baarkerlounger
/
two_factor_authentication
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Allowing both config and override of allowed otp drift.

master
Matt Mueller 11 years ago
parent
3d8b6c484d
commit
5094238c74
2 changed files with 7 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      lib/two_factor_authentication.rb
  2. 8
      lib/two_factor_authentication/models/two_factor_authenticatable.rb

3
lib/two_factor_authentication.rb
Unescape View File

@ -10,6 +10,9 @@ require "rotp"
module Devise module Devise
mattr_accessor :max_login_attempts mattr_accessor :max_login_attempts
@@max_login_attempts = 3 @@max_login_attempts = 3
mattr_accessor :allowed_otp_drift_seconds
@@allowed_otp_drift_seconds = 30
end end
module TwoFactorAuthentication module TwoFactorAuthentication

8
lib/two_factor_authentication/models/two_factor_authenticatable.rb
Unescape View File

@ -20,17 +20,15 @@ module Devise
end end
end end
end end
::Devise::Models.config(self, :max_login_attempts) ::Devise::Models.config(self, :max_login_attempts, :allowed_otp_drift_seconds)
end end
module InstanceMethodsOnActivation module InstanceMethodsOnActivation
def authenticate_otp(code, options = {}) def authenticate_otp(code, options = {})
totp = ROTP::TOTP.new(self.otp_column) totp = ROTP::TOTP.new(self.otp_column)
if drift = options[:drift] drift = options[:drift] || self.class.allowed_otp_drift_seconds
totp.verify_with_drift(code, drift) totp.verify_with_drift(code, drift)
else
totp.verify(code)
end
end end
def otp_code(time = Time.now) def otp_code(time = Time.now)

Write Preview
Loading…
Cancel
Save