Over a million developers have joined DZone.

No Tears 2-Factor Auth in Rails

Build APIs from SQL and NoSQL or Salesforce data sources in seconds. Read the Creating REST APIs white paper, brought to you in partnership with CA Technologies.

Google Apps, Apple IDs, Yahoo…  All of these large scale online services have two-factor authentication.  I have to admit, I haven't taken advantage of this so far but I seriously intend to get around to it.  It makes your account exponentially more secure.

However, lots of smaller apps are not getting around to making this feature.  I don't see two-factor auth being a problem for users if you make it optional.  Understandably, some people won't trust a company asking for your phone number, which is a common 2nd-factor along with a password.

Is it too difficult then?  Too difficult to build this feature?  Not if you read this sweet new tutorial by Roberto Miranda: Effortless Two-Factor Authentication in Rails

He builds this feature 'effortlessly' with the help of the new ActiveModel::Otp gem.  Otp stands for One-Time-Password, a key component of two-factor auth.  The library also works with Google Authenticator iPhone and Android app.  And it also makes it dead simple to use QR codes with the authentication process, which is demoed in the article.

Like any flashy Ruby program, the code snippets in this tutorial do a ton of stuff with only 3 or 4 lines of code.  Well done Ruby.  I guess you can go bake a cake with all that time you've saved


The Integration Zone is brought to you in partnership with CA Technologies.  Use CA Live API Creator to quickly create complete application backends, with secure APIs and robust application logic, in an easy to use interface.

Topics:

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}