home.css
+++ /dev/null
@@ -1,4 +0,0 @@
-/*
-  Place all the styles related to the matching controller here.
-  They will automatically be included in application.css.
-*/
diff --git a/spec/rails_app/app/helpers/home_helper.rb b/spec/rails_app/app/helpers/home_helper.rb
deleted file mode 100644
index 23de56a..0000000
--- a/spec/rails_app/app/helpers/home_helper.rb
+++ /dev/null
@@ -1,2 +0,0 @@
-module HomeHelper
-end
diff --git a/spec/rails_app/config/application.rb b/spec/rails_app/config/application.rb
index 8a1ebd2..eb4f03e 100644
--- a/spec/rails_app/config/application.rb
+++ b/spec/rails_app/config/application.rb
@@ -1,11 +1,9 @@
 require File.expand_path('../boot', __FILE__)
 
-# Pick the frameworks you want:
 require "active_record/railtie"
 require "action_controller/railtie"
 require "action_mailer/railtie"
 require "sprockets/railtie"
-# require "rails/test_unit/railtie"
 
 Bundler.require(*Rails.groups)
 require "two_factor_authentication"
@@ -57,6 +55,8 @@ module Dummy
     config.action_mailer.default_url_options = { host: 'localhost:3000' }
 
     config.i18n.enforce_available_locales = false
+
+    config.secret_key_base = 'secretvalue'
   end
 end
 
diff --git a/spec/rails_app/config/routes.rb b/spec/rails_app/config/routes.rb
index 60cf37d..3de7336 100644
--- a/spec/rails_app/config/routes.rb
+++ b/spec/rails_app/config/routes.rb
@@ -1,7 +1,7 @@
 Dummy::Application.routes.draw do
   root to: "home#index"
 
-  match "/dashboard", to: "home#dashboard", as: :dashboard
+  match "/dashboard", to: "home#dashboard", as: :dashboard, via: [:get]
 
   devise_for :users
 

From b2f9935a0849f97fc63318b1f884d0e3c6590719 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 17:47:40 -0400
Subject: [PATCH 15/19] Remove rails 3.1 from travis

---
 .travis.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index f22db05..9897df8 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,9 +1,8 @@
 language: ruby
 
 env:
-  - "RAILS_VERSION=3.1"
-  - "RAILS_VERSION=3.2"
-  - "RAILS_VERSION=4.0"
+  - "RAILS_VERSION=3.2.0"
+  - "RAILS_VERSION=4.0.0"
   - "RAILS_VERSION=master"
 
 rvm:

From c49c2679289ca65ebb7414bf2ceabbfadbaab498 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 18:39:10 -0400
Subject: [PATCH 16/19] Feature spec for max login attempts

adds nickname column to dummy app user

Update feature specs with user nickname; add max login attempt spec

regenerate schema
---
 .../two_factor_authentication_controller.rb   |  5 ++--
 .../two_factor_authenticatable_spec.rb        | 23 +++++++++++++++++--
 .../app/helpers/application_helper.rb         |  6 +++++
 .../app/views/home/dashboard.html.erb         |  6 +++--
 .../app/views/layouts/application.html.erb    | 10 ++++++--
 spec/rails_app/config/database.yml            |  6 -----
 .../20140407215513_add_nickanme_to_users.rb   |  7 ++++++
 spec/rails_app/db/schema.rb                   | 15 ++++++------
 spec/support/authenticated_model_helper.rb    |  1 +
 spec/support/capybara.rb                      |  6 -----
 10 files changed, 58 insertions(+), 27 deletions(-)
 create mode 100644 spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb

diff --git a/app/controllers/devise/two_factor_authentication_controller.rb b/app/controllers/devise/two_factor_authentication_controller.rb
index 5f5b4b4..05c6027 100644
--- a/app/controllers/devise/two_factor_authentication_controller.rb
+++ b/app/controllers/devise/two_factor_authentication_controller.rb
@@ -17,10 +17,10 @@ class Devise::TwoFactorAuthenticationController < DeviseController
     else
       resource.second_factor_attempts_count += 1
       resource.save
-      set_flash_message :error, :attempt_failed
+      flash.now[:error] = find_message(:attempt_failed)
       if resource.max_login_attempts?
         sign_out(resource)
-        render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
+        render :max_login_attempts_reached
       else
         render :show
       end
@@ -37,6 +37,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
       redirect_to :root and return if resource.nil?
       @limit = resource.class.max_login_attempts
       if resource.max_login_attempts?
+        binding.pry
         sign_out(resource)
         render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
       end
diff --git a/spec/features/two_factor_authenticatable_spec.rb b/spec/features/two_factor_authenticatable_spec.rb
index b16f6fb..899cd5b 100644
--- a/spec/features/two_factor_authenticatable_spec.rb
+++ b/spec/features/two_factor_authenticatable_spec.rb
@@ -5,7 +5,8 @@ feature "User of two factor authentication" do
   scenario "must be logged in" do
     visit user_two_factor_authentication_path
 
-    page.should have_content("Welcome Home")
+    expect(page).to have_content("Welcome Home")
+    expect(page).to have_content("You are signed out")
   end
 
   context "when logged in" do
@@ -18,7 +19,8 @@ feature "User of two factor authentication" do
     scenario "can fill in TFA code" do
       visit user_two_factor_authentication_path
 
-      page.should have_content("Enter your personal code")
+      expect(page).to have_content("You are signed in as Marissa")
+      expect(page).to have_content("Enter your personal code")
 
       fill_in "code", with: user.otp_code
       click_button "Submit"
@@ -37,6 +39,23 @@ feature "User of two factor authentication" do
       click_button "Submit"
 
       expect(page).to have_content("Your Personal Dashboard")
+      expect(page).to have_content("You are signed in as Marissa")
+    end
+
+    scenario "is locked out after 3 failed attempts" do
+      visit user_two_factor_authentication_path
+
+      3.times do
+        fill_in "code", with: "incorrect#{rand(100)}"
+        click_button "Submit"
+
+        within(".flash.error") do
+          expect(page).to have_content("Attempt failed")
+        end
+      end
+
+      expect(page).to have_content("Access completely denied")
+      expect(page).to have_content("You are signed out")
     end
   end
 end
diff --git a/spec/rails_app/app/helpers/application_helper.rb b/spec/rails_app/app/helpers/application_helper.rb
index de6be79..b5e2e4e 100644
--- a/spec/rails_app/app/helpers/application_helper.rb
+++ b/spec/rails_app/app/helpers/application_helper.rb
@@ -1,2 +1,8 @@
 module ApplicationHelper
+
+  def render_flash
+    flash.map do |name, message|
+      content_tag(:p, message, class: "flash #{name}")
+    end.join.html_safe
+  end
 end
diff --git a/spec/rails_app/app/views/home/dashboard.html.erb b/spec/rails_app/app/views/home/dashboard.html.erb
index d48f903..13e63b8 100644
--- a/spec/rails_app/app/views/home/dashboard.html.erb
+++ b/spec/rails_app/app/views/home/dashboard.html.erb
@@ -1,5 +1,7 @@
 <h1>Your Personal Dashboard</h1>
 
-<p>Your email is <%= current_user.email %></p>
+<p>Hi <%= current_user.nickname %></p>
 
-<p>You will only be able to see this page after successfully completing two factor authentication</p>
+<p>Your registered email address is <%= current_user.email %></p>
+
+<p>You can only see this page after successfully completing two factor authentication</p>
diff --git a/spec/rails_app/app/views/layouts/application.html.erb b/spec/rails_app/app/views/layouts/application.html.erb
index 8d56308..5d58281 100644
--- a/spec/rails_app/app/views/layouts/application.html.erb
+++ b/spec/rails_app/app/views/layouts/application.html.erb
@@ -7,8 +7,14 @@
     <%= csrf_meta_tags %>
   </head>
   <body>
-    <p class="flash notice"><%= notice %></p>
-    <p class="flash alert"><%= alert %></p>
+    <nav>
+      <% if user_signed_in? %>
+        You are signed in as <%= current_user.nickname %>
+      <% else %>
+        You are signed out
+      <% end %>
+    </nav>
+    <%= render_flash %>
     <%= yield %>
   </body>
 </html>
diff --git a/spec/rails_app/config/database.yml b/spec/rails_app/config/database.yml
index 51a4dd4..1902f92 100644
--- a/spec/rails_app/config/database.yml
+++ b/spec/rails_app/config/database.yml
@@ -17,9 +17,3 @@ test:
   database: db/test.sqlite3
   pool: 5
   timeout: 5000
-
-production:
-  adapter: sqlite3
-  database: db/production.sqlite3
-  pool: 5
-  timeout: 5000
diff --git a/spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb b/spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb
new file mode 100644
index 0000000..ee3fa8f
--- /dev/null
+++ b/spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb
@@ -0,0 +1,7 @@
+class AddNickanmeToUsers < ActiveRecord::Migration
+  def change
+    change_table :users do |t|
+      t.column :nickname, :string, limit: 64
+    end
+  end
+end
diff --git a/spec/rails_app/db/schema.rb b/spec/rails_app/db/schema.rb
index e378f2b..76bbd49 100644
--- a/spec/rails_app/db/schema.rb
+++ b/spec/rails_app/db/schema.rb
@@ -11,23 +11,24 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20140407172619) do
+ActiveRecord::Schema.define(:version => 20140407215513) do
 
   create_table "users", :force => true do |t|
-    t.string   "email",                        :default => "", :null => false
-    t.string   "encrypted_password",           :default => "", :null => false
+    t.string   "email",                                      :default => "", :null => false
+    t.string   "encrypted_password",                         :default => "", :null => false
     t.string   "reset_password_token"
     t.datetime "reset_password_sent_at"
     t.datetime "remember_created_at"
-    t.integer  "sign_in_count",                :default => 0,  :null => false
+    t.integer  "sign_in_count",                              :default => 0,  :null => false
     t.datetime "current_sign_in_at"
     t.datetime "last_sign_in_at"
     t.string   "current_sign_in_ip"
     t.string   "last_sign_in_ip"
-    t.datetime "created_at",                                   :null => false
-    t.datetime "updated_at",                                   :null => false
+    t.datetime "created_at",                                                 :null => false
+    t.datetime "updated_at",                                                 :null => false
     t.string   "otp_secret_key"
-    t.integer  "second_factor_attempts_count", :default => 0
+    t.integer  "second_factor_attempts_count",               :default => 0
+    t.string   "nickname",                     :limit => 64
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true
diff --git a/spec/support/authenticated_model_helper.rb b/spec/support/authenticated_model_helper.rb
index 7195d97..d6205a3 100644
--- a/spec/support/authenticated_model_helper.rb
+++ b/spec/support/authenticated_model_helper.rb
@@ -10,6 +10,7 @@ module AuthenticatedModelHelper
 
   def valid_attributes(attributes={})
     {
+      nickname: 'Marissa',
       email: generate_unique_email,
       password: 'password',
       password_confirmation: 'password'
diff --git a/spec/support/capybara.rb b/spec/support/capybara.rb
index c112d19..c5eff30 100644
--- a/spec/support/capybara.rb
+++ b/spec/support/capybara.rb
@@ -1,9 +1,3 @@
 require 'capybara/rspec'
 
 Capybara.app = Dummy::Application
-
-RSpec.configure do |config|
-  config.before(:each, :feature) do
-
-  end
-end

From 04899f3ae01dd8b76b0576004beac99615930c45 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 18:39:31 -0400
Subject: [PATCH 17/19] Add comment for running specs against multiple versions
 of Rails

---
 Rakefile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Rakefile b/Rakefile
index 9a36334..7723dfb 100644
--- a/Rakefile
+++ b/Rakefile
@@ -9,3 +9,6 @@ desc "Run all specs in spec directory (excluding plugin specs)"
 RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
 
 task :default => :spec
+
+# To test against a specific version of Rails
+# export RAILS_VERSION=3.2.0; bundle update; rake

From 79c048d0f58c1a787ca4a6dbc3974a04cefa9624 Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 18:56:05 -0400
Subject: [PATCH 18/19] explicit before_script and script steps in travis.yml

---
 .travis.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index 9897df8..379fab6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -13,3 +13,8 @@ rvm:
 matrix:
   allow_failures:
     - env: "RAILS_VERSION=master"
+
+before_script:
+  - bundle exec rake app:db:migrate
+
+script: bundle exec rake spec

From 0a57c06d15cdd914642f9d072863bdb7e401737d Mon Sep 17 00:00:00 2001
From: Ross Kaffenberger <rosskaff@gmail.com>
Date: Mon, 7 Apr 2014 19:12:02 -0400
Subject: [PATCH 19/19] feature spec for checking max attempts before show

---
 .../two_factor_authentication_controller.rb       |  5 ++---
 spec/features/two_factor_authenticatable_spec.rb  | 15 +++++++++++++--
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/app/controllers/devise/two_factor_authentication_controller.rb b/app/controllers/devise/two_factor_authentication_controller.rb
index 05c6027..1f2ac65 100644
--- a/app/controllers/devise/two_factor_authentication_controller.rb
+++ b/app/controllers/devise/two_factor_authentication_controller.rb
@@ -35,11 +35,10 @@ class Devise::TwoFactorAuthenticationController < DeviseController
 
     def prepare_and_validate
       redirect_to :root and return if resource.nil?
-      @limit = resource.class.max_login_attempts
+      @limit = resource.max_login_attempts
       if resource.max_login_attempts?
-        binding.pry
         sign_out(resource)
-        render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
+        render :max_login_attempts_reached and return
       end
     end
 end
diff --git a/spec/features/two_factor_authenticatable_spec.rb b/spec/features/two_factor_authenticatable_spec.rb
index 899cd5b..ff9995f 100644
--- a/spec/features/two_factor_authenticatable_spec.rb
+++ b/spec/features/two_factor_authenticatable_spec.rb
@@ -42,10 +42,12 @@ feature "User of two factor authentication" do
       expect(page).to have_content("You are signed in as Marissa")
     end
 
-    scenario "is locked out after 3 failed attempts" do
+    scenario "is locked out after max failed attempts" do
       visit user_two_factor_authentication_path
 
-      3.times do
+      max_attempts = User.max_login_attempts
+
+      max_attempts.times do
         fill_in "code", with: "incorrect#{rand(100)}"
         click_button "Submit"
 
@@ -57,5 +59,14 @@ feature "User of two factor authentication" do
       expect(page).to have_content("Access completely denied")
       expect(page).to have_content("You are signed out")
     end
+
+    scenario "cannot retry authentication after max attempts" do
+      user.update_attribute(:second_factor_attempts_count, User.max_login_attempts)
+
+      visit user_two_factor_authentication_path
+
+      expect(page).to have_content("Access completely denied")
+      expect(page).to have_content("You are signed out")
+    end
   end
 end