{"id":30292656,"url":"https://github.com/priyansh-narang2308/2fa-auth","last_synced_at":"2026-04-16T03:32:40.666Z","repository":{"id":309729579,"uuid":"1037343986","full_name":"priyansh-narang2308/2fa-auth","owner":"priyansh-narang2308","description":"A secure MERN stack authentication system with both 1FA (username/password) and 2FA (TOTP) login flows. Built with Passport.js for primary authentication and Speakeasy for time-based OTP verification. Includes a modern React frontend, Node.js backend, and MongoDB for persistent user and 2FA data.","archived":false,"fork":false,"pushed_at":"2025-08-13T13:31:48.000Z","size":75,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-08-13T14:37:04.588Z","etag":null,"topics":["mern-stack","mongo","passportjs","speakeasyapi","tailwindcss"],"latest_commit_sha":null,"homepage":"https://2fauthh.vercel.app","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/priyansh-narang2308.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-13T12:36:28.000Z","updated_at":"2025-08-13T13:31:52.000Z","dependencies_parsed_at":"2025-08-13T14:37:06.229Z","dependency_job_id":"01007e60-f632-4693-bcfc-034c26cbe2b6","html_url":"https://github.com/priyansh-narang2308/2fa-auth","commit_stats":null,"previous_names":["priyansh-narang2308/2factor-authentication"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/priyansh-narang2308/2fa-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/priyansh-narang2308%2F2fa-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/priyansh-narang2308%2F2fa-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/priyansh-narang2308%2F2fa-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/priyansh-narang2308%2F2fa-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/priyansh-narang2308","download_url":"https://codeload.github.com/priyansh-narang2308/2fa-auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/priyansh-narang2308%2F2fa-auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31870508,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-15T15:24:51.572Z","status":"online","status_checked_at":"2026-04-16T02:00:06.042Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["mern-stack","mongo","passportjs","speakeasyapi","tailwindcss"],"created_at":"2025-08-17T00:37:37.298Z","updated_at":"2026-04-16T03:32:40.647Z","avatar_url":"https://github.com/priyansh-narang2308.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🔐 MERN 2FA Authentication System\n\nA **full-stack authentication system** built using the **MERN stack** that supports **Two-Factor Authentication (2FA)** with **TOTP** verification using [Speakeasy](https://github.com/speakeasyjs/speakeasy) and [Passport.js](http://www.passportjs.org/) for secure user authentication.  \nThis project demonstrates a complete **1FA (username/password)** and **2FA (TOTP)** authentication flow.\n\n---\n\n## 📜 Table of Contents\n- [Features](#features)\n- [Tech Stack](#tech-stack)\n- [Architecture Overview](#architecture-overview)\n- [Authentication Flow](#authentication-flow)\n- [Routes](#routes)\n- [Installation \u0026 Setup](#installation--setup)\n- [Environment Variables](#environment-variables)\n\n---\n\n## ✨ Features\n- **User Registration \u0026 Login** using Passport.js\n- **Session-based authentication**\n- **Two-Factor Authentication (2FA)** using Speakeasy (TOTP)\n- **MongoDB** for persistent storage of users \u0026 2FA secrets\n- **Frontend** built with **React + Vite**\n- **Secure API routes** for authentication\n- **QR Code generation** for easy 2FA setup\n- **Logout \u0026 Session Management**\n- **Status Check Endpoint** to verify authentication state\n\n---\n\n## 🛠 Tech Stack\n\n**Frontend:**\n- React (Vite)\n- Axios\n- Tailwind CSS / CSS Modules\n\n**Backend:**\n- Node.js + Express.js\n- Passport.js\n- Speakeasy (TOTP)\n- MongoDB + Mongoose\n- Express-Session\n- bcrypt.js (password hashing)\n\n---\n\n## 📂 Architecture Overview\n\n```plaintext\nFrontend (React + Vite)\n        |\n        | API Requests (Axios)\n        v\nBackend (Node.js + Express)\n  - Routes\n  - Controllers\n  - Passport.js Auth Strategies\n  - Speakeasy TOTP Handling\n  - MongoDB User Storage\n```\n\n## 🔄 Authentication Flow\n\n### 1FA (Username/Password)\n1. User submits login credentials.\n2. Passport.js validates credentials against MongoDB.\n3. Session is created.\n\n### 2FA (TOTP)\n1. After successful 1FA, if 2FA is enabled:\n2. Backend sends prompt to enter OTP.\n3. OTP is verified using Speakeasy.\n4. If verified, full session access is granted.\n\n## 📜 Routes\n\n### Auth Routes (Passport.js)\n\nPOST   /api/auth/register    → Register new user  \nPOST   /api/auth/login       → Login user  \nPOST   /api/auth/logout      → Logout user  \nGET    /api/auth/status      → Check authentication status  \n\n### 2FA Routes (Speakeasy)\n\nPOST   /api/auth/2fa/setup   → Generate secret \u0026 QR code\nPOST   /api/auth/2fa/verify  → Verify TOTP\nPOST   /api/auth/2fa/reset   → Disable or reset 2FA\n\n## ⚙ Installation \u0026 Setup\n\n### Clone the repository\n```bash\ngit clone https://github.com/priyansh-narang2308/2fa-auth.git\ncd frontend\nnpm install\n```\n\n```bash\ncd backend\nnpm install\n```\n\n```bash\nnpm run dev\n```\n\n## 🌱 Environment Variables\n\n### Create a .env file in backend:\n```bash\nPORT=5000\nMONGO_URI=mongodb://localhost:27017/2fa_auth\nSESSION_SECRET=your_session_secret\nJWT_SECRET=your_jwt\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpriyansh-narang2308%2F2fa-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpriyansh-narang2308%2F2fa-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpriyansh-narang2308%2F2fa-auth/lists"}