|
|
@ -32,6 +32,20 @@ Finally, run the migration with: |
|
|
|
|
|
|
|
|
|
|
|
bundle exec rake db:migrate |
|
|
|
bundle exec rake db:migrate |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add the following line to your model to fully enable two-factor auth: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
has_one_time_password |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Set config values if desired for maximum second factor attempts count and allowed time drift for one-time passwords: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
config.max_login_attempts = 3 |
|
|
|
|
|
|
|
config.allowed_otp_drift_seconds = 30 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Override the method to send one-time passwords in your model, this is automatically called when a user logs in: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def send_two_factor_authentication_code |
|
|
|
|
|
|
|
# use Model#otp_code and send via SMS, etc. |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
### Manual installation |
|
|
|
### Manual installation |
|
|
|
|
|
|
|
|
|
|
@ -42,21 +56,20 @@ To manually enable two factor authentication for the User model, you should add |
|
|
|
:recoverable, :rememberable, :trackable, :validatable, :two_factor_authenticatable |
|
|
|
:recoverable, :rememberable, :trackable, :validatable, :two_factor_authenticatable |
|
|
|
``` |
|
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
Two default parameters |
|
|
|
Add the following line to your model to fully enable two-factor auth: |
|
|
|
|
|
|
|
|
|
|
|
```ruby |
|
|
|
has_one_time_password |
|
|
|
config.devise.login_code_random_pattern = /\w+/ |
|
|
|
|
|
|
|
config.devise.max_login_attempts = 3 |
|
|
|
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Possible random patterns |
|
|
|
Set config values if desired for maximum second factor attempts count and allowed time drift for one-time passwords: |
|
|
|
|
|
|
|
|
|
|
|
```ruby |
|
|
|
config.max_login_attempts = 3 |
|
|
|
/\d{5}/ |
|
|
|
config.allowed_otp_drift_seconds = 30 |
|
|
|
/\w{4,8}/ |
|
|
|
|
|
|
|
``` |
|
|
|
Override the method to send one-time passwords in your model, this is automatically called when a user logs in: |
|
|
|
|
|
|
|
|
|
|
|
see more https://github.com/benburkert/randexp |
|
|
|
def send_two_factor_authentication_code |
|
|
|
|
|
|
|
# use Model#otp_code and send via SMS, etc. |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
### Customisation |
|
|
|
### Customisation |
|
|
|
|
|
|
|
|
|
|
@ -69,22 +82,3 @@ By default second factor authentication enabled for each user, you can change it |
|
|
|
``` |
|
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
this will disable two factor authentication for local users |
|
|
|
this will disable two factor authentication for local users |
|
|
|
|
|
|
|
|
|
|
|
Your send sms logic should be in this method in your User model: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```ruby |
|
|
|
|
|
|
|
def send_two_factor_authentication_code(code) |
|
|
|
|
|
|
|
puts code |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This example just puts the code in the logs. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### External dependencies |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Randexp requires words files (Check if it is installed in /usr/share/dict/words or /usr/dict/words), |
|
|
|
|
|
|
|
you might need install it: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```bash |
|
|
|
|
|
|
|
apt-get install wbritish # or whichever you require |
|
|
|
|
|
|
|
``` |
|
|
|
|
|
|
|