David Kimura PRO said about 6 years ago on Two Factor Authentication :
You could do it, but you'd likely be overwriting a lot of the devise gem. If this were the direction, I probably wouldn't use devise as it's including so much that wouldn't be applicable in this case. I'd still use the OTP gem as it would be able to handle generating and validating the token.