Add support for OTP secret key encryption #62
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
monfresh
force-pushed
the
fix/51-encrypt-otp-secret
branch
2 times, most recently
from
ba8da31
to
4b1c87e
Compare
**Why**: To provide an additional layer of security. The TOTP spec (RFC 6238) recommends encrypting the keys. http://tools.ietf.org/html/rfc6238 **How**: Borrow the encryption code from the `attr_encrypted` gem and use it to encrypt and decrypt the `otp_secret_key` attribute. Allow users to add encryption by passing in `encrypted: true` to `has_one_time_password`. This provides backwards-compatibility for existing users of the gem. See the README updates for more detailed instructions for both new and existing users.
monfresh
force-pushed
the
fix/51-encrypt-otp-secret
branch
from
4b1c87e
to
d2b6d39
Compare
|
Hi @Houdini. Have you had a chance to review this PR? I'd love to know what you think. Thanks! |
|
@monfresh Hello, thanks for commit. |
Houdini
added a commit
that referenced
this pull request
Jan 11, 2016
Add support for OTP secret key encryption
|
Thank you, Dmitrii! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why:
To provide an additional layer of security.
The TOTP spec (RFC 6238) recommends encrypting the keys.
http://tools.ietf.org/html/rfc6238
How:
Borrow the encryption code from the
attr_encryptedgem and use it toencrypt and decrypt the
otp_secret_keyattribute.Allow users to add encryption by passing in
encrypted: truetohas_one_time_password. This provides backwards-compatibility forexisting users of the gem.
See the README updates for more detailed instructions for both new
and existing users.