lib/generators/templates/README
===============================================================================
Device FIDO U2F successfully installed to your application.
You need to:
1) Migrate database changes by running
'rails db:migrate'
2) Adapt your Devise models to include both the FIDO U2F registration and
authentication modules, e.g. change
'devise :database_authenticable ...'
to
'devise :database_authenticable ...,
:fido_usf_registerable, :fido_usf_authenticatable'
3) Modify your application controller
(i.e. app/controllers/application_controller.rb) to always prepend the
'protect_from_forgery' within the action chain, e.g. change
'protect_from_forgery with: :exception'
to
'protect_from_forgery with: :exception, prepend: true'
4) Add 'u2f-api.js' to your javascript assets, e.g. include in
'app/assets/javascript/application.js' the following statement:
'//= require u2f-api'
5) You need to run your server with SSL. Otherwise U2F refuses to work.
Probably you want to install the "thin" gem and use:
'thin start --ssl -p 3000'
to start your development server.
DISCLAIMER: IF YOU DO NOT APPLY ALL CHANGES, IT IS LIKELY THAT
FIDO U2F WILL NOT WORK AS EXPECTED!
===============================================================================