kurtbuilds/simple2fa

Simple2FA is a library to easily add two-factor authentication to your app

Add simple2fa to your Cargo

Simple2FA

.

use simple2fa;
use simple2fa::create_url_encoded_qrcode;

// This represnts a user in your database.
struct User {
    pub otp_secret: String,
    pub name: String,
}

fn main() {
    // Save this to your database.
    let user = User {
        name: "Marie Curie".to_string(),
        otp_secret: simple2fa::generate_secret()
    };


    // Use this function or `create_png_qrcode` to generate a png file.
    let qrcode_data_url = create_urlencoded_qrcode("My web app", user.name, user.otp_secret);

    // The QR code is a data url, so you can render it inline on a web page.
    println!(r#"<!-- index.html -->
    <img src="https://raw.githubusercontent.com/kurtbuilds/simple2fa/master/{}"/>
    "#, qrcode_data_url);

    // Ask the user to scan the QR code with an authenticator app, 
    // and request a code to confirm they have setup 2FA.
    if simple2fa.check_2fa_code(user.otp_secret, "<otp_code>") {
        // 2FA is setup!
    } else {
        // Something went wrong setting up 2FA. Have the user submit a code again.
    }

    // When the user logs in, validate their password, then respond with 
    // a form requesting a 2FA code, putting the user_id in JWT or similar server-signed
    // wrapper.
    if simple2fa.check_2fa_code(user.otp_secret, "<otp_code>") {
        // Log in successful
    } else {
        // Log in failed. Ask user re-enter an otp code or reject their login attempt.
    }
}

Installation

Add simple2fa to your Cargo.toml:

[dependencies]
simple2fa = "0.1.0"

If you have cargo-edit, you can use the command line:

cargo add simple2fa

Simple2FA is also available in other languages:

Development

Development commands are described in the Justfile.

Appreciation

Thank you to:

  • @fosskers for the Rust totp-lite library, which this library depends on. totp-lite beat similar Rust libraries in benchmarking.
  • The neon project, which makes creating Node libraries painless.
  • The pyo3 project, which makes creating Python libraries painless.

Information - Updated Jul 27, 2022

Stars: 2
Forks: 0
Issues: 0

Rocket is an async web framework for Rust with a focus on usability, security,

Visiting localhost:8000/hello/John/58, for example, will trigger the hello

Rocket is an async web framework for Rust with a focus on usability, security,

Rust bindings for the C++ api of PyTorch

LIghtweight wrapper for pytorch eg libtorch in rust

Rust bindings for the C++ api of PyTorch

Know the exact crate versions used to build your Rust executable

Audit binaries for known bugs or security vulnerabilities in production, at scale, with zero bookkeeping

Know the exact crate versions used to build your Rust executable

macOS/iOS Security framework for Rust

MIT license (LICENSE-MIT or

macOS/iOS Security framework for Rust

Reference implementation of the Stacks blockchain in Rust

Reference implementation of the Proof of Transfer (PoX) mining that anchors to Bitcoin security

Reference implementation of the Stacks blockchain in Rust

osu! server written in Rust

Fully asynchronous, high concurrency, high performance, and high security

osu! server written in Rust

Nakamoto is a privacy-preserving Bitcoin light-client implementation in Rust,

with a focus on low resource utilization, modularity and security

Nakamoto is a privacy-preserving Bitcoin light-client implementation in Rust,

A WIP Rust implementation of Messaging Layer Security based on draft 9+

Messaging Layer Security based on draft 9+

A WIP Rust implementation of Messaging Layer Security based on draft 9+

Rust Language Security

execrices: RUSTSEC-2021-0001

Rust Language Security

security-keys-rust

Many thanks to the authors of the openpgp-card Rust crate

security-keys-rust

Owlyshield open source security platform

An OSS security platform written in rust with security threat detection

Owlyshield open source security platform

Reference implementation of the Stacks blockchain in Rust

Reference implementation of the Proof of Transfer (PoX) mining that anchors to Bitcoin security

Reference implementation of the Stacks blockchain in Rust
Facebook Instagram Twitter GitHub Dribbble
Privacy