= Documentation for OTP Feature

The otp feature implements a 2 factor authentication via time-based one-time
passwords (TOTP).  It supports signing up for 2 factor authentication, logging
in with authentication codes, and disabling two factor authentication.

The otp feature requires the rotp and rqrcode gems.

== Auth Value Methods

otp_already_setup_error_flash :: The flash error to show if going to the OTP setup
                                 page when OTP is already setup.
otp_already_setup_redirect :: Where to redirect if going to the OTP setup page when OTP
                              has already been setup.
otp_auth_additional_form_tags :: HTML fragment containing additional form tags to use on
                                 the OTP authentication form.
otp_auth_button :: Text to use for button on OTP authentication form.
otp_auth_error_flash :: The flash error to show if unable to authenticate via OTP.
otp_auth_failures_limit :: The number of allowed OTP authentication failures before locking
                           out.
otp_auth_form_footer :: A footer to display at the bottom of the OTP authentication form.
otp_auth_label :: The label for the OTP authentication code.
otp_auth_param :: The parameter name for the OTP authentication code.
otp_auth_route :: The route to the OTP authentication action.
otp_class :: The class to use for OTP authentication (default: ROTP::TOTP)
otp_digits :: The number of digits to use in OTP authentication codes (rotp's default is 6).
otp_disable_additional_form_tags :: HTML fragment containing additional form tags to use on
                                    the from to disable OTP authentication.
otp_disable_button :: The text to use for button on form to disable OTP authentication.
otp_disable_error_flash :: The flash error to show if unable to disable OTP authentication.
otp_disable_notice_flash :: The flash notice to show after disabling OTP authentication.
otp_disable_redirect :: Where to redirect after disabling OTP authentication.
otp_disable_route :: The route to the OTP disable action.
otp_drift :: The number of seconds the client and server are allowed to drift apart. The
             default is nil, to not allow drift.
otp_invalid_auth_code_message :: The error message to show when an invalid OTP authentication
                                 code is used.
otp_invalid_secret_message :: The error message to show when an invalid OTP secret is submitted
                              during OTP setup.
otp_interval :: The number of seconds in which to rotate TOTP auth codes (rotp's default is 300).
otp_issuer :: The issuer to use in the OTP provisioning URL.  Defaults to the host name of the
              request.
otp_keys_id_column :: The column in the otp_keys_table containing the account id.
otp_keys_column :: The column in the otp_keys_table containing the OTP secret.
otp_keys_failures_column :: The column in the otp_keys_table containing the
                            number of OTP authentication failures.
otp_keys_last_use_column :: The column in otp_keys_table containing the last authentication
                            timestamp.
otp_keys_table :: The table name containing the OTP secrets.
otp_lockout_redirect :: Where to redirect if going to OTP authentication page and OTP
                        authentication has been locked out.
otp_lockout_error_flash :: The flash error show show when OTP authentication has been locked
                           out due to numerous authentication failures.
otp_modifications_require_password? :: Whether modifying OTP settings requires reentering the
                                       password for the account, true by default.
otp_session_key :: The session key used to store whether the user has authenticated via OTP.
otp_setup_additional_form_tags :: HTML fragment containing additional form tags when setting up
                                  OTP authentication.
otp_setup_button :: Text for the button when setting up OTP authentication.
otp_setup_error_flash :: The flash error to show if OTP authentication setup was not successful.
otp_setup_notice_flash :: The flash notice to show if OTP authentication setup was successful.
otp_setup_param :: The parameter name used for the OTP secret when setting up OTP authentication.
otp_setup_redirect :: Where to redirect after sucessful OTP authentication setup.
otp_setup_route :: The route to the OTP setup action.

== Auth Methods

after_otp_authentication_failure :: Run arbitrary code after OTP authentication failure.
after_otp_disable :: Run arbitrary code after OTP authentication has been disabled.
after_otp_setup :: Run arbitrary code after OTP authentication has been setup.
before_otp_authentication :: Run arbitrary code before OTP authentication.
before_otp_authentication_route :: Run arbitrary code before handling an OTP authentication route.
before_otp_setup :: Run arbitrary code before OTP authentication setup.
before_otp_setup_route :: Run arbitrary code before handling an OTP authentication setup route.
before_otp_disable :: Run arbitrary code before OTP authentication disabling.
before_otp_disable_route :: Run arbitrary code before handling an OTP authentication disable route.
otp :: The object used for verifying OTP authentication attempts.
otp_add_key(secret) :: Add an OTP key for the current account with the given secret.
otp_auth_view :: The HTML to use for the OTP authentication form.
otp_disable_view :: The HTML to use for the OTP disable form.
otp_exists? :: Whether the current account has setup OTP.
otp_key :: The stored OTP secret for the account.
otp_locked_out? :: Whether the current account has been locked out of OTP authentication.
otp_new_secret :: A new secret to use when setting up OTP.
otp_provisioning_name :: The provisioning name to use during OTP setup, defaults to the
                         account's email.
otp_provisioning_uri :: The provisioning URI displayed during OTP setup.
otp_qr_code :: The QR code containing the otp_provisioning_uri, by default an SVG image.
otp_record_authentication_failure :: Record an OTP authentication failure.
otp_remove :: Removes all stored OTP data for the current account.
otp_remove_auth_failures :: Removes OTP authentication failures for the current account,
                            used after successful OTP authentication.
otp_setup_view :: The HTML to use for the form to setup OTP authentication.
otp_tmp_key(secret) :: Set the secret to use for the OTP key.
otp_update_last_use :: Update the last time OTP authentication was successful for the
                       account.  Return true if the authentication should be allowed, or
                       false if it should not be allowed because the last authentication
                       was too recent and indicates the possible reuse of a TOTP
                       authentication code.
otp_valid_code?(auth_code) :: Whether the given code is the currently valid OTP auth
                              code for the account.
otp_valid_key?(secret) :: Whether the given secret is a valid OTP secret.