Comments (10)
leevlad
commented on July 20, 2024
3
For those of you still running into this issue - if you're seeing this error show up in the rails console, it's most likely that your spring hasn't reloaded the environment variable. Exit out of the console, run spring stop, and then start the console again.
from devise-two-factor.
QuinnWilton
commented on July 20, 2024
Hi @kiote! Glad you're enjoying the gem :)
I can't recall the last time I've run the generator with a model named something other than User, so it's possible that something went wrong there. Can you confirm that your AdminUser model has a line that looks something like this?
devise :two_factor_authenticatable,
:otp_secret_encryption_key => ENV['YOUR_ENCRYPTION_KEY_HERE']
It sounds like the issue is that :otp_secret_encryption_key is not being passed to the gem. It's also possible that you just don't have an encryption key set, in which case you'll want to make sure that the environment variable is populated with your key. If you don't have a key, you can generate one using SecureRandom
Let me know if this helps!
from devise-two-factor.
kiote
commented on July 20, 2024
Thanks! I've suspected the same at first, so I've made sure that I have something in the ENCRYPTION_KEY variable. Just re-checked that. In my model:
devise :recoverable, :rememberable, :trackable, :validatable,
:two_factor_authenticatable,
otp_secret_encryption_key: ENV['ENCRYPTION_KEY']
and from command line:
echo $ENCRYPTION_KEY
some encryption key
so at least this seems to be in place.
from devise-two-factor.
kiote
commented on July 20, 2024
Seems like after updating all stuff things went back to normal.
from devise-two-factor.
eranbenmoha
commented on July 20, 2024
@kiote Could you please specify what have you done to resolve the issue? I'm facing it right now
from devise-two-factor.
krtschmr
commented on July 20, 2024
@leevlad unfortunately no.
i had OTP working, then restarted my VM and now it's breaking again
tim@vm:~/rails/buy_crypto$ spring stop
Spring stopped.
tim@vm:~/rails/buy_crypto$ rails c
Running via Spring preloader in process 3567
Loading development environment (Rails 5.2.2)
[1] pry(main)> u = User.first
User Load (0.2ms) SELECT "users".* FROM "users" ORDER BY "users"."id" ASC LIMIT ? [["LIMIT", 1]]
=> #<User id: 1, email: "[email protected]", created_at: "2019-01-29 03:46:34", updated_at: "2019-01-29 03:46:34", eur_balance: 12500.0, btc_balance: 0.0, xmr_balance: 0.0, google_2fa: nil, encrypted_otp_secret: nil, encrypted_otp_secret_iv: nil, encrypted_otp_secret_salt: nil, consumed_timestep: nil, otp_required_for_login: nil, otp_secret: nil>
[2] pry(main)> u.otp_required_for_login = true
=> true
[3] pry(main)> u.otp_secret = "6fmq4ppm2eabwuphlrlskwae"
ArgumentError: must specify a key
from /home/tim/.rvm/gems/ruby-2.6.0/gems/encryptor-3.0.0/lib/encryptor.rb:56:in `crypt'
[4] pry(main)> u.otp_secret = User.generate_otp_secret
ArgumentError: must specify a key
from /home/tim/.rvm/gems/ruby-2.6.0/gems/encryptor-3.0.0/lib/encryptor.rb:56:in `crypt'
from devise-two-factor.
krtschmr
commented on July 20, 2024
devise :two_factor_authenticatable, :otp_secret_encryption_key => ENV['YOUR_ENCRYPTION_KEY_HERE']
it's also set
tim@vm:~/rails/buy_crypto$ export YOUR_ENCRYPTION_KEY_HERE="a3ebaae85c248da81427623959753e46b9fcb8a0d630a1e41c1dffe03596bf2ffd9701bf69fa0dd598f3c45103bdba7e956d0d3560916859884de92d1f51fe16"
tim@vm:~/rails/buy_crypto$ $YOUR_ENCRYPTION_KEY_HERE
a3ebaae85c248da81427623959753e46b9fcb8a0d630a1e41c1dffe03596bf2ffd9701bf69fa0dd598f3c45103bdba7e956d0d3560916859884de92d1f51fe16: command not found
tim@vm:~/rails/buy_crypto$ rails c
Running via Spring preloader in process 3747
Loading development environment (Rails 5.2.2)
[1] pry(main)> u = User.first
User Load (0.2ms) SELECT "users".* FROM "users" ORDER BY "users"."id" ASC LIMIT ? [["LIMIT", 1]]
=> #<User id: 1, email: "[email protected]", created_at: "2019-01-29 03:46:34", updated_at: "2019-01-29 03:46:34", eur_balance: 12500.0, btc_balance: 0.0, xmr_balance: 0.0, google_2fa: nil, encrypted_otp_secret: nil, encrypted_otp_secret_iv: nil, encrypted_otp_secret_salt: nil, consumed_timestep: nil, otp_required_for_login: nil, otp_secret: nil>
[2] pry(main)> u.otp_secret = "6fmq4ppm2eabwuphlrlskwae"
ArgumentError: must specify a key
from /home/tim/.rvm/gems/ruby-2.6.0/gems/encryptor-3.0.0/lib/encryptor.rb:56:in `crypt'
[3] pry(main)>
from devise-two-factor.
AshAngell
commented on July 20, 2024
I noticed the issue is closed, but is there a fix for this, because I implemented this and it works in development, but no on production. Have tested the environment variable in rails c production and it is passed through correctly; but the error is thrown. Any ideas?
from devise-two-factor.
krtschmr
commented on July 20, 2024
full stacktrace? check exception in log/production.log or newrelic if you use it
from devise-two-factor.
leevlad
commented on July 20, 2024
I would suggest dropping a debugger at the location of the exception thrown (e.g. in /home/tim/.rvm/gems/ruby-2.6.0/gems/encryptor-3.0.0/lib/encryptor.rb:56), and inspecting parameters passed, and repeating the process by dropping the debugger up the stack trace until you find the problem
(can use Thread.current.backtrace.join("\n") to get the stack trace).
from devise-two-factor.
Related Issues (20)
- Remove "Rails 4" misleading sentences from readme
- NoMethodError Exception: undefined method `tr' for nil:NilClass HOT 1
- Require email verification when enabling Authenticator App type
- Generator throws exception HOT 1
- `Devise.add_module(:two_factor_authenticatable)` should be inserted on top
- calling super in the two factor strategy is problematic...
- Remove the old `otp_secret_encryption_key` in the UPGRADING.md guide
- Git tag for v4.1.0 appears to be missing HOT 2
- No changelog for 4.1.0
- `user.current_otp` code sent to user are always invalid HOT 1
- [question] mass users update?
- Not required on every login HOT 1
- Rails 7.1 on 4.x HOT 1
- Support for Rails 7.1 HOT 3
- ActiveRecord::Encryption::Errors::Decryption error on login after upgrade to Rails 7.1 defaults HOT 3
- Backup codes aren't written to the database so can't be used HOT 1
- Clarification on GHSA-chcr-x7hc-8fp8 HOT 8
- Lockbox instead of ActiveRecord encrypted attributes HOT 1
- Remove faker or make it gem dependency? HOT 4
- Possible to set logo?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from devise-two-factor.