{"id":19951793,"url":"https://github.com/h0llyw00dzz/fiber2fa","last_synced_at":"2025-09-19T12:32:56.686Z","repository":{"id":241154888,"uuid":"804439052","full_name":"H0llyW00dzZ/fiber2fa","owner":"H0llyW00dzZ","description":"This is a custom 2FA (Two-Factor Authentication) middleware for the Fiber web framework. It provides a secure and easy-to-use solution for implementing 2FA in Fiber applications. The middleware supports TOTP (Time-based One-Time Password) authentication and offers customizable configuration options.","archived":false,"fork":false,"pushed_at":"2025-01-07T19:38:00.000Z","size":575,"stargazers_count":1,"open_issues_count":2,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-11T08:54:16.551Z","etag":null,"topics":["advanced","crypto","cryptography","fiber","fiber-framework","go","golang","idiomatic-go","two-factor","two-factor-authentication","twofactor"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/H0llyW00dzZ.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-05-22T15:33:51.000Z","updated_at":"2025-01-01T18:10:43.000Z","dependencies_parsed_at":"2025-01-01T19:21:03.527Z","dependency_job_id":"9656ce84-fcb9-46dc-ada7-2998e3e1fcc2","html_url":"https://github.com/H0llyW00dzZ/fiber2fa","commit_stats":null,"previous_names":["h0llyw00dzz/fiber2fa"],"tags_count":75,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/H0llyW00dzZ%2Ffiber2fa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/H0llyW00dzZ%2Ffiber2fa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/H0llyW00dzZ%2Ffiber2fa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/H0llyW00dzZ%2Ffiber2fa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/H0llyW00dzZ","download_url":"https://codeload.github.com/H0llyW00dzZ/fiber2fa/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":233572111,"owners_count":18696113,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["advanced","crypto","cryptography","fiber","fiber-framework","go","golang","idiomatic-go","two-factor","two-factor-authentication","twofactor"],"created_at":"2024-11-13T01:09:44.362Z","updated_at":"2025-09-19T12:32:51.352Z","avatar_url":"https://github.com/H0llyW00dzZ.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Fiber 2FA Middleware\n[![Go Version](https://img.shields.io/badge/1.22.3-gray?style=flat\u0026logo=go\u0026logoWidth=15)](https://github.com/H0llyW00dzZ/fiber2fa/blob/master/go.mod#L3blob/master/go.mod#L3) [![Go Reference](https://pkg.go.dev/badge/github.com/H0llyW00dzZ/fiber2fa.svg)](https://pkg.go.dev/github.com/H0llyW00dzZ/fiber2fa) [![Go Report Card](https://goreportcard.com/badge/github.com/H0llyW00dzZ/fiber2fa)](https://goreportcard.com/report/github.com/H0llyW00dzZ/fiber2fa) [![Coverage Status](https://coveralls.io/repos/github/H0llyW00dzZ/fiber2fa/badge.svg?branch=master)](https://coveralls.io/github/H0llyW00dzZ/fiber2fa?branch=master)\n\nThis is a custom 2FA (Two-Factor Authentication) middleware for the Fiber web framework. It provides a secure and easy-to-use solution for implementing 2FA in Fiber applications. The middleware supports both HOTP (HMAC-based One-Time Password) and TOTP (Time-based One-Time Password) authentication and offers customizable configuration options.\n\n\u003e [!WARNING]\n\u003e This 2FA middleware is still a work in progress and may not be stable for use in production environments (e.g., QR Code Builder), since it is rewritten from scratch with some improvements. Use it with caution and thoroughly test it before deploying to production. It is recommended to use it locally for testing purposes.\n\n\n\u003e [!NOTE]\n\u003e This 2FA project was inspired by some QR code systems in my country (e.g., https://qris.id/). However, it is built in a modern way and purely written in Go (which is more secure and can leverage the system easily), rather than the traditional way (where it is written in PHP).\n\u003e More QR code system projects might be implemented in the future (e.g., payment systems through banking similar to https://qris.id/).\n\n## Features\n\nThe middleware provides the following features:\n\n### HOTP Authentication (Currently implemented internally)\n- Generation and verification of HOTP tokens\n- Customizable token length and counter synchronization\n- Automatic generation of random secrets if not provided\n- Support for various hash algorithms (SHA1, SHA256, SHA512, BLAKE2b, BLAKE3)\n- Configurable synchronization window for handling counter desynchronization\n- Automatic counter resynchronization based on predefined thresholds\n- Dynamic adjustment of synchronization window size based on counter mismatch frequency\n\n\u003e [!NOTE]\n\u003e Some HOTP implementations here follow the standards defined in [RFC 4226](https://tools.ietf.org/html/rfc4226). However, they are built on top of modern \u0026 advanced cryptographic knowledge and best practices, rather than using outdated or traditional approaches. This is because `Go` is considered one of the best programming languages for `cryptographic` implementations, compared to `C` or `C++`.\n\n### TOTP Authentication\n- Generation and verification of TOTP tokens\n- Customizable token length and time step size\n- Automatic generation of random secrets if not provided\n- Support for various hash algorithms (SHA1, SHA256, SHA512, BLAKE2b, BLAKE3)\n- Configurable synchronization window for handling time drift\n- Automatic token expiration and cleanup\n\n\u003e [!NOTE]\n\u003e Some TOTP implementations here adhere to the standards defined in [RFC 6238](https://tools.ietf.org/html/rfc6238). However, they are built on top of modern \u0026 advanced cryptographic knowledge and best practices, rather than relying on outdated or traditional methods. This is because `Go` is considered one of the best programming languages for `cryptographic` implementations, compared to `C` or `C++`.\n\nThe notes effectively communicate that the HOTP and TOTP implementations follow the respective RFCs while leveraging modern and advanced cryptographic knowledge and best practices. The emphasis on Go's suitability for cryptographic implementations compared to C or C++ is also clearly stated.\n\n### Flexible Storage\n- Support for various storage providers (e.g., in-memory, MongoDB, MySQL, PostgreSQL, Redis, SQLite3)\n- Customizable storage configuration\n\n### Cookie-based Authentication\n- Secure cookie-based authentication for 2FA validation\n- Customizable cookie settings (name, expiration, domain, etc.)\n\n### Customizable Redirect\n- Configurable redirect URL for 2FA validation\n- Ability to skip 2FA for specific paths\n\n### JSON Marshaling and Unmarshaling\n- Customizable JSON marshaling and unmarshaling functions\n- Support for custom JSON encoding/decoding\n\n### Advanced Configuration\n- Customizable context key for storing 2FA information\n- Ability to skip middleware based on custom logic\n\n### QR Code Generation\n- Automatic generation of QR code images for 2FA secret keys\n- Customizable QR code path template\n- Support for custom QR code images\n- Customizable QR code content template\n- Configurable QR code recovery level and image size\n\n### Customizable Token Lookup\n- Flexible token lookup from various sources (header, query, form, param, cookie)\n- Configurable token lookup string format\n\n### Context Key Management\n- Customizable context key for storing 2FA information in the request context\n- Ability to retrieve and manage context keys based on account names\n\n### Error Handling\n- Customizable error handling for unauthorized and internal server errors\n- Support for various response formats (plain text, JSON, XML)\n\n### Built-in 64-bit Integer\n- Most bits and Unix timestamps are built using 64-bit integers, capable of representing dates billions of years into the future.\n\nMore features and validation capabilities will be added in the future to enhance the middleware's functionality and cater to a wider range of validation scenarios.\n\n## TODO:\n- [ ] Support Cloud Messaging Gateway (SMS2FA) for local countries (e.g., INDONESIA), which is more capable than 2FA apps\n\n\u003e [!NOTE]\n\u003e These TODO items will be implemented when the internal components are done, as currently, the project is being rewritten from scratch due to poor ecosystems.\n\n## Benchmark\n\n- #### v0.3.0\n\n```\ngoos: windows\ngoarch: amd64\npkg: github.com/H0llyW00dzZ/fiber2fa\ncpu: AMD Ryzen 9 3900X 12-Core Processor            \nBenchmarkJSONSonicMiddlewareWithInvalidCookie-24         \t  113605\t      9290 ns/op\t    6065 B/op\t      29 allocs/op\nBenchmarkJSONSonicWithValid2FA-24                        \t   55086\t     21073 ns/op\t    9598 B/op\t      66 allocs/op\nBenchmarkJSONSonicWithValidCookie-24                     \t   96120\t     12311 ns/op\t    7399 B/op\t      41 allocs/op\nBenchmarkJSONStdLibraryMiddlewareWithInvalidCookie-24    \t  128434\t      9386 ns/op\t    6003 B/op\t      29 allocs/op\nBenchmarkJSONStdLibraryMiddlewareWithValid2FA-24         \t   49399\t     24714 ns/op\t    8200 B/op\t      68 allocs/op\nBenchmarkJSONStdLibraryWithValidCookie-24                \t   60553\t     20039 ns/op\t    7108 B/op\t      46 allocs/op\n```\n\n\u003e [!NOTE]\n\u003e The benchmark results are based on the latest version of the middleware (v0.3.0) and were performed on a Windows machine with an AMD Ryzen 9 3900X 12-Core Processor. The results may vary depending on the system configuration and environment.\n\u003e\n\u003e The benchmark tests cover different scenarios, including:\n\u003e - Middleware performance with an invalid cookie using the Sonic JSON library\n\u003e - Middleware performance with a valid 2FA token using the Sonic JSON library\n\u003e - Middleware performance with a valid cookie using the Sonic JSON library\n\u003e - Middleware performance with an invalid cookie using the standard library JSON package\n\u003e - Middleware performance with a valid 2FA token using the standard library JSON package\n\u003e - Middleware performance with a valid cookie using the standard library JSON package\n\u003e\n\u003e The benchmark results provide insights into the performance characteristics of the middleware under different conditions and JSON libraries. It's important to consider these results when evaluating the middleware's suitability for specific use cases and performance requirements.\n\u003e\n\u003e Also note that benchmark results may be updated in the future as the middleware evolves and new versions are released.\n\n## Contributing\n\nContributions are welcome! If you encounter any issues or have suggestions for improvements, please open an issue or submit a pull request.\n\n## License\n\nThis project is licensed under the [BSD License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fh0llyw00dzz%2Ffiber2fa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fh0llyw00dzz%2Ffiber2fa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fh0llyw00dzz%2Ffiber2fa/lists"}