{"id":16683483,"url":"https://github.com/marcominerva/twofactorauthenticationsample","last_synced_at":"2025-04-09T23:24:40.247Z","repository":{"id":256977431,"uuid":"851166634","full_name":"marcominerva/TwoFactorAuthenticationSample","owner":"marcominerva","description":"A sample that showcases how to implement Two-Factor authentication in a Web API using an external Authenticator app","archived":false,"fork":false,"pushed_at":"2025-03-07T09:59:31.000Z","size":55,"stargazers_count":21,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-24T01:13:37.469Z","etag":null,"topics":["authentication","authenticator-app","csharp","minimal-api","qrcode","two-factor-authentication","visual-studio","web-api"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marcominerva.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-02T14:50:18.000Z","updated_at":"2025-03-07T09:59:35.000Z","dependencies_parsed_at":"2024-09-14T06:39:28.173Z","dependency_job_id":"7db09987-560d-4b43-b534-5d15f5c1b606","html_url":"https://github.com/marcominerva/TwoFactorAuthenticationSample","commit_stats":null,"previous_names":["marcominerva/twofactorauthenticationsample"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcominerva%2FTwoFactorAuthenticationSample","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcominerva%2FTwoFactorAuthenticationSample/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcominerva%2FTwoFactorAuthenticationSample/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marcominerva%2FTwoFactorAuthenticationSample/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marcominerva","download_url":"https://codeload.github.com/marcominerva/TwoFactorAuthenticationSample/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248127263,"owners_count":21052220,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authenticator-app","csharp","minimal-api","qrcode","two-factor-authentication","visual-studio","web-api"],"created_at":"2024-10-12T14:24:55.537Z","updated_at":"2025-04-09T23:24:40.221Z","avatar_url":"https://github.com/marcominerva.png","language":"C#","readme":"# Two-Factor Authentication Sample\n\nA sample that showcases how to implement Two-Factor authentication in a Web API using an external Authenticator app.\n\n### Setup\n\n- Open the [appsettings.json](https://github.com/marcominerva/TwoFactorAuthenticationSample/blob/master/TwoFactorAuthenticationSample/appsettings.json) file and set the connection string to the database\n- Run the application\n\n### How it works\n\n- Call `/api/auth/register` to register a new user\n- Call `/api/auth/login` to get a user token (this is not the JWT and expires after 5 minutes)\n- Call `/api/auth/qrcode` with the user token to get the QR Code to add the account to the Authenticator app (note: the QR Code can be obtain only once, this is by design in this sample)\n- Call `/api/auth/validate` with the user token and the OTP code to get the actual JWT\n\nThe built-in support for Two-Factor authentication in ASP.NET Core lacks some features. We may want to handle the other options that are provided by the [RFC 6238](http://tools.ietf.org/html/rfc6238), for example:\n\n- Getting the time step of OTP verification to check that the code has only been validated once\n- Defining the window of time steps that are considered [acceptable](http://tools.ietf.org/html/rfc6238#section-5.2) for validation\n\nIn this case, it is possible to take a look to [Otp.Net](https://github.com/kspearrin/Otp.NET) and use it to implement the [OTP verification](https://github.com/marcominerva/TwoFactorAuthenticationSample/blob/master/TwoFactorAuthenticationSample/Program.cs#L169-L174).","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcominerva%2Ftwofactorauthenticationsample","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarcominerva%2Ftwofactorauthenticationsample","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarcominerva%2Ftwofactorauthenticationsample/lists"}