Giter Site home page Giter Site logo

hienvo / sinatra-rotp Goto Github PK

View Code? Open in Web Editor NEW

This project forked from benbasson/sinatra-rotp

0.0 2.0 0.0 200 KB

A Sinatra REST API wrapping the ROTP library to create a simple multi-factor authentication service.

Home Page: http://sinatra-rotp.herokuapp.com/

License: BSD 3-Clause "New" or "Revised" License

Ruby 39.21% CSS 4.23% JavaScript 20.95% HTML 35.61%

sinatra-rotp's Introduction

The Sinatra One Time Password Service

A Sinatra REST API wrapping the ROTP library, to allow other applications to more easily plug in Time-Based One-Time Passwords (TOTP) for multi-factor authentication.

Generates a QR code for use with Google Authenticator and verifies TOTP codes according to RFC 6238.

For production purposes, please only expose this service over HTTPS, or via local network as the shared secret is passed as a parameter to the service. If the shared secret is compromised, an attacker could easily generate the correct code and bypass this layer of security.

Installation

Fork this repository and then run Bundler to pull the required dependencies:

bundle install

To start up:

rackup config.ru

API Usage

Generate a new base32 secret

/generate-secret

Creates a new base32 token for you to store as a secret key.

Get QR Code

/get-otp-qr-code/:user/:secret/:issuer

Creates a QR code as a PNG containing:

  • The username provided
  • The secret provided (string length must be a multiple of 8)
  • (optionally) The key issuer, usually the system or company name

Verify a code

/verify-otp-code/:secret/:code

Verifies that a user-provided code matches the expected value for the shared secret. Returns a text value of "true" or "false".

Get the current code

/current-otp-code/:secret

Get the current time-based code for a given secret.

Check the service is running

/service-status

Returns the string "Up and running", with the current date/time for verification.

sinatra-rotp's People

Contributors

benbasson avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.