https://github.com/fredimatteo/twofactorauth

A simple project to handle 2FA with google authenticator
https://github.com/fredimatteo/twofactorauth

2fa fastapi python

Last synced: 5 months ago
JSON representation

A simple project to handle 2FA with google authenticator

• Host: GitHub
• URL: https://github.com/fredimatteo/twofactorauth
• Owner: fredimatteo
• License: apache-2.0
• Created: 2024-04-21T19:20:37.000Z (about 2 years ago)
• Default Branch: main
• Last Pushed: 2024-05-17T13:00:20.000Z (about 2 years ago)
• Last Synced: 2025-07-07T06:46:17.630Z (12 months ago)
• Topics: 2fa, fastapi, python
• Language: Python
• Homepage:
• Size: 257 KB
• Stars: 6
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Two-Factor Authentication (2FA) 🛡️



## Table of Contents

- [Introduction](#introduction)

- [Running the App with Docker](#running-the-app-with-docker)

- [Application Flow](#application-flow)

## Introduction

This Python project aims to enhance skills and learn new concepts related to Two-Factor Authentication (2FA) implementations. 2FA adds an extra layer of security by requiring not only a password and username but also something that only the user has on them—such as a physical token.

## Running the App with Docker 🐳

To run the application using Docker, follow these steps:

1. Navigate to the `twoFactorAuth` directory in your terminal.

2. Execute the command `make docker-up`.

3. This command will create an instance of PostgreSQL and the application, which will be accessible at `0.0.0.0:8000/`.

## Application Flow

The application flow of Two-Factor Authentication (2FA) follows these steps:

1. **Create User**: 

   - API POST `/users/create` is used to create a new user. It returns a token to validate the email.

2. **Verify Email**: 

   - API POST `/auth/verify-mail/{token}` is used to validate the email. It returns a JSON containing:

     - `qrcode_otp`: Base64 encoded QR code to add the user to Google Authenticator.

     - `code_otp`: Secret to manually enter if a camera cannot be used.

3. **User Login**:

   - API POST `/auth/login` is used to log in with a username and password. It returns:

     - `otp_validation_token`: Token to validate the session in the next API call.

4. **Verify OTP**:

   - API POST `/auth/otp/verify` is used to validate the OTP and return an access token and a refresh token.