SecondFactor
A simple, easy to use HMAC-based and time-based one-time passcode library for two-factor authentication implementations.
This implementation is RFC4226 and RFC6238 compliant.
Roughly based off a similar project I wrote in Go, OTP.
Features
Due to various restrictions in common authenticator apps, base support is aimed for the most common denominator of configurations. Namely, it supports:
- SHA-1 based HMACs
- 30-second timeout
- Six-digit codes
- Base32 secrets
Extensibility to merely render these as modifiable defaults may occur in the future.
Usage
Seed Generation
Merely generates a seed in Base 32 for usage with phones. Can be converted to a QR code.
require 'secondfactor'
seed = SecondFactor::OTP.generate_seed
TOTP Challenge Generation
Generates tokens for three timesteps. Current time minus one step, current time, and current time plus one step.
require 'secondfactor'
seed = SecondFactor::OTP.generate_seed
challenges = SecondFactor::TOTP.generate(seed)
Verify a Token
Verifies a TOTP token against the seed provided. Internally, this calls TOTP.generate, so will verify against the three aforementioned timesteps.
require 'secondfactor'
SecondFactor::TOTP.verify(seed, token)