问题
I am using devise for the signin process. Now my requirement is:
*User will enter some answers to the questions during registration.
When the user signin with his email and password, he will be asked with those security questions. If the answers are correct, he will be directed to dashboard or else if he fails to answer (2 out of 3), then the account will be locked.*
Is there any easy method to implement this MFA in Rails?
Thanks in advance..
回答1:
I would recommend using Devise with the security extension. It is a simple setup, and allows a ton of customization.
Follow that up with adding the questions to your sign in page and adding a before_filter in your UserController
before_filter :security_question_answered!
Forcing the user answer this for every login can become tedious. I see security questions more commonly used for reseting a password when someone does not have an email.
Piggy backing off Slicedpan, this is not MFA. Look into two-factor for devise or another gem. Happy coding.
来源:https://stackoverflow.com/questions/20467729/implementing-security-questions