NoPassword is a simple authentication and session engine that removes the need for passwords. Instead, it uses tokens sent to an email address, similar to most forgot password functionality. These tokens created long-lived sessions that can be tracked and revoked easily.
Ben Brown wrote a great article about password-less logins, the same concept implemented by NoPassword.
NoPassword is structured as a Rails Engine, which you can mount in your routes file:
mount Nopassword::Engine, :at => "/nopassword"
You'll need to install the migrations:
rake nopassword:install:migrations
You can set up a signin form with the send_login_email
route and a
request parameter named email
.
If you don't already have email configuerd, create a config/email.yml with your mail server settings.
defaults: &defaults
email_server_address: [YOUR MAIL SERVER]
email_port: [YOUR MAIL PORT]
email_domain: [YOUR MAIL DOMAIN]
email_username: [YOUR MAIL USERNAME]
development:
<<: *defaults
test:
<<: *defaults
production:
<<: *defaults
NoPassword uses the Passw3rd library to manage email credentials.
mkdir config/passwords
cd config/passwords
passw3rd -g
passw3rd -e email_password
[Enter your email password]
Finally, you need to download the latest GeoIP database:
cd db
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz && gzip -d GeoLiteCity.dat.gz
NoPassword uses the MIT-LICENSE.