Git Product home page Git Product logo

Comments (5)

jaredonline avatar jaredonline commented on June 2, 2024

Hey there,

The google_lookup_token has to be an instance method on the class you're using.

For example:

# app/models/user.rb
class User < ActiveRecord::Base
  acts_as_google_authentic :lookup_token => :persistence_token
end

# app/models/user_mfa_session.rb
class UserMfaSession < GoogleAuthenticatorRails::Session::Base
end

# app/controllers/mfa_session_controller.rb
def class MfaSessionController < ApplicationController
  def create
    UserMfaSession.create(user)
  end
end

The call to UserMfaSession::create will fail for one of three reasons:

  1. user is nil
  2. user doesn't respond to :persistence_token
  3. user.persistence_token is blank

Specifically, to answer your question, you don't need to specify a lookup_token if you don't want to, it will default to :persistence_token, but your model needs to respond to the method persistence_token (either because there's a column in the database with that name of you've defined that method yourself).

You mention setting that field yourself... this gem is written under the assumption you're using some sort of authentication library (eg Devise or Authlogic) and they're managing a persistence token for looking up the currently logged in user. Usually those frameworks handle the setting of that token, if you're not using a token, you'd have to set it yourself.

Hope that helps!

from google-authenticator.

larron avatar larron commented on June 2, 2024

Ok starting to make more sense. My authentication is custom so explains why I'm out of the loop :) What would you suggest as a best practice for this scenario?

from google-authenticator.

jaredonline avatar jaredonline commented on June 2, 2024

My opinion for best best practices would be to let someone else handle the complications of secure authentication, but if you must use the custom scheme, I'd generate a random token for your user and store it in a column in the DB (which will allow google-authenticator-rails to work).

If you don't have a column named persistence_token you could add one there and use it.

from google-authenticator.

larron avatar larron commented on June 2, 2024

Awesome! Thanks for the help Jared.

from google-authenticator.

jaredonline avatar jaredonline commented on June 2, 2024

My pleasure! I'll make some updates to the README to make it more clear (or you could submit a pull request if you have the time).

from google-authenticator.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.