All Projects → Axentro → crystal-two-factor-auth

Axentro / crystal-two-factor-auth

Licence: MIT license
Two Factor Authentication Crystal code implementing the Time-based One-time Password Algorithm

Programming Languages

crystal
512 projects

Projects that are alternatives of or similar to crystal-two-factor-auth

totp
Time-Based One-Time Password Code Generator
Stars: ✭ 76 (+216.67%)
Mutual labels:  totp, two-factor-authentication, 2fa
apache 2fa
Apache two-factor (2FA) authentication with Google Authenticator based on Time-based One-Time Password (TOTP) or HMAC-based one-time password (HOTP) Algorithms.
Stars: ✭ 63 (+162.5%)
Mutual labels:  totp, two-factor-authentication, 2fa
Java Otp
A one-time password (HOTP/TOTP) library for Java
Stars: ✭ 265 (+1004.17%)
Mutual labels:  totp, two-factor-authentication, 2fa
SimpleTOTP
A highly configurable yet simple to use TOTP based two-factor authentication processing module for SimpleSAMLphp.
Stars: ✭ 16 (-33.33%)
Mutual labels:  totp, two-factor-authentication, 2fa
otp-java
A small and easy-to-use one-time password generator library for Java according to RFC 4226 (HOTP) and RFC 6238 (TOTP).
Stars: ✭ 107 (+345.83%)
Mutual labels:  totp, two-factor-authentication, 2fa
2FAuth
A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
Stars: ✭ 664 (+2666.67%)
Mutual labels:  totp, two-factor-authentication, 2fa
Twofactor totp
🔑 Second factor TOTP (RFC 6238) provider for Nextcloud
Stars: ✭ 203 (+745.83%)
Mutual labels:  totp, two-factor-authentication, 2fa
Two Factor Bundle
[OUTDATED] Two-factor authentication for Symfony applications 🔐 (bunde version ≤ 4). Please use version 5 from https://github.com/scheb/2fa.
Stars: ✭ 388 (+1516.67%)
Mutual labels:  totp, two-factor-authentication, 2fa
crotp
CrOTP - One Time Passwords for Crystal
Stars: ✭ 62 (+158.33%)
Mutual labels:  totp, two-factor-authentication, 2fa
Onetimepassword
🔑 A small library for generating TOTP and HOTP one-time passwords on iOS.
Stars: ✭ 243 (+912.5%)
Mutual labels:  totp, two-factor-authentication, 2fa
Authenticatorpro
📱 Two-Factor Authentication (2FA) client for Android + Wear OS
Stars: ✭ 155 (+545.83%)
Mutual labels:  totp, two-factor-authentication, 2fa
Twofa
A TouchID-aware 2-factor authenticator for macOS
Stars: ✭ 105 (+337.5%)
Mutual labels:  totp, two-factor-authentication, 2fa
Otp.net
A .NET implementation of TOTP and HOTP for things like two-factor authentication codes.
Stars: ✭ 424 (+1666.67%)
Mutual labels:  totp, two-factor-authentication, 2fa
Authelia
The Single Sign-On Multi-Factor portal for web apps
Stars: ✭ 11,094 (+46125%)
Mutual labels:  totp, two-factor-authentication, 2fa
One Time
One Time Password (TOTP and HOTP) library for Clojure. TOTP/HOTP is widely used for Two Factor / Multi Factor Authentication.
Stars: ✭ 129 (+437.5%)
Mutual labels:  totp, two-factor-authentication, 2fa
Aegis
A free, secure and open source app for Android to manage your 2-step verification tokens.
Stars: ✭ 2,692 (+11116.67%)
Mutual labels:  totp, 2fa
Nimble totp
A tiny Elixir library for time-based one time passwords (TOTP)
Stars: ✭ 139 (+479.17%)
Mutual labels:  totp, 2fa
Python Bna
Python implementation of the mobile Blizzard Authenticator (TOTP)
Stars: ✭ 165 (+587.5%)
Mutual labels:  totp, 2fa
Twofactor
Golang two factor authentication library
Stars: ✭ 179 (+645.83%)
Mutual labels:  totp, two-factor-authentication
Otpauth
One Time Password (HOTP/TOTP) library for Node.js, Deno and browsers.
Stars: ✭ 135 (+462.5%)
Mutual labels:  totp, two-factor-authentication

crystal-two-factor-auth

Build Status

Two (2) Factor Authentication (2FA) Crystal code which uses the Time-based One-time Password (TOTP) algorithm. You can use this code with the Google Authenticator mobile app or the Authy mobile or browser app.

Installation

Add this to your application's shard.yml:

dependencies:
  crystal-two-factor-auth:
    github: SushiChain/crystal-two-factor-auth

Usage

require "crystal-two-factor-auth"

# TOTP.generate_base32_secret
base32_secret = "NY4A5CPJZ46LXZCP"

# this is the name of the key which can be displayed by the authenticator program
key_id = "[email protected]"

# generate the QR code
# we can display this image to the user to let them load it into their auth program
puts "Image url: #{TOTP.qr_code_url(key_id, base32_secret)}"

# we can use the auth number here and compare it against user input
# auth_number = TOTP.generate_number_string(base32_secret)
# is_valid = TOTP.validate_number_string(base32_secret, auth_number)

# this loop shows how the number changes over time
while true
  diff = TOTP::DEFAULT_TIME_STEP_SECONDS - ((Time.now.epoch_ms / 1000) % TOTP::DEFAULT_TIME_STEP_SECONDS)
  code = TOTP.generate_number_string(base32_secret)
  puts "Secret code = #{code}, change in #{diff} seconds"
  sleep 1
end

See the example in spec/two_factor_auth_example.cr

To get this to work for you:

  1. Use generate_base32_secret() to generate a secret key in base32 format for the user. For example: "NY4A5CPJZ46LXZCP"
  2. Store the secret key in the database associated with the user account
  3. Display the QR image URK returned by qr_code_url(...) to the user. Here's a sample which uses GoogleAPI's: Sample QR Image
  4. User uses the image to load the secret key into their authenticator application (google auth / authy)

Whenever the user logs in:

  1. The user enters the number from the authenticator application into the login form
  2. Read the secret associated with the user account from the database
  3. The server compares the user input with the output from generate_current_number_string(...)
  4. If they are equal then the user is allowed to log in

Contributing

  1. Fork it ( https://github.com/SushiChain/crystal-two-factor-auth/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

Contributors

  • kingsleyh Kingsley Hendrickse - creator, maintainer
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].