README.md in rotp-5.1.0 vs README.md in rotp-6.0.0

- old
+ new

@@ -16,16 +16,20 @@ * OpenSSL * Ruby 2.0 or higher ## Breaking changes +### Breaking changes in >= 6.0 + +- Dropping support for Ruby <2.3 + ### Breaking changes in >= 5.0 - `ROTP::Base32.random_base32` is now `ROTP::Base32.random` and the argument has changed from secret string length to byte length to allow for more - precision -- Cleaned up the Base32 implementation to better match Google Authenticator's version + precision. There is an alias to allow for `random_base32` for the time being. +- Cleaned up the Base32 implementation to match Google Authenticator's version. ### Breaking changes in >= 4.0 - Simplified API - `verify` now takes options for `drift` and `after` @@ -64,23 +68,23 @@ hotp.at(0) # => "786922" hotp.at(1) # => "595254" hotp.at(1401) # => "259769" # OTP verified with a counter -hotp.verify("316439", 1401) # => 1401 -hotp.verify("316439", 1402) # => nil +hotp.verify("259769", 1401) # => 1401 +hotp.verify("259769", 1402) # => nil ``` ### Preventing reuse of Time based OTP's By keeping track of the last time a user's OTP was verified, we can prevent token reuse during the interval window (default 30 seconds) The following is an example of this in action: ```ruby -User.find(someUserID) +user = User.find(someUserID) totp = ROTP::TOTP.new(user.otp_secret) totp.now # => "492039" # Let's take a look at the last time the user authenticated with an OTP user.last_otp_at # => 1432703530 @@ -127,10 +131,10 @@ Provisioning URI's generated by ROTP are compatible with most One Time Password applications, including Google Authenticator. ```ruby totp = ROTP::TOTP.new("base32secret3232", issuer: "My Service") -totp.provisioning_uri("alice@google.com") # => 'otpauth://totp/My%20Service:alice@google.com?secret=base32secret3232&issuer=My+Service' +totp.provisioning_uri("alice@google.com") # => 'otpauth://totp/My%20Service:alice@google.com?secret=base32secret3232&issuer=My%20Service' hotp = ROTP::HOTP.new("base32secret3232", issuer: "My Service") hotp.provisioning_uri("alice@google.com", 0) # => 'otpauth://hotp/alice@google.com?secret=base32secret3232&counter=0' ```