Giters

PootisPenserHere / single_user_2fa

A serverless aproach to managing the two-factor authentication (2fa) tokens for a single account and deliver them by sms.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

pythonpython3serverlesszeit2fatwilliosmsnow-clinow

Single user 2fa

A serverless aproach to managing the two-factor authentication (2fa) tokens for a single account and deliver them by sms.

Setting up the work environment

Prerequisites

A zeit account will be needed to perform the deployments, if you're not registere a free account can be created here.

To send the sms a Twilio account with its corresponding sid and auth token credentials for further reading

NOTE: Although Twilio offers a free trial, after said period there will be chargers for the service in the form of a set price for each sms based on the destination country as well as the monthly rent of a phone number.

Installing now

# yarn
yarn global add vercel

# npm
npm i -g vercel

Sing up in zeit

Actions such as deployment will require that zeit has been authenticated for the current machine, it can be done with:

vercel login

This process will ask the user to introduce their registered email and then to click on a verify link sent through the email that they'll get.

Deploying

To deply a new version simply run the command:

vercel

Personalizing

Once the environment has been set up it's time to set our credentials and authentication secrets. By the fault there are 5 secrets that must be set and they can be found in the now.json file at the "env" key.

{
    "version": 2,
    "name": "single_user_2fa",
    "env": {
        "SECRET": "@2fa_secret",
        "TWILLIO_ACCOUND_SID": "@twillio_account_sid",
        "TWILLIO_AUTH_TOKEN": "@twillio_auth_token",
        "TO_NUMBER": "@twillio_to_number",
        "FROM_NUMBER": "@twillio_from_number"
    },
    "builds": [
        { "src": "*.py", "use": "@now/python" }
    ]
}

Setting up the new secrets

vercel secret add 2fa_secret 2fa_secret_here
vercel secret add twillio_account_sid twillio_api_sid_here
vercel secret add twillio_auth_token twillio_api_auth_here
vercel secret add twillio_to_number destination_phone_here
vercel secret add twillio_from_number yout_twillio_number_here

Note: If the secrets are changed a new version of the code must be deployed for the changes to take effect.

Credit

Credit goes to Patrick Mylund Nielsen for his python implementation of the 2fa

TODO

  • Leading 0s in codes are omited by the algorithm
    • Likely happens with any number of continues leading zeros

About

A serverless aproach to managing the two-factor authentication (2fa) tokens for a single account and deliver them by sms.

pythonpython3serverlesszeit2fatwilliosmsnow-clinow

Languages

Language:Python 100.0%