lib/google-authenticator-rails.rb
# Stuff the gem requires
#
require 'active_support'
require 'active_record'
require 'openssl'
require 'rotp'
require 'rqrcode'
# Stuff the gem is
#
GOOGLE_AUTHENTICATOR_RAILS_PATH = File.dirname(__FILE__) + "/google-authenticator-rails/"
[
"version",
"action_controller",
"active_record",
"session"
].each do |library|
require GOOGLE_AUTHENTICATOR_RAILS_PATH + library
end
# Sets up some basic accessors for use with the ROTP module
#
module GoogleAuthenticatorRails
def self.encryption_supported?
defined?(Rails) && (Rails::VERSION::MAJOR > 4 || Rails::VERSION::MAJOR == 4 && Rails::VERSION::MINOR > 0)
end
class Railtie < Rails::Railtie
rake_tasks do
load 'tasks/google_authenticator.rake'
end
end if encryption_supported? && !Rails.env.test? # Without this last condition tasks under test are run twice
# Drift is set to 6 because ROTP drift is not inclusive. This allows a drift of 5 seconds.
DRIFT = 6
# How long a Session::Persistence cookie should last.
@@time_until_expiration = 24.hours
# Last part of a Session::Persistence cookie's key
@@cookie_key_suffix = nil
# Additional configuration passed to a Session::Persistence cookie.
@@cookie_options = { :httponly => true }
def self.generate_password(secret, iteration)
ROTP::HOTP.new(secret).at(iteration)
end
def self.time_based_password(secret)
ROTP::TOTP.new(secret).now
end
def self.valid?(code, secret, drift = DRIFT)
!!ROTP::TOTP.new(secret).verify(code, drift_ahead: drift, drift_behind: drift)
end
def self.generate_secret
ROTP::Base32.random
end
def self.time_until_expiration
@@time_until_expiration
end
def self.time_until_expiration=(time_until_expiration)
@@time_until_expiration = time_until_expiration
end
def self.cookie_key_suffix
@@cookie_key_suffix
end
def self.cookie_key_suffix=(suffix)
@@cookie_key_suffix = suffix
end
def self.cookie_options
@@cookie_options
end
def self.cookie_options=(options)
@@cookie_options = options
end
end