matheusazzi
commented
5 years ago @robertomiranda Please let me know what do you think about it, this is a useful option in the project I'm working on and it seems others can have that same scenario.
Closed matheusazzi closed 5 years ago
matheusazzi
commented
5 years ago @robertomiranda Please let me know what do you think about it, this is a useful option in the project I'm working on and it seems others can have that same scenario.
robertomiranda
commented
5 years ago @matheusazzi sounds like a good idea 👍, thanks for submitting this PR. Although I wondering if we can extend this idea by adding a conditional option if or unless instead?
class User
has_one_time_password if: :otp_enabled? wdyt?
matheusazzi
commented
5 years ago @robertomiranda Do you mean that otp_enabled will be a column in database? By now I'm just controlling if otp is enabled for users if they have the otp_column filled or not.
I think that's a possible solution but ideally, I prefer not having another column and I'd like to only skip the before_create callback by default for not generating the secret.
codabrink
commented
5 years ago Can we get a new release for this? It's not in version 2.0.1.
On my app 2FA needs to be an opt-in feature. So I'd like to only generate the otp secret manually when users enable it.