Two Factor Authentication With Devise Discussion
Hi i'm getting this error when entering 2fa and after click login
Help me
Please check my code
https://github.com/ynagakru...
Your code snippets use of the incorrect unicode quote characters just wasted me a lot of time in debugging. Need to fix that.
I've had that issue before when copying code from Medium for example. You get in the habit of looking for it after a while, but it does also highlight it can be better to write out the code which helps you to understand it opposed to just copy and pasting.
Up and running :) thanks
One step from gem doc that I dont think was covered
"Filtering sensitive parameters from the logs
To prevent two-factor authentication codes from leaking if your application logs get breached, you'll want to filter sensitive parameters from the Rails logs. Add the following to config/initializers/filter_parameter_logging.rb:"
Rails.application.config.filter_parameters += [:otp_attempt]
Really great Chris. You can even extend this to send SMS quite easily
def pre_otp
user = User.find_by(otp_params)
@two_factor_enabled = user && user.otp_required_for_login
respond_to do |format|
format.js {
# Users should be able to receive their one-time password via SMS
# through a service like Twilio
@otp = user.current_otp if @two_factor_enabled
# ...logic to send @otp
}
end
I am trying to send the user their current_otp via email, but whenever i call current_otp I get an error of NoMethodError (undefined method `scan' for nil:NilClass): ...
It works fine but once I disabled the 2FA and enabled again, I can't log in with the one time password. Did I miss anything?
Thanks,
Pramod
I got this error when I login with 2 factor authenication.
NoMethodError in Users::SessionsController#create
undefined method `each' for #String:0x000055ad15249060
codes = self.otp_backup_codes || []
codes.each do |backup_code|
next unless Devise::Encryptor.compare(self.class, backup_code, code)
codes.delete(backup_code)
The Error is strange to me. There is no Create method in Users::SessionsController in your example code
Can you create a gist with the Users::SessionsController and your Two Factor Auths controller? The above example isn't enough context to see what's going on
The Error is caused by the Sqllite database which does not support array. Once I change the database to postgresql, it is OK.
Thanks for feedback.
No worries, as a rule of thumb postgres is much more powerful than SQL Lite. To configure your next Rails app for Postgres, run this command: rails new myapp --database=postgresql
My issues is: it is easier to use SqlLite as development platform before posting the system.
There is any way to use the 2FA only in a specific action of a controller, after a non-2fa login?
Example: To autheticate a money transfer operation. So I can login without 2FA and see my operation's history, but to do a new transfer it should force the 2FA.
Amazing tutorial, really clear explanations and overall short solution! My first interaction with the lessons and I feel blessed for stumbling upon this resource.