问题描述
有谁曾经使用过Devise和Duo安全。看起来我将要覆盖很多设计会话控制器。只是好奇,如果其他人已经下了这条路,并有一些建议谢谢。我最终只是超越了设计会话控制器。只是创建动作。所以登录成功后,实际上将它们退回并发送到DUO登录。如果DUO登录通过,那么它会将用户记录回来。似乎有点复杂,但它确实是我看到它工作的唯一方式。因为如果你不在DUO之前将它们退回,他们可以通过网址跳过DUO。
Has anyone one ever used Devise along with Duo security. It looks like I am going to have to override a lot of the devise session controller. Just curious if anyone else has gone down this path already and have some advice thanks.
I ended up just overriding the devise session controller. Just the create action. So after a successful login it actually logs them back out and sends them to DUO login. If DUO login passes then it logs the user back in. Seems kinda convoluted, but it was really the only way I saw it working. Because if you don't log them back out before DUO they could just skip DUO through the URL.
这篇关于设计和双重安全的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!