Warden::Ocra
Warden strategy for OCRA: OATH Challenge-Response Algorithm (rfc 6287)
Installation
Add this line to your application's Gemfile:
gem 'warden-ocra'
And then execute:
$ bundle
Or install it yourself as:
$ gem install warden-ocra
Usage
The authentication requires two steps:
- post a user identifier (e.g. email address) this generates the challenge for that user, no authentication is performed
- post the user and the answer to the challenge this actually authenticates the user
Sinatra sample setup
See the spec sample sinatra app for more details.
use Rack::Session::Cookie
use Warden::Manager do |config|
config.default_strategies :ocra_verify, :ocra_challenge
config.failure_app = YourApp
end# step 1
post '/generate_challenge' do
env["warden"].authenticate!
# generates env["warden"].user.challenge
end
# step 2
post '/login' do
env["warden"].authenticate!
# performs the actual authentication
endA User class is assumed to have the following methods.
The user class and its method names can be configured if your model has different methods.
User.find_by_email!(email)User.has_challenge?(email)User.generate_challenge!(email)User#shared_secretUser#challenge
Contributing
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Added some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request