Skip to content

Commit

Permalink
Add function to re-geterante the OTP secret
Browse files Browse the repository at this point in the history
  • Loading branch information
TikiTDO committed Sep 24, 2014
1 parent 9292678 commit a0055cf
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
6 changes: 5 additions & 1 deletion lib/active_model/one_time_password.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ def has_one_time_password(options = {})

include InstanceMethodsOnActivation

before_create { self.otp_column ||= ROTP::Base32.random_base32 }
before_create { self.otp_regenerate_secret if !self.otp_column}

if respond_to?(:attributes_protected_by_default)
def self.attributes_protected_by_default #:nodoc:
Expand All @@ -21,6 +21,10 @@ def self.attributes_protected_by_default #:nodoc:
end

module InstanceMethodsOnActivation
def otp_regenerate_secret
self.otp_column = ROTP::Base32.random_base32
end

def authenticate_otp(code, options = {})
totp = ROTP::TOTP.new(self.otp_column)
if drift = options[:drift]
Expand Down
6 changes: 6 additions & 0 deletions test/one_time_password_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -46,4 +46,10 @@ def test_provisioning_uri_with_email_field
assert_match %r{otpauth://totp/roberto@heapsource\.com\?secret=\w{16}}, @user.provisioning_uri
assert_match %r{otpauth://totp/roberto@heapsource\.com\?secret=\w{16}}, @visitor.provisioning_uri
end

def test_regenerate_otp
secret = @user.otp_column
@user.otp_regenerate_secret
assert secret != @user.otp_column
end
end

0 comments on commit a0055cf

Please sign in to comment.