Authy 2FA with Flask

by TwilioDevEd

GitHub Readme.md

Two-Factor Authentication with Authy OneTouch

This application example demonstrates how to implement Two-Factor Authentication on a Python Flask application using Authy OneTouch.

Build Status

Learn more about this code in our interactive code walkthrough.

Quickstart

Create an Authy app

Create a free Authy account if you haven't already done so and then connect it to your Twilio account.

Create a new Authy application. Be sure to set the OneTouch callback endpoint to http://your-server-here.com/authy/callback once you've finished configuring the app.

Local development

This project is built using the Flask web framework. For now it only runs on Python 2.7 (not 3.4+).

  1. To run the app locally, first clone this repository and cd into it.

  2. Create a new virtual environment.

  3. Install the requirements.

    pip install -r requirements.txt
    
  4. Copy the .env_example file to .env, and edit it to include your Authy API key

  5. Run source .env to apply the environment variables (or even better, use autoenv)

  6. Start a local PostgreSQL database and create a database called 2fa_flask.

    • If on a Mac, we recommend using Postgres.app. After installing it, open psql and run CREATE DATABASE 2fa_flask;

    • If Postgres is already installed locally, you can just run createdb 2fa_flask from a terminal

  7. Run the migrations.

    python manage.py db upgrade
    
  8. Start the development server.

    python manage.py runserver
    

To actually process OneTouch authentication requests, your development server will need to be publicly accessible. We recommend using ngrok to solve this problem.

Once you have started ngrok, set your Authy app's OneTouch callback URL to use your ngrok hostname, like this:

http://88b37ada.ngrok.io/authy/callback

Run the tests

You can run the tests locally through coverage:

  1. Optionally create a separate test database and update your DATABASE_URL environment variable if you don't want your development data overwritten.

  2. Run the tests.

    $ coverage run manage.py test
    

You can then view the results with coverage report or build an HTML report with coverage html.

That's it!

Meta

  • No warranty expressed or implied. Software is as is. Diggity.
  • MIT License
  • Lovingly crafted by Twilio Developer Education.