Skip to main content

Two Factor Authentication With Devise Discussion

General • Asked by Chris Oliver

Was looking at this the other week... perfect timing Chris. Legend.


Naga Krushna Yelisetty

Hi i'm getting this error when entering 2fa and after click login
Help me
Please check my code
https://github.com/ynagakru...

https://uploads.disquscdn.c... '


Your code snippets use of the incorrect unicode quote characters just wasted me a lot of time in debugging. Need to fix that.

I've had that issue before when copying code from Medium for example. You get in the habit of looking for it after a while, but it does also highlight it can be better to write out the code which helps you to understand it opposed to just copy and pasting.


Up and running :) thanks

One step from gem doc that I dont think was covered
"Filtering sensitive parameters from the logs
To prevent two-factor authentication codes from leaking if your application logs get breached, you'll want to filter sensitive parameters from the Rails logs. Add the following to config/initializers/filter_parameter_logging.rb:"

Rails.application.config.filter_parameters += [:otp_attempt]


Really great Chris. You can even extend this to send SMS quite easily

def pre_otp
    user = User.find_by(otp_params)
    @two_factor_enabled = user && user.otp_required_for_login

    respond_to do |format|
      format.js {
        # Users should be able to receive their one-time password via SMS
        # through a service like Twilio
        @otp = user.current_otp if @two_factor_enabled
        # ...logic to send @otp
      }
    end

I am trying to send the user their current_otp via email, but whenever i call current_otp I get an error of NoMethodError (undefined method `scan' for nil:NilClass): ...


Login or Create An Account to join the conversation.

Subscribe to the newsletter

Join 22,346+ developers who get early access to new screencasts, articles, guides, updates, and more.

    By clicking this button, you agree to the GoRails Terms of Service and Privacy Policy.

    More of a social being? We're also on Twitter and YouTube.