omniauth-trezor provides an OmniAuth strategy for Trezor Connect.
With this strategy your users can use popular Bitcoin Trezor to login to your website.
Add this line to your application's Gemfile:
And then execute:
Or install it yourself as:
$ gem install omniauth-trezor
In Rails app, add config/initializers/omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do provider :trezor, hosticon: "https://image.url" end
Or, in a Sinatra app:
use OmniAuth::Builder do provider :trezor, hosticon: 'https://example.com/icon.png' end post '/auth/trezor/callback' do auth = request.env['omniauth.auth] # Use the auth info end
These are the options you can specify that are relevant to Omniauth Trezor:
Challenge-response authentication via TREZOR. To protect against replay attacks, you must use a server-side generated and randomized challenge_hidden for every attempt. You can also provide a visual challenge that will be shown on the device.
:visual_challenge - Text that will be shown on the device (defaults to Time.now.strftime("%Y-%m-%d %H:%M:%S")):hidden_challenge - Hidden randomized hex string used to protect agains replay attacks (defaults to SecureRandom.hex(32)):hosticon - Optional site icon https url. Should be at least 48x48px.After successful authentication request.env['omniauth.auth'].extra contains all data that was used to verify the signature: visual_challenge, hidden_challenge, signature and public_key for your additional needs (ie. audit log).
Please support development of this library by donating at: 1EqK3cYaeRWnzzEYTXcXsWBhukJcv5EpXQ
Bug reports and pull requests are welcome on GitHub at https://github.com/kraxnet/omniauth-trezor.
The gem is available as open source under the terms of the MIT License.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4