{"id":17001985,"url":"https://github.com/rusith/two-factor-auth","last_synced_at":"2026-04-14T19:31:25.277Z","repository":{"id":235635369,"uuid":"613415904","full_name":"rusith/two-factor-auth","owner":"rusith","description":"A sample project which implements TFA using biometrics","archived":false,"fork":false,"pushed_at":"2023-03-16T09:19:40.000Z","size":416,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-09-02T15:39:26.697Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rusith.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-03-13T14:27:01.000Z","updated_at":"2023-03-14T18:50:15.000Z","dependencies_parsed_at":"2024-04-24T04:15:21.467Z","dependency_job_id":"d824108c-2510-44a4-8342-31c1b56e80b2","html_url":"https://github.com/rusith/two-factor-auth","commit_stats":null,"previous_names":["rusith/two-factor-auth"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rusith/two-factor-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rusith%2Ftwo-factor-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rusith%2Ftwo-factor-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rusith%2Ftwo-factor-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rusith%2Ftwo-factor-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rusith","download_url":"https://codeload.github.com/rusith/two-factor-auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rusith%2Ftwo-factor-auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31812968,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T18:05:02.291Z","status":"ssl_error","status_checked_at":"2026-04-14T18:05:01.765Z","response_time":153,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-14T04:26:45.233Z","updated_at":"2026-04-14T19:31:25.262Z","avatar_url":"https://github.com/rusith.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Web Two Factor Authentication\n\nThis is a sample project to demonstrate how to implement a two-factor authentication system using web technologies.\n\n\n\u003cimg src=\"./docs/images/flow.jpg\" height=\"400\"\u003e\n\n### How to run?\n\n1. Make sure you have the latest version of Docker with Docker Compose installed on your machine.\n2. Clone the repository.\n3. Run `docker-compose up` in the root directory of the project.\n4. Make sure the app and API are running.\n5. Open `http://localhost:5173` in your browser.\n\nThis will start a development server.\n\n### High-level overview\n\n- There are 4 main pages in the app\n  - Home - Simple page with a button to go to the dashboard.\n  - Login - Login form with email and password.\n  - Register - Sign up page with name, email password.\n  - Dashboard - the main page of the app. this page is protected and can only be accessed by authenticated users.\n- This app uses JWT for authentication and Webauthn for two-factor authentication.\n- When a user goes into the dashboard, if the user is not authenticated, will be redirected to the login page.\n- If the user is not registered, She can go to the register page and create an account.\n- After the user is registered, she will be redirected to the login page.\n- If the user has already registered a two factor authentication method, she will have to login using the configured method as the second step (after the email and password).\n- After the user is logged in, User will be redirected to the Two Factor Authentication page if a  two factor authentication method is not configured. The user can skip this step if she wants.\n- Once the user is logged in, she can disable or enable the two factor authentication method from the dashboard page.\n- The user can also logout from the dashboard page.\n\n\n### High-level architecture\n\n\u003cimg src=\"./docs/images/high-level.jpg\" height=\"400\"\u003e\n\n\n\n### App notes\n\n- The app (`web` folder) is a single page application bulit using React.\n- Uses fetch to connect to the API.\n  - React Router for routing.\n  - Tailwind CSS for styling.\n  - Vite for bundling.\n- The app is broken down to 4 main features\n  - `auth` - handles authentication and authorization (Login, Register, 2-factor).\n  - `dashboard` - handles the dashboard page.\n  - `home` - Home page.\n  - `shared` - shared components and utilities.\n\n### API notes\n\n- The API (`api` folder) is a a Node.JS application.\n- Uses Express to create the API.\n  - Dotenv for configuration.\n  - Vite for bundling.\n  - Jest for testing.\n  - Prisma to access the database.\n  - Inversify for dependency injection.\n- The API is broken down to 3 main features\n  - `auth` - handles authentication and authorization (Login, Register, 2-factor).\n  - `helpers` - contans helper classes.\n  - `shared` - shared base classes and interfaces.\n\n\n### API Endpoints\n\n- `POST /api/v1/users` - Sign up a new user.\n- `GET /api/v1/users/me` - Get the currently logged in user.\n- `POST /api/v1/auth` - Sign in.\n- `GET /api/v1/auth/two-factor-auth/options` - Get options for TFA registration.\n- `POST /api/v1/auth/two-factor-auth/verify` - Verify the TFA registration.\n- `DELETE /api/v1/auth/two-factor-auth` - De-Register the TFA.\n\n### Webauthen\n\nThis app ueses Webauthn for two-factor authentication. Implemented with the help of \n[SimpleWebAuthn](https://simplewebauthn.dev/)\n\n\n### CI/CD\n\n- The app and the API will be tested and linted for every push using Github Actions.\n- The workflow is defined in the `.github/workflows` folder.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frusith%2Ftwo-factor-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frusith%2Ftwo-factor-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frusith%2Ftwo-factor-auth/lists"}