Phauxth v0.8.1 Phauxth.Otp
Module to handle one-time passwords, usually for use in two factor authentication.
Phauxth.Otp
checks the one-time password, and returns a
phauxth_user
message (the user model) if the one-time password is
correct or a phauxth_error
message if there is an error.
After this function has been called, you need to either add the user
to the session, by running put_session(conn, :user_id, id)
, or send
an API token to the user.
Options
There are the following options for the one-time passwords:
HMAC-based one-time passwords
token_length - the length of the one-time password
- the default is 6
last - the count when the one-time password was last used
- this count needs to be stored server-side
window - the number of future attempts allowed
- the default is 3
Time-based one-time passwords
token_length - the length of the one-time password
- the default is 6
interval_length - the length of each timed interval
- the default is 30 (seconds)
window - the number of attempts, before and after the current one, allowed
- the default is 1 (1 interval before and 1 interval after)
See the documentation for the Comeonin.Otp module for more details about generating and verifying one-time passwords.
Examples
Add the following line to your controller to call Otp with the default values:
plug Phauxth.Otp when action in [:login_twofa]
And to set the token length to 8 characters:
plug Phauxth.Otp, [token_length: 8] when action in [:login_twofa]