devise-two-factor
rotp
devise-two-factor | rotp | |
---|---|---|
5 | 6 | |
1,184 | 1,573 | |
0.3% | - | |
6.0 | 6.1 | |
about 2 months ago | 4 months ago | |
Ruby | Ruby | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
devise-two-factor
-
Rails Authentication for Compliance
Your authentication mechanism should include multiple factors, something the user knows and something the user has. If you are using Devise, you can use the devise-two-factor gem. If you have custom authentication, you can use the rotp gem to generate OTP codes and verify those during login.
-
Ask HN: Why doesn't MFA as a stand alone API exist?
In Ruby-on-Rails it's part of the authentication framework Devise https://github.com/tinfoil/devise-two-factor and related modules including creating QR codes, backup codes etc. PHP Laraval has similar libraries https://jetstream.laravel.com/2.x/features/two-factor-authen...
Auth0 and similar commercial companies might very good at marketing. Try replacing "API" with "library" or a programming language name.
> It's just not valuable enough for anyone to create
For a commercial API you need to charge $10 USD/month, or equivalent in terms of per-API-call, otherwise your service won't be profitable. You call 5 US cent already expensive, so I think you're right, it's not valuable enough.
-
I resurrected devise-otp from the dead
I've used https://github.com/tinfoil/devise-two-factor before – it's good to know there is a maintained alternative that implements the UI already and is compatible to Rails 7.
-
What's going on with Devise for Rails 7 ?!
Are you referring to the devise two factor authentication gem at https://github.com/tinfoil/devise-two-factor? If so, I have posted a ticket that modifies the gem to use the Rails 7 Active Record encryption capabilities and some folks have been asking if a pull request could be created for it. There is some discussion going on in the issue thread on how to proceed. See https://github.com/tinfoil/devise-two-factor/issues/192 for details.
-
Modern 2FA gem for Devise
devise-two-factor: https://github.com/tinfoil/devise-two-factor
rotp
-
Rails Authentication for Compliance
Your authentication mechanism should include multiple factors, something the user knows and something the user has. If you are using Devise, you can use the devise-two-factor gem. If you have custom authentication, you can use the rotp gem to generate OTP codes and verify those during login.
-
Is there any particular gem like Devise which makes the user Login with phone mumber and use otp to Login imstead of a password??
Aside from SMS scams, SMS is the least secure type of 2FA. I recommend implementing OTP via authenticator apps like Authenticator and 1Password. You can use the rotp gem for this: https://github.com/mdp/rotp
-
How to verify a user email with an activation code rather than an activation link?
What you're describing sounds a lot like OTP https://github.com/mdp/rotp. It's a well known and standard way of issuing one time passwords (typically 6 digits that a user confirms by entering it in).
-
Modern 2FA gem for Devise
rotp: https://github.com/mdp/rotp and
-
Best practices for Two Factor Auth / 2FA in 2021?
Use https://github.com/mdp/rotp/ -- it's super simple to get TOTP 2FA set up. Friends don't let friends use SMS 2FA.
-
26 most popular Ruby/Rails repositories on GitHub in July-August 2020
ROTP (The Ruby One Time Password Library) is a Ruby library for generating and validating one time passwords (HOTP & TOTP) according to RFC 4226 and RFC 6238. It is compatible with Google Authenticator available for Android and iPhone and any other TOTP based implementations. 1,217 stars by now
What are some alternatives?
active_model_otp - Adds methods to set and authenticate against one time passwords (Two-Factor Authentication). Inspired in AM::SecurePassword
rainbow - Ruby gem for colorizing printed text on ANSI terminals
rodauth-rails - Rails integration for Rodauth authentication framework
motion - Reactive frontend UI components for Rails in pure Ruby
authentication-zero - An authentication system generator for Rails applications.
TTY - Toolkit for developing sleek command line apps.
warden - General Rack Authentication Framework
rails-auth - Modular resource-based authentication and authorization for Rails/Rack
Clearance - Rails authentication with email & password.
torch.rb - Deep learning for Ruby, powered by LibTorch
pwned - 😱 An easy, Ruby way to use the Pwned Passwords API.
omniauth-oauth2 - An abstract OAuth2 strategy for OmniAuth.