Asterisk is happy to announce the release of their first (beta) Ruby Gem. The “devise_google_authenticator” gem is a Devise Extension that integrates Google’s 2nd Factor Authenticator into Devise’s authentication scheme. It’s not designed to replace the existing password scheme (database_authenticatable), but it’s ideal to provide a second factor authentication mechanism from your smart phone (Android, Blackberry, iOS).
If you are doing any Rails development and have a need for user authentication/authorisation then you should certainly be checking out Devise. From their site:
Devise is a flexible authentication solution for Rails based on Warden. It:
- Is Rack based;
- Is a complete MVC solution based on Rails engines;
- Allows you to have multiple roles (or models/scopes) signed in at the same time;
- Is based on a modularity concept: use just what you really need.
Lets put together a really simple application.. (I’m assuming you have Ruby 1.9.2, but no other gems available. Also, most of this is following the Rails Guide and the Devise installation process)
Install rails:
$ gem install rails -v 3.2.0 –no-rdoc –no-ri
Create your vanilla app:
$ rails new myapp
Change into your new app:
$ cd myapp
Edit your Gemfile with the following two lines (after gem ‘sqlite3’):
gem ‘devise’, ‘~> 1.5.3’
gem ‘devise_google_authenticator’, ‘0.3.1’
Update your bundle:
$ bundle install
Create some data for your app
$ rails generate scaffold post title body:text
Install Devise:
$ rails generate devise:install
Install Devise Google Authenticator:
$ rails generate devise_google_authenticator:install
Create your user model:
$ rails generate devise User
Add the Devise Google Authenticator scheme:
$ rails generate devise_google_authenticator User
Migrate your database changes:
$ rake db:migrate
Remove the static index page:
$ rm public/index.html
Change the root page (edit your config/routes.rb and add the following below resource :posts):
root :to => ‘posts#index’
Edit your main application controller to require user authentication for all pages (edit app/controllers/application_controller.rb add just after protect_from_forgery) with the following:
before_filter :authenticate_user!
Now start up your app and visit localhost:3000:
$ rails server
After you register your user (after clicking Sign Up), you should be displayed with a QR Code. Simply add this to your Google Authenticator app on your phone, enable the authenticator, close down your browser (to clear your session), revisit the website and after you sign in, you’ll be prompted for your one time password.
Voila!