Openmaize v3.0.1 Openmaize.OnetimePass
Module to handle one-time passwords for use in two factor authentication.
Openmaize.OnetimePass
checks the one-time password, and returns an
openmaize_user
message (the user model) if the one-time password is
correct or an openmaize_error
message if there is an error.
After this function has been called, you need to add the user to the
session, by running put_session(conn, :user_id, id)
, or send an API
token to the user.
Options
There are two options related to the database - in most cases you
will not need to change the repo
and user_model
options:
repo - the name of the repo
- the default is MyApp.Repo - using the name of the project
user_model - the name of the user model
- the default is MyApp.User - using the name of the project
There are also the following options for the one-time passwords:
HMAC-based one-time passwords
token_length - the length of the one-time password
- the default is 6
last - the count when the one-time password was last used
- this count needs to be stored server-side
window - the number of future attempts allowed
- the default is 3
Time-based one-time passwords
token_length - the length of the one-time password
- the default is 6
interval_length - the length of each timed interval
- the default is 30 (seconds)
window - the number of attempts, before and after the current one, allowed
- the default is 1 (1 interval before and 1 interval after)
See the documentation for the Comeonin.Otp module for more details about generating and verifying one-time passwords.
Examples
Add the following line to your controller to call OnetimePass with the default values:
plug Openmaize.OnetimePass when action in [:login_twofa]
And to set the token length to 8 characters:
plug Openmaize.OnetimePass, [token_length: 8] when action in [:login_twofa]