twilio / authy-ruby Goto Github PK

Hey.
I've got a trouble when making resend verification code. If I make the same request, I keep getting the same identical code on my phone number. Is there a way to make it unique or to reset numbers?
It seems like I get the same code until the expiration time is out.
Thanks.

Authy::API.register_user should intelligently handle normalized phone number, instead of requiring formatted one, separate from country code.

E.g. it should be able to handle +464790909090 without having to supply separate input of +46 and 4790909090

The authy gem on rubygems links to a 404.

• http://rubygems.org/gems/authy
• http://github.com/authy/authy

Is this the same library or do we need to install from https://github.com/authy/authy-ruby instead?

I am using authy and getting issue in verifying user. I successfully registered the user but failed to verify.

When i check user status it returns

{"status"=>{"authy_id"=>xxxxxx, "confirmed"=>true, "registered"=>false, "country_code"=>92, "phone_number"=>"XXX-XXX-3156", "devices"=>[], "has_hard_token"=>false, "account_disabled"=>false}, "message"=>"User status.", "success"=>true}

When i was verifying user by

Authy::API.verify(:id => xxxxxx, :token => token_on_app, :force => true)

it gives

{"success"=>false, "message"=>"Token format is invalid", "errors"=>{"message"=>"Token format is invalid"}}

but i am giving the correct token.

Please tell me what goes wrong? Thanks

The version number in VERSION is 2.5.1 but in lib/authy/version.rb it's 2.5.0.pre. Which one of these is correct?

I'm getting a few errors from inside of the Response class in this gem?

As this gem is related to my app's security, I'm hesistant to fork it and maintain it myself.

I'd love to submit PR's to this repo, but I see 3 open pull requests that have remained stagnant for over a year.

Are there plans to maintain this repo? Would you like a maintainer?

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

Hello,

I know when test Sent SMS in Heroku here
Post user data(Phone and country code) here
msayefdev.herokuapp.com/api/v1/host/sign_up
can't receive SMS but working in localhost:3000

that my code

def create

 host = Host.new(host_paramssignin)

   if host&.save
     @response = Authy::PhoneVerification.start(
       via: params[:sms],
       country_code: host.country_code,
       phone_number: host.phone_number
     )

      render :json=> host.as_json(:auth_token=>host.authentication_token, :phone_number => host.phone_number ), :status=>201
      return

    else

  warden.custom_failure!

   render :json => host.errors, :status=>422

   end
 end

Can help me ?

request email: https://www.twilio.com/docs/authy/email?code-sample=code-send-a-one-time-passcode-via-email-1&code-language=curl&code-sdk-version=default
and update user's email: https://www.twilio.com/docs/authy/email?code-sample=code-update-authy-user-email-1&code-language=curl&code-sdk-version=default

Hello ,

When make put

    response = Authy::PhoneVerification.start(
      via: params[:sms],
      country_code: @host.country_code,
      phone_number: @host.phone_number
    )

in sing_up have a big number in time request
like "1863 ms" that in postman

that will solve when upgrading in the premium plan in twillo ?

Hello,
when trying to use devise and write that in a controller to verify User with SMS

`  def create

    super do |host|
   authy = Authy::API.register_user(
     email: host.email,
     cellphone: host.phone_number,
     country_code: host.country_code
   )
   host.update(authy_id: authy.id)
 end
  end`

and I show when trying to make an account
unknown attribute 'authy_id' for Host .

Is it/would it be possible to configure this gem to make HTTP calls via a proxy? Possibly via an extra configuration item:

Authy.http_proxy = 'http://myproxy:8080'

Then included in the call to IncludeClient in api.rb or something similar:

include_http_client(Authy.http_proxy, ...

The REST API Provides to send a locale code. But the Ruby API don't work with the locale code.

curl 'https://api.authy.com/protected/json/phones/verification/start?api_key=XXX' \ -d via='sms' \ -d phone_number='111-111-1111' \ -d country_code=1 \ -d locale='es'

Thank You !

Best Regards,

Bilal

Custom Message as well would be really great !

Have you ever got above error? Sometimes, I got that but sometimes, I don't. I don't know how to reproduce it. Here is some log that I got:

A TypeError occurred in sessions#resend_token:

  no implicit conversion from nil to integer
  /Users/tamvo/.rbenv/versions/2.0.0-p451/lib/ruby/2.0.0/timeout.rb:57:in `block in timeout'


-------------------------------
Request:
-------------------------------

  * URL        : http://localhost:3000/sessions/resend_token
  * HTTP Method: POST
  * IP address : 127.0.0.1
  * Parameters : {"email"=>"[email protected]", "controller"=>"sessions", "action"=>"resend_token", "session"=>{"email"=>"[email protected]"}}
  * Timestamp  : 2014-04-05 13:59:08 UTC
  * Rails root : /Volumes/DATA/code/rails/vax
  * Process: 92428

Note that there's no stacktrace here.

I'm using the phone verification api and I'd like to test my phone verification controller for successful cases but I'm not sure I would be charged for this.

I created a new user in Authy App and then I'm trying to enable it in my rails app using https://github.com/twilio/authy-devise gem (also I opened an issue there too twilio/authy-devise#158).

I tried to run on rails console, but it returns a blank object:

    @authy_user = Authy::API.register_user(
      :email => "[email protected]",
      :cellphone => "myvalidnumber",
      :country_code => "validcountrycode"
    )
    
    => {}

What should I do?

It seems there isn't a API for "check" existing users by phone and email (maybe the /users/new API is expecting to create a new user before I set it up on Authy App?). I'm stuck with this and blocking users to use my app (strongly considering to change the 2FA method).

Hello,

Thank you for you work!
I have an app that sends an sms with a verification code to users during signup.

I send it like this: Authy::API.request_sms(:id => user.authy_id)

I was wondering if it is possible to see the exact content of this sms (along with the verification code) during my testing, so I could just directly put the code into the input field when I run my capybara signup test.

Thank you,
Yan

Flaky test failure occurred on README only changes:
https://travis-ci.org/twilio/authy-ruby/jobs/584230201
https://travis-ci.org/twilio/authy-ruby/jobs/595194891

  1) Authy::API user status user exists should be ok
     Failure/Error: super(name, *args, &block)
     
     NoMethodError:
       undefined method `status' for #<Authy::Response:0x00000003a75fc8>
     # ./lib/authy/response.rb:47:in `method_missing'
     # ./spec/authy/api_spec.rb:232:in `block (4 levels) in <top (required)>'

Please check and warn the person.

def self.verify(params)
      token = params.delete(:token) || params.delete('token')
      user_id = params.delete(:id) || params.delete('id')
      params[:force] = true if params[:force].nil? && params['force'].nil?

      url = "#{Authy.api_uri}/protected/json/verify/#{escape_for_url(token)}/#{escape_for_url(user_id)}"
      response = http_client.get(url, {:api_key => Authy.api_key}.merge(params))

      Authy::Response.new(response)
    end

From our chat:

[1:11 PM] XXXXX:

            When trying out the sandbox URL, I get the error: "Requested URL was not found. Please check         http://docs.authy.com/ to see the valid URLs"
    Using the ruby gem

[1:16 PM] Daniel Palacio:

            Try this one sec
    response = Authy::API.verify(:id => @user.authy_id.to_s,  :token => params[:authy_token].to_s)
    Make sure params[:authy_token] and authy_id are not nil
    What I think is happening is one of them is nil so you are hitting the wrong end-point

[1:17 PM] XXXX:

            ahh, that seems to be the case
    if you have an empty string as the token

[1:17 PM] Daniel Palacio:

           Yes, ok so what happens is the authy ruby gem is going to construct the URL
    but it won't be well constructed
    So the API router doesn't know the URL you are trying to hit
    We can modify the gem to Warn on nil values.
    But you still need to fix the code

[1:19 PM] XXXX:

           yeah, I didn't realize that was the cause

We're using the client in a Rails project and from time to time the following error is raised.

URI::InvalidURIErrorbad URI(is not URI?): https://api.authy.com//protected/json/verify/foo bar/000000

The origin of the issue is that the library takes the token parameter and uses it immediately without any further sanitization.

You can reproduce the issue with the following example

Authy::API.verify(:id => user.authy_id, :token => 'token with space', :force => true)

We can indeed validate the user input, but I assume the library should not trust a parameter, especially if this parameter is used to generate an URL path like in this case.

You may want to sanitize or validate every input that is part of an URL.

We need to add it to our code.