-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add option for skipping secret generation #56
Add option for skipping secret generation #56
Conversation
1c5a5b2
to
a21d754
Compare
a21d754
to
91432a1
Compare
@robertomiranda Please let me know what do you think about it, this is a useful option in the project I'm working on and it seems others can have that same scenario. |
@matheusazzi sounds like a good idea 👍, thanks for submitting this PR. Although I wondering if we can extend this idea by adding a conditional option class User
has_one_time_password if: :otp_enabled? wdyt? |
@robertomiranda Do you mean that |
|
||
self.otp_column_name = (options[:column_name] || "otp_secret_key").to_s | ||
self.otp_digits = options[:length] || 6 | ||
|
||
self.otp_counter_based = (options[:counter_based] || false) | ||
self.otp_counter_column_name = (options[:counter_column_name] || "otp_counter").to_s | ||
self.skip_secret_generation = options[:skip_secret_generation] || false | ||
|
||
include InstanceMethodsOnActivation | ||
|
||
before_create do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@robertomiranda Do you mean that otp_enabled will be a column in database? By now I'm just controlling if otp is enabled for users if they have the otp_column filled or not.
I think that's a possible solution but ideally, I prefer not having another column and I'd like to only skip the before_create callback by default for not generating the secret.
@matheusazzi I was thinking of passing the option here:
before_create do | |
before_create(if: condition) do |
It has not to be another column, it could be a method or even a proc taking advantage that active model already provides this functionality:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh I see, thanks for clarifying things @robertomiranda, wdyt about 297f0d1?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
Can we get a new release for this? It's not in version 2.0.1. |
* Add option for skipping secret generation * Use #nil? * Send options to callbacks
* Add option for skipping secret generation * Use #nil? * Send options to callbacks
* Add option for skipping secret generation * Use #nil? * Send options to callbacks
* Add option for skipping secret generation * Use #nil? * Send options to callbacks
On my app 2FA needs to be an opt-in feature. So I'd like to only generate the otp secret manually when users enable it.