Skip to content
/ example-totp-vault Public

An example Ruby class and Sinatra application for use with Google Authenticator

8 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bithive/example-totp-vault

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
lib
lib
 
 
public
public
 
 
views
views
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README
README
 
 
server.rb
server.rb
 
 

Repository files navigation

# Usage

Starting the server requires providing the vault password:

    $ ruby server.rb 
    Enter the vault password:

The server will not start if this does not match the password that was entered on the first run.  Without this step the secrets would have to be stored unencrypted, which is less than ideal.

Since I can't start the server unattended I detach it using `screen`.  An Apache virtual host enforces authorization rules which allow administrators access to the web interface.

Once the server is running, users can be added via the web interface.  When the username is submitted the resulting page displays their secret both as base-32 text and a QR code.  Removing a user is as simple as clicking their name from the home page.

Servers which need to validate OTPs are allowed to access the `/check` method which accepts two parameters, `uid` and `otp` and returns a status code of 200 if the attempt is valid.  This makes it very easy to check a code from within other applications or scripts.

About

An example Ruby class and Sinatra application for use with Google Authenticator

Resources

Readme
Activity

Stars

8 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published