Ask A Question


You’re not receiving notifications from this thread.

How do i create a QR code lead authentication strategy

Dearg OBartuin asked in Rails

Hi all,

please visit the popular challenger bank for an example.
Their auth strategy is to present the user with a QR code that changes every 30 seconds (I'm sure this is a representation of some form of hash representing a token). In order for the user to authenticate, they must open the mobile app, authenticate and then scan the QR code via the app. This fires a request back to the provider who then match the two tokens and then authenticated the online website and shows the dashboard.

I am curious how this strategy keeps the login page on the webpage constantly listening for a change in the backend to know for sure the QR code has been scanned from an authenticated device. Are Tide keeping a channel open at their log in page, creating a session cookie and storing it locally. Some scalable and reliable way to return back to the browser from the mobile app.

If you were re-creating this in rails, where would you start?


Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 80,973+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

    © 2024 GoRails, LLC. All rights reserved.