Comments (5)
Hey there,
The google_lookup_token
has to be an instance method on the class you're using.
For example:
# app/models/user.rb
class User < ActiveRecord::Base
acts_as_google_authentic :lookup_token => :persistence_token
end
# app/models/user_mfa_session.rb
class UserMfaSession < GoogleAuthenticatorRails::Session::Base
end
# app/controllers/mfa_session_controller.rb
def class MfaSessionController < ApplicationController
def create
UserMfaSession.create(user)
end
end
The call to UserMfaSession::create
will fail for one of three reasons:
user
isnil
user
doesn't respond to:persistence_token
user.persistence_token
is blank
Specifically, to answer your question, you don't need to specify a lookup_token
if you don't want to, it will default to :persistence_token
, but your model needs to respond to the method persistence_token
(either because there's a column in the database with that name of you've defined that method yourself).
You mention setting that field yourself... this gem is written under the assumption you're using some sort of authentication library (eg Devise or Authlogic) and they're managing a persistence token for looking up the currently logged in user. Usually those frameworks handle the setting of that token, if you're not using a token, you'd have to set it yourself.
Hope that helps!
from google-authenticator.
Ok starting to make more sense. My authentication is custom so explains why I'm out of the loop :) What would you suggest as a best practice for this scenario?
from google-authenticator.
My opinion for best best practices would be to let someone else handle the complications of secure authentication, but if you must use the custom scheme, I'd generate a random token for your user and store it in a column in the DB (which will allow google-authenticator-rails
to work).
If you don't have a column named persistence_token
you could add one there and use it.
from google-authenticator.
Awesome! Thanks for the help Jared.
from google-authenticator.
My pleasure! I'll make some updates to the README
to make it more clear (or you could submit a pull request if you have the time).
from google-authenticator.
Related Issues (20)
- Expires after few seconds HOT 1
- Adding the gem to the project changes the Content-Type of http response to my GraphQL API HOT 2
- :issuer => 'App Name' doesn't work HOT 2
- Mongoid 5 support
- should we use save! in set_google_secret method? HOT 2
- New Release? HOT 2
- Any reason for having strict version dependency on ROTP 1.6.1 HOT 7
- Use with specific roles? HOT 1
- Unable to load tasks/google_authenticator.rake HOT 2
- NoMethodError: undefined method `cookies' for nil:NilClass HOT 9
- Problème avec GoogleAuthenticatorRails::Session::Persistence::TokenNotFound HOT 1
- QR codes not appearing in app HOT 3
- Code difference between app and gem HOT 2
- undefined method `prepend_before_filter' for ActionController::Base:Class HOT 3
- DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper, and ActionText::TagHelper. HOT 1
- Newer Version of ROTP HOT 3
- google_qr_to_base64 method isn't working
- `RailsAdapter::LoadedTooLateError` occurs if Zeitwerk is enabled HOT 3
- [Error] prepend a before_filter in ActionController::Base HOT 1
- unable to delete mfa cookie on production HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from google-authenticator.