Is there a way to generate 4 digit code?

heapsource / active_model_otp

Adds methods to set and authenticate against one time passwords (Two-Factor Authentication). Inspired in AM::SecurePassword

MIT License

769 stars 81 forks source link

Is there a way to generate 4 digit code? #12

Closed shivanibhanwal closed 9 years ago

shivanibhanwal commented 10 years ago

Hi @robertomiranda, Thank you for the nice gem. It is really helpful for the OTP generation. I am using it in my project however we have requirement of 4 digit otp code instead of 6 digit. Would like to know is there a way to customise it to make it 4 digit or any number of digit?

Another question about Padding a otp code. I have seen that one of the issue has been closed and there has been a pull request. However I am using active_model_otp (1.0.0) version in my project. But still I am getting 5 digit digit some times randomly. And also I did not set any "padding: false"

Is that change related to padding has been published ?

Thanks Shivani

robertomiranda commented 10 years ago

@shivanibhanwal currently there's not way to specified a length for the code generated, but is something that we can add look https://github.com/mdp/rotp/blob/master/lib/rotp/otp.rb#L14 and would looks like:

class User < ActiveRecord::Base
  has_one_time_password length: 4
end

about your second question, could you paste some code in order to repreduce the issue?. for me is working good

shivanibhanwal commented 10 years ago

Thank you @robertomiranda ! yes I think that would really help as most of the time people use 4 or 6 digit code for OTP I am planning to make this change If I am done soon will send you a PR (will make change here -https://github.com/heapsource/active_model_otp/blob/4ec7c5686211be6cf9a08dc022c69ca7eddf077a/lib/active_model/one_time_password.rb#L9)

shivanibhanwal commented 10 years ago

About the other issue I see code is there in the gem files. In my case I am not using same User table for the Token. I have separate Auth_tokens table for the token. Also the time drift which we needed that is like few minutes so I have passed drift value. When I test my app for 1-2 hours after every 10-15 tries I get one OTP which is 5 digit. And that cause a problem too. when I try to authenticate it it does not authenticate 5 digit otp.

user = self.auth_token
drift_time = Time.now + drift
new_otp = user.otp_code(drift_time)

and this time I got it 3 digit

UPDATE "auth_tokens" SET "otp_code" = 940, "otp_code_expiry" = '2014-08-21 17:11:50.147128'

Its happening verify frequently

shivanibhanwal commented 10 years ago

@robertomiranda About my second query, Issue was the DataType of the "otp_code" field. I was having it as integer and that was trimming these zero paddings. I have implemented dynamic length for the otp_code. I have not sent a PR as I am yet to write tests for it. However you can review my changes here https://github.com/shivanibhanwal/active_model_otp/tree/otp_generation_with_custom_length.

robertomiranda commented 10 years ago

@shivanibhanwal for sure, I'll take a look :+1:, but please open the Pull request anyway this can help us to keep and track better the discussion.

shivanibhanwal commented 10 years ago

Sure