SecondFactor

A simple, easy to use HMAC-based and time-based one-time passcode library for two-factor authentication implementations.

This implementation is RFC4226 and RFC6238 compliant.

Roughly based off a similar project I wrote in Go, OTP.

Features

Due to various restrictions in common authenticator apps, base support is aimed for the most common denominator of configurations. Namely, it supports:

• SHA-1 based HMACs
• 30-second timeout
• Six-digit codes
• Base32 secrets

Extensibility to merely render these as modifiable defaults may occur in the future.

Usage

Seed Generation

Merely generates a seed in Base 32 for usage with phones. Can be converted to a QR code.

require 'secondfactor'

seed = SecondFactor::OTP.generate_seed

TOTP Challenge Generation

Generates tokens for three timesteps. Current time minus one step, current time, and current time plus one step.

require 'secondfactor'

seed = SecondFactor::OTP.generate_seed
challenges = SecondFactor::TOTP.generate(seed)

Verify a Token

Verifies a TOTP token against the seed provided. Internally, this calls TOTP.generate, so will verify against the three aforementioned timesteps.

require 'secondfactor'

SecondFactor::TOTP.verify(seed, token)