webauthn-ruby
Rodauth
webauthn-ruby | Rodauth | |
---|---|---|
5 | 19 | |
624 | 1,623 | |
1.6% | - | |
5.9 | 8.2 | |
2 months ago | 7 days ago | |
Ruby | Ruby | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
webauthn-ruby
-
Passkey Authentication with Rodauth
Rodauth provides first class support for passkeys, implemented on top of the excellent webauthn-ruby gem. It enables using passkeys as a multifactor authentication method, or for passwordless login and registration. In addition to routes, views and database storage, it also provides the complete JavaScript part that interacts with Web Authentication API for zero configuration.
-
I’ve started discussion + work on updating Devise to support passkeys; we need contributors!
Would it make sense to leverage another gem like https://github.com/cedarcode/webauthn-ruby for this? Or are we thinking a completely devise internal implementation? Either way I’m interested in contributing to this movement for devise
-
Apple Passkey
I've used this gem for rails apps https://github.com/cedarcode/webauthn-ruby
-
Multi-Factor Authentication for Rails with WebAuthn and Devise
Luckily, there is a WebAuthn gem for Ruby (thanks!) that will do all the hard work for us. Just run bundle add webauthn.
-
Best practices for Two Factor Auth / 2FA in 2021?
All OTP-based 2FA methods are phishable. For real security, you should be looking at FIDO (U2F or WebAuthN)
Rodauth
-
Warden of Hanami - hanami.rb basic authentication
There is no Hanami specific authentication library. Rails has a plethora of solutions, but nothing was created for Hanami (at least for the current version). There are framework agnostic tools though. OAuth solutions are like that, JWT, libraries like Rodauth. The last one is particularly interesting for Hanami since it is very much in the same "spirit" in terms of design and it is also the most advanced solution on the ruby market.
-
Passkey Authentication with Rodauth
Rodauth provides first class support for passkeys, implemented on top of the excellent webauthn-ruby gem. It enables using passkeys as a multifactor authentication method, or for passwordless login and registration. In addition to routes, views and database storage, it also provides the complete JavaScript part that interacts with Web Authentication API for zero configuration.
- Rodauth: Ruby's Most Advanced Authentication Framework
-
why is devise industry standard?
I can recommend rodauth: https://github.com/jeremyevans/rodauth It ships with a ton of things. Check out the features section.
-
A First Look at Hanami 2 for Ruby
In general, even though the Hanami ecosystem lacks any "plug-and-play" solutions such as Devise, you can use many existing libraries not tightly coupled to Ruby on Rails. For authentication, you can use Warden, OmniAuth or Rodauth. For uploads there is Shrine. The pagination is built into ROM. Integration with exception catchers such as Rollbar is easy.
-
Social Login in Rails with Rodauth
While Devise provides a convenience layer around OmniAuth, it does nothing to actually sign the user into your app. When I started writing the OmniAuth integration for Rodauth, I wanted to go one step further and actually handle things like persistence of external identities, account creation and login, while still allowing the developer to customize the behaviour. That's how rodauth-omniauth was created. ✨
-
Time to think about swapping off Devise?
You can find the list of possible error identifiers here.
-
I’ve started discussion + work on updating Devise to support passkeys; we need contributors!
You probably meant the webauthn_login, which already supports passwordless.
-
What It Took to Build a Rails Integration for Rodauth
When Rodauth came out, I was excited to finally have a full-featured authentication framework that wasn't tied to Rails, given that existing solutions required either Rails (Devise, Sorcery), or at least Active Record (Authlogic). Even though I mainly develop in Rails, I want other Ruby web frameworks to be viable alternatives, so I'm naturally drawn to generic solutions that everyone can use.
What are some alternatives?
webauthn-with-devise - The companion app for the article "Secure authentication for Rails with WebAuthn and Devise"
Devise - Flexible authentication solution for Rails with Warden.
devise-2fa - Devise 2FA with Time Based OTP/rfc6238 tokens and encrypted secrets.
OmniAuth - OmniAuth is a flexible authentication system utilizing Rack middleware.
fido2-net-lib - FIDO2 .NET library for FIDO2 / WebAuthn Attestation and Assertion using .NET
OAuth2 - A Ruby wrapper for the OAuth 2.0 protocol.
devise-otp - Two Factors authentication for Devise using Time Based OTP/rfc6238 tokens.
JWT - A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard.
fido2 - Open-source FIDO server, featuring the FIDO2 standard. https://demo4.strongkey.com/getstarted/#/openapi/fido
rodauth-rails - Rails integration for Rodauth authentication framework
webauthn-json - 🔏 A small WebAuthn API wrapper that translates to/from pure JSON using base64url.
warden-github-rails - Use GitHub as authorization and more. Use organizations and teams as means of authorization by simply wrapping your rails routes in a block. Also useful to get a user's details through OAuth.