Coder Social home page Coder Social logo

abhimanyuaryan / two_factor_authentication Goto Github PK

View Code? Open in Web Editor NEW

This project forked from houdini/two_factor_authentication

0.0 0.0 0.0 139 KB

Two factor authentication extension for Devise

License: MIT License

Ruby 94.01% HTML 5.88% JavaScript 0.03% CSS 0.07%

two_factor_authentication's Introduction

Two factor authentication for Devise

Build Status Code Climate

Features

  • control sms code pattern
  • configure max login attempts
  • per user level control if he really need two factor authentication
  • your own sms logic
  • configurable period where users won't be asked for 2FA again

Configuration

Initial Setup

In a Rails environment, require the gem in your Gemfile:

gem 'two_factor_authentication'

Once that's done, run:

bundle install

Automatic installation

In order to add two factor authentication to a model, run the command:

bundle exec rails g two_factor_authentication MODEL

Where MODEL is your model name (e.g. User or Admin). This generator will add :two_factor_authenticatable to your model and create a migration in db/migrate/, which will add :otp_secret_key and :second_factor_attempts_count to your table. Finally, run the migration with:

bundle exec rake db:migrate

Add the following line to your model to fully enable two-factor auth:

has_one_time_password

Set config values, if desired:

config.max_login_attempts = 3  # Maximum second factor attempts count
config.allowed_otp_drift_seconds = 30  # Allowed time drift
config.otp_length = 6  # OTP code length
config.remember_otp_session_for_seconds = 30.days  # Time before browser has to enter OTP code again

Override the method to send one-time passwords in your model, this is automatically called when a user logs in:

def send_two_factor_authentication_code
  # use Model#otp_code and send via SMS, etc.
end

Manual installation

To manually enable two factor authentication for the User model, you should add two_factor_authentication to your devise line, like:

devise :database_authenticatable, :registerable,
       :recoverable, :rememberable, :trackable, :validatable, :two_factor_authenticatable

Add the following line to your model to fully enable two-factor auth:

has_one_time_password

Set config values to devise.rb, if desired:

config.max_login_attempts = 3  # Maximum second factor attempts count
config.allowed_otp_drift_seconds = 30  # Allowed time drift
config.otp_length = 6  # OTP code length
config.remember_otp_session_for_seconds = 30.days  # Time before browser has to enter OTP code again

Override the method to send one-time passwords in your model, this is automatically called when a user logs in:

def send_two_factor_authentication_code
  # use Model#otp_code and send via SMS, etc.
end

Customisation and Usage

By default second factor authentication enabled for each user, you can change it with this method in your User model:

def need_two_factor_authentication?(request)
  request.ip != '127.0.0.1'
end

this will disable two factor authentication for local users

This gem is compatible with Google Authenticator (https://support.google.com/accounts/answer/1066447?hl=en). You can generate provisioning uris by invoking the following method on your model:

user.provisioning_uri #This assumes a user model with an email attributes

This provisioning uri can then be turned in to a QR code if desired so that users may add the app to Google Authenticator easily. Once this is done they may retrieve a one-time password directly from the Google Authenticator app as well as through whatever method you define in send_two_factor_authentication_code

Overriding the view

The default view that shows the form can be overridden by first adding a folder named: "two_factor_authentication" inside "app/views/devise", in here you want to create a "show.html.erb" view.

The full path should be "app/views/devise/two_factor_authentication/show.html.erb"

<h2>Hi, you received a code by email, please enter it below, thanks!</h2>

<%= form_tag([resource_name, :two_factor_authentication], :method => :put) do %>
  <%= text_field_tag :code %>
  <%= submit_tag "Log in!" %>
<% end %>

<%= link_to "Sign out", destroy_user_session_path, :method => :delete %>

Updating existing users with OTP secret key

If you have existing users that needs to be provided with a OTP secret key, so they can take benefit of the two factor authentication, create a rake. It could look like this one below:

desc "rake task to update users with otp secret key"
task :update_users_with_otp_secret_key  => :environment do
	users = User.all

	users.each do |user|
		key = ROTP::Base32.random_base32
		user.update_attributes(:otp_secret_key => key)
		user.save
		puts "Rake[:update_users_with_otp_secret_key] => User '#{user.email}' OTP secret key set to '#{key}'"
	end
end

Example

TwoFactorAuthenticationExample

two_factor_authentication's People

Contributors

houdini avatar rossta avatar mattmueller avatar carvil avatar edg3r avatar johnmichaelbradley avatar znow avatar daveriess avatar rud avatar boffbowsh avatar omb-awong avatar sadfuzzy avatar brissmyr avatar gkopylov avatar wkrsz avatar amoose avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.