Install rotp gem
In my case I am using an user model to add google 2fa.
Add a new column to store otp_secret in my case the column name is otp_secret.
for ex -
add_column :users, :otp_secret, :string, unique: true
On create of a user set (Base32 string) ROTP::Base32.random_base32 into otp_secret
for ex -
class User
.............
..
.
before_create :set_otp_secret
def set_otp_secret
self.otp_secret = ROTP::Base32.random_base32
end
.
..
.............
end
For existing users you have to manually set otp_secret.
for ex -
User.query_to_exiting_users.each do |user|
user.otp_secret = ROTP::Base32.random_base32
user.save!
end
you should store encrypted otp secret to database for reference - https://gist.github.com/snmmaurya/f49dbf1f4d2ba5ced1ff302a2e8ade90
How to create QR code -
user = User.find(...)
totp = ROTP::TOTP.new(user.otp_secret, issuer: "Service")
qrcode_provisioning_uri = totp.provisioning_uri(user.email)
qrcode_generator_url = "https://chart.googleapis.com/chart?chs=256x256&cht=qr&chl=#{qrcode_provisioning_uri}"
qrcode_generator_url will look like -
https://chart.googleapis.com/chart?chs=256x256&cht=qr&chl=otpauth://totp/[email protected]?secret=qnujcfrgxmlpuygb&issuer=Service
visit on above url, to get QR code image.
if you don't have google authenticator install it and scan QR code image.
for ex-
class User
.............
..
.
before_create :set_otp_secret
def qrcode_provisioning_uri
totp = ROTP::TOTP.new(self.otp_secret, issuer: "Service")
totp.provisioning_uri(self.email)
end
.
..
.............
end
user = User.find(...)
qrcode_generator_url = user.qrcode_provisioning_uri
qrcode_image_generator_url = "https://chart.googleapis.com/chart?chs=256x256&cht=qr&chl=#{qrcode_generator_url}"
How to verify otp at authentication label -
user = User.find .....
rotp = ROTP::TOTP.new(user.otp_secret)
rotp.verify(OTP) # returns true if otp is correct