Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/marcelo-theodoro/lambdatotp

lambdatotp is an application to implement TOTP authentication using Amazon Lambda e DynamoDB.
https://github.com/marcelo-theodoro/lambdatotp

amazonlambda authentication chalice dynamodb security totp

Last synced: 8 months ago
JSON representation

lambdatotp is an application to implement TOTP authentication using Amazon Lambda e DynamoDB.

Awesome Lists containing this project

README 

          
[![Build Status](https://travis-ci.org/Marcelo-Theodoro/lambdatotp.svg?branch=master)](https://travis-ci.org/Marcelo-Theodoro/lambdatotp)



## lambdatotp



An easy implementation of [TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm) to be used in the AWS Lambda and DynamoDB.



It is built with [Chalice](https://github.com/aws/chalice) and [PyOTP](https://github.com/pyotp/pyotp).



### How to deploy it



1 - Set up your [AWS Credentials](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)



2 - [Create a table in DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SampleData.CreateTables.html)



3 - Configure the `TABLE_NAME` constant in the `chalicelib/config.py` file with the name of your table.



4 - [Create a new virtualenv](https://docs.python-guide.org/dev/virtualenvs/) with Python 3.



5 - Inside of the virtualenv, install the requirements with `pip install -r requirements.txt`



6 - Execute the command `chalice deploy`



7 - Save the link returned by the chalice. It's the link to your application



---



### How to use it



#### Registering a new user



To register a new user send a `POST` request to the root path of your application with the value `user` containing some kind of identification of your user, like an e-mail or user_id. The application will return a JSON in the following format:



```json

{

    "user_id": "marcelotheodoro@outlook.com",

    "qr_code": "",

    "qr_code_url": ""

}

```

 - user_id: The user id you have registred your user

 - qr_code: The code used to create the QRcode image

 - qr_code_url: The QRcode image that your user must read in his TOTP app to generate the Time Based One Time Password



The application will return an HTTP Conflict error in case the user is already registered.



#### Verifying the code of a registered user.



Once the user is registered, you can send a `GET` request passing in the params  `user` and `code`

 - `user` is the user identification you registered your user

 - `code` is the code generated by the TOTP application of your user



### Running Tests



To run the test suite, please run the following command



```sh

$ pytest -vvx tests

```



Contributions are welcome!