-
Notifications
You must be signed in to change notification settings - Fork 346
Paranoid Verification
Generate verification code that user need to insert before using application. User won't be able to access other parts of application until he fills in this verification code.
Verification code is not being sent via email on anything by default but can be introduced in your app. The intention of this module was hardcore security scenario where user needs to contact application support centre and they will provide him verification code to unlock his account.
Unlike Devise builtsin lockable
module, this is intention based lock not user "faild x-number of attempts" lock.
user = User.first
user.paranoid_verification_code
# => nil
user.paranoid_verification_attempt
# => 0
user.need_paranoid_verification?
# => false
user.generate_paranoid_code
# => true
user.paranoid_verification_code
# => "9aaf4"
user.need_paranoid_verification?
# => true
user.verify_code 'wrong-code'
user.paranoid_verification_attempt
# => 1
user.need_paranoid_verification?
# => true
user.paranoid_attempts_remaining
# => 9
user.verify_code '9aaf4'
user.need_paranoid_verification?
# => false
user.paranoid_verification_code
# => nil
One example of usage could be that after user reset his password he needs to contact support center for verification code. Just add to your authentication resource code similar to this:
class User < ActiveRecord::Base
# ...
def unlock_access!
generate_paranoid_code
super
end
end
Another example is when admin want to lock suspicious account
class User < ActiveRecord::Base
# ...
def lock_user!
generate_paranoid_code
end
end
suspicious_user = User.last
suspicious_user.lock_user!
Due to security best practices it's bad idea to show to user how many attempts he has remaining before the code will regenerate ( discussion )
But if you want to show this to user you can do it by adding something like this to your view:
<p>After <strong><%= Devise.paranoid_code_regenerate_after_attempt %></strong> failed attempts, code will be regenerated<p>
<p><strong><%= resource.paranoid_attempts_remaining %></strong> attempts remaining</p>
# config/initializers/devise.rb
Devise.setup do |config|
# ...
config.paranoid_code_regenerate_after_attempt = 99
# ...
end
..or
Devise.paranoid_code_regenerate_after_attempt = 99