Requiring Authy 2 factor authentication with Devise

382 Views Asked by Beth Knight At 05 April 2025 at 13:59

I have an app set up with Devise log in and I want to implement two factor authentication with Authy/Twilio. I have it set up where if the user goes to the path /enable_authy they can get a text-code to verify their account. I'm trying to make it so it's required to do this, not just a bonus.

My routes...

 devise_for :users,
   :controllers => { :omniauth_callbacks => "users/omniauth_callbacks"},
   :path_names => {
    :verify_authy => "/verify-token",
    :enable_authy => "/enable_authy",
    :verify_authy_installation => "/verify-installation"
  }

Original Q&A

There are 1 best solutions below

philnash On 22 May 2017 at 14:26

Twilio developer evangelist here.

There's no way with the gem itself to force a user to enable two factor authentication. You could, however, ensure this yourself with a before_action in your ApplicationController. You'd just need to check whether your signed in user had Authy enabled and redirect them to /enable_authy if they don't.

Something like:

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception

  before_action :ensure_authy_enabled

  private

  def ensure_authy_enabled
    return if params[:controller] == "devise/devise_authy"
    if current_user and !current_user.authy_enabled?
      redirect_to user_enable_authy_path
    end
  end
end

You might also want to set a flash message to explain what's happened or store the path the user was intending to visit so that you can redirect them there after they are set up with 2FA.

Let me know if that helps at all.

Requiring Authy 2 factor authentication with Devise

There are 1 best solutions below

Related Questions in RUBY

Related Questions in DEVISE

Related Questions in TWILIO

Related Questions in AUTHY

Trending Questions

Popular # Hahtags

Popular Questions