使用 Nexmo Verify 登录 Ruby Sinatra 应用程序
Using Nexmo Verify to Login to a Ruby Sinatra App
我在我的 Sinatra 应用程序中找到了 ruby on rails 2fa nexmo verify tutorial but some of it doesn't work on Sinatra because the frameworks have some differences and it doesn't fit what I'm making. Can anyone help me out or lead me in the path of using Nexmo Verify?
post "/" do
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
response = client.send_verification_request(number params[:phonenumber], brand: 'OpenINC')
if response['status'] == '0'
erb :code
else
erb :error
end
end
get'/code' do
erb :code
end
post '/code' do
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
response = client.check_verification_request(code: '1234', request_id: '00e6c3377e5348cdaf567e1417c707a5')
if response['status'] == '0'
erb :start
else
erb :error
end
end
在上面写着 mykey 和 mysecret 的地方我放了我的密钥和秘密,但只是不想把我的实际密钥和秘密放在 Stack OverFlow 上
根据上面的代码,以及 the repo 中的代码,问题只是 request_id 和 code 值是硬编码的。
如果你:
- 存储
request_id 来自对 response = client.send_verification_request(number: params[:phonenumber], brand: 'OpenINC') 调用的响应,例如session[:request_id] = response['request_id']
- 获取用户在
post /code 路由中提交的代码,例如code = params[:code]
- 从
post /code 路由中的 session 检索 request_id 例如request_id = session[:request_id]
- 检查验证请求时使用
code 和 request_id 例如`check_verification_request(代码:代码,request_id:request_id)
然后代码就可以工作了。
完整的基本示例:
post "/" do
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
response = client.send_verification_request(number: params[:phonenumber], brand: 'OpenINC')
# 1. Store request_id
session[:request_id] = response['request_id']
if response['status'] == '0'
erb :code
else
erb :error
end
end
get'/code' do
erb :code
end
post '/code' do
# 2. Get the user verification code
code = params[:code]
# 3. Retrieve the request_id
request_id = session[:request_id]
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
# 4. Use the code and request_id
response = client.check_verification_request(code: code, request_id: request_id)
if response['status'] == '0'
erb :start
else
erb :error
end
end
我还针对您的回购 here with this commit 提交了包含主要详细信息的 PR。
我在我的 Sinatra 应用程序中找到了 ruby on rails 2fa nexmo verify tutorial but some of it doesn't work on Sinatra because the frameworks have some differences and it doesn't fit what I'm making. Can anyone help me out or lead me in the path of using Nexmo Verify?
post "/" do
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
response = client.send_verification_request(number params[:phonenumber], brand: 'OpenINC')
if response['status'] == '0'
erb :code
else
erb :error
end
end
get'/code' do
erb :code
end
post '/code' do
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
response = client.check_verification_request(code: '1234', request_id: '00e6c3377e5348cdaf567e1417c707a5')
if response['status'] == '0'
erb :start
else
erb :error
end
end
在上面写着 mykey 和 mysecret 的地方我放了我的密钥和秘密,但只是不想把我的实际密钥和秘密放在 Stack OverFlow 上
根据上面的代码,以及 the repo 中的代码,问题只是 request_id 和 code 值是硬编码的。
如果你:
- 存储
request_id来自对response = client.send_verification_request(number: params[:phonenumber], brand: 'OpenINC')调用的响应,例如session[:request_id] = response['request_id'] - 获取用户在
post /code路由中提交的代码,例如code = params[:code] - 从
post /code路由中的session检索request_id例如request_id = session[:request_id] - 检查验证请求时使用
code和request_id例如`check_verification_request(代码:代码,request_id:request_id)
然后代码就可以工作了。
完整的基本示例:
post "/" do
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
response = client.send_verification_request(number: params[:phonenumber], brand: 'OpenINC')
# 1. Store request_id
session[:request_id] = response['request_id']
if response['status'] == '0'
erb :code
else
erb :error
end
end
get'/code' do
erb :code
end
post '/code' do
# 2. Get the user verification code
code = params[:code]
# 3. Retrieve the request_id
request_id = session[:request_id]
client = Nexmo::Client.new(key: 'mykey', secret: 'mysecret')
# 4. Use the code and request_id
response = client.check_verification_request(code: code, request_id: request_id)
if response['status'] == '0'
erb :start
else
erb :error
end
end
我还针对您的回购 here with this commit 提交了包含主要详细信息的 PR。