{"id":29675755,"url":"https://github.com/tooonychen/fuck-2fa","last_synced_at":"2025-07-22T23:38:37.390Z","repository":{"id":305864314,"uuid":"1024151841","full_name":"TooonyChen/fuck-2fa","owner":"TooonyChen","description":"fuck-2fa is a self-host open-source web-based TOTP app","archived":false,"fork":false,"pushed_at":"2025-07-22T10:33:08.000Z","size":76,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-22T12:23:10.023Z","etag":null,"topics":["2fa","2fa-bypass","2factor","otp","otp-verification","totp"],"latest_commit_sha":null,"homepage":"https://fuck-2fa.pages.dev/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TooonyChen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-07-22T09:02:09.000Z","updated_at":"2025-07-22T10:33:11.000Z","dependencies_parsed_at":"2025-07-22T12:23:11.867Z","dependency_job_id":"bd7a6534-26c3-4d8c-b702-7291f5135d1c","html_url":"https://github.com/TooonyChen/fuck-2fa","commit_stats":null,"previous_names":["tooonychen/fuck-2fa"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/TooonyChen/fuck-2fa","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TooonyChen%2Ffuck-2fa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TooonyChen%2Ffuck-2fa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TooonyChen%2Ffuck-2fa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TooonyChen%2Ffuck-2fa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TooonyChen","download_url":"https://codeload.github.com/TooonyChen/fuck-2fa/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TooonyChen%2Ffuck-2fa/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266591232,"owners_count":23953082,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-22T02:00:09.085Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","2fa-bypass","2factor","otp","otp-verification","totp"],"created_at":"2025-07-22T23:38:24.192Z","updated_at":"2025-07-22T23:38:37.378Z","avatar_url":"https://github.com/TooonyChen.png","language":"TypeScript","readme":"# 🔐 Fuck 2FA - Modern TOTP Management Tool\n\nI hate the feeling that I am just sitting there and chilling in front of my desktop, and then outlook force me to enable authentication and tell me to get my phone to download the app. So I coded this: **A sleek, modern TOTP (Time-based One-Time Password) management web-application, built with Next.js and Supabase.**\n\nDemo: https://fuck-2fa.pages.dev/\n\nDemo is hosted on Cloudflare Pages and my free-plan Supabase, all the credentials and secrets are encrypted. If you don't wanna self-host just feel free to use it! But I am not responsible if there is any leakage or loss :/\n\n## 🏗 Architecture\n\n### **Frontend**\n- **Next.js 15** - React framework with App Router\n- **Tailwind CSS** - Utility-first CSS framework  \n- **shadcn/ui** - Modern component library\n- **Open Sans** - Clean, readable typography\n\n### **Backend** \n- **Supabase** - Authentication, database, and Edge Functions\n- **PostgreSQL** - Robust data storage with RLS\n- **Edge Functions** - Serverless TOTP generation (replaced Cloudflare Workers)\n\n### **Security**\n- **JWT Authentication** - Secure user sessions\n- **Row Level Security** - Database-level access control\n- **Encrypted Secrets** - TOTP secrets stored securely\n- **HTTPS Only** - All communications encrypted\n- **CORS Protection** - Proper cross-origin configuration\n\n## 🚀 Quick Start\n\n### Prerequisites\n\n- **Node.js 20+** - [Download here](https://nodejs.org/)\n- **npm or yarn** - Package manager\n- **Supabase account** - [Sign up at supabase.com](https://supabase.com)\n- **Supabase CLI** - [Install guide](https://supabase.com/docs/guides/cli)\n\n### 1. Clone Repository\n\n```bash\ngit clone https://github.com/your-username/fuck-2fa.git\ncd fuck-2fa\n```\n\n### 2. Setup Supabase Project\n\n#### Create Supabase Project\n1. Go to [supabase.com](https://supabase.com) and create a new project\n2. Note down your project URL and anon key\n3. Wait for project initialization (2-3 minutes)\n\n#### Setup Database Schema\n```bash\n# Copy the schema.sql content and run in Supabase SQL Editor\n# Or run via CLI (requires local Supabase setup)\nsupabase db reset\n```\n\n#### Deploy Edge Functions\n```bash\n# Install and configure Supabase CLI\nnpm install -g supabase\nsupabase login\n\n# Link to your project\nsupabase link --project-ref your-project-ref\n\n# Deploy Edge Functions\nsupabase functions deploy generate-totp\nsupabase functions deploy shared-totp\n```\n\nSee detailed deployment guide: [SUPABASE_EDGE_FUNCTIONS.md](SUPABASE_EDGE_FUNCTIONS.md)\n\n### 3. Frontend Setup\n\nSee [Frontend README](frontend/fuck-2fa/README.md)\n\n### 4. Environment Configuration\n\n#### Frontend Environment Variables (`.env.local`)\n```env\n# Supabase Configuration\nNEXT_PUBLIC_SUPABASE_URL=https://your-project-ref.supabase.co\nNEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key\n\n# Optional: Analytics and Monitoring\nNEXT_PUBLIC_GA_ID=your-google-analytics-id\nNEXT_PUBLIC_SENTRY_DSN=your-sentry-dsn\n```\n\n#### Supabase Configuration\n- Enable Row Level Security (RLS) on all tables\n- Configure email templates for magic links\n- Set up custom domains (optional)\n- Configure CORS settings for your domain\n\n## 🎯 Key Features\n\n### **Authentication System**\n- **Email Magic Links** - Passwordless login via Supabase Auth\n- **Persistent Sessions** - Automatic session restoration\n- **Protected Routes** - Authentication-based access control\n- **Secure Logout** - Clean session termination\n\n### **TOTP Management** \n- **Add Secrets** - Support for custom algorithms, digits, and periods\n- **Real-time Codes** - Auto-refreshing TOTP codes with countdown\n- **Share Links** - Temporary public access (24-hour expiry)\n- **Bulk Operations** - Manage multiple TOTP secrets efficiently\n- **Search \u0026 Filter** - Quickly find specific TOTP entries\n\n### **Modern UI/UX**\n- **Dark Theme** - Sophisticated black color scheme\n- **Glassmorphism** - Translucent cards with backdrop blur\n- **Smooth Animations** - Button glows, hover effects, progress bars\n- **Responsive Layout** - Optimized for desktop, tablet, and mobile\n- **Accessibility** - WCAG 2.1 compliant interface\n\n## 🔧 API Endpoints\n\n### User TOTP Generation\n```\nGET /functions/v1/generate-totp?secret_id=xxx\nAuthorization: Bearer \u003cjwt_token\u003e\n\nResponse:\n{\n  \"code\": \"123456\",\n  \"label\": \"Gmail Account\",\n  \"expires_in\": 25\n}\n```\n\n### Shared TOTP Access\n```  \nGET /functions/v1/shared-totp?share_token=abc123\n\nResponse:\n{\n  \"code\": \"654321\",\n  \"label\": \"Shared Service\",\n  \"expires_in\": 18,\n  \"issuer\": \"Example Corp\"\n}\n```\n\n## 🗄️ Database Schema\n\n### `totp_secrets` Table\n- `id` - UUID primary key\n- `user_id` - Foreign key to auth.users\n- `label` - Display name for the secret\n- `issuer` - Optional issuer name\n- `secret` - Base32 encoded TOTP secret\n- `algorithm` - Hash algorithm (SHA1, SHA256, SHA512)\n- `digits` - Code length (6-8)\n- `period` - Refresh interval in seconds\n- `created_at` - Timestamp\n- `updated_at` - Timestamp\n\n### `shared_secrets` Table\n- `id` - UUID primary key  \n- `secret_id` - Foreign key to totp_secrets\n- `share_token` - Public access token\n- `expires_at` - Optional expiration timestamp\n- `created_at` - Timestamp\n\n## 📁 Project Structure\n\n```\nfuck-2fa/\n├── frontend/fuck-2fa/           # Next.js Application\n│   ├── src/\n│   │   ├── app/                 # App Router pages\n│   │   ├── components/          # React components\n│   │   │   ├── ui/              # shadcn/ui base components\n│   │   │   ├── auth/            # Authentication components\n│   │   │   ├── dashboard/       # Dashboard components\n│   │   │   └── totp/            # TOTP-related components\n│   │   ├── contexts/            # React Context providers\n│   │   └── lib/                 # Utilities and configurations\n├── supabase/\n│   ├── functions/               # Edge Functions\n│   │   ├── generate-totp/       # User TOTP generation\n│   │   └── shared-totp/         # Shared TOTP access\n│   └── schema.sql               # Database schema\n├── docs/                        # Additional documentation\n│   ├── DEVELOPMENT.md           # Development and testing guide\n│   ├── SECURITY.md              # Security implementation details\n│   ├── TROUBLESHOOTING.md       # Common issues and solutions\n│   └── PERFORMANCE.md           # Performance optimization guide\n├── SUPABASE_EDGE_FUNCTIONS.md   # Deployment guide\n└── README.md                    # This file\n```\n\n## 🤝 Contributing\n\nWe welcome contributions! Here's how to get started:\n\n### **Quick Start**\n1. Fork the repository\n2. Create a feature branch: `git checkout -b feature/your-feature-name`\n3. Make your changes and test thoroughly\n4. Submit a pull request\n\n## 📄 License\n\nMIT License - feel free to use this project for personal or commercial purposes.\n\nSee [LICENSE](LICENSE) file for details.\n\n---\n\n**🔐 Fuck 2FA** - Making two-factor authentication management beautiful and effortless.\n\n*Built with ❤️ using Next.js and Supabase* \n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftooonychen%2Ffuck-2fa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftooonychen%2Ffuck-2fa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftooonychen%2Ffuck-2fa/lists"}