GregBaugues/authy2fa-flask

2FA Implementation with Authy and Python Flask

Two-Factor Authentication with Authy OneTouch

This example application demonstrates how to implement Two-Factor Authentication in a Python Flask application using Authy OneTouch.

Full Tutorial: https://www.twilio.com/docs/howto/walkthrough/two-factor-authentication/python/flask

Quickstart

Create an Authy app

Create a free Authy account if you haven't already and then connect it to your Twilio account.

Then create a new Authy application. Be sure to set the OneTouch callback endpoint to http://your-server-here.com/authy/callback once you've finished configuring the app.

Deploying on Heroku

To get up and running quickly, you can deploy this app for free using Heroku:

Local development

This project is built using the Flask web framework. For now, it only runs on Python 2.7 (not 3.4+).

To run the app locally, first clone this repository and cd into its directory. Then:

1. Create a new virtual environment:

   • If using vanilla virtualenv:

     virtualenv venv
     source venv/bin/activate
     

   • If using virtualenvwrapper:

     mkvirtualenv authy2fa-flask
     

2. Install the requirements:

   pip install -r requirements.txt
   

3. Copy the .env_example file to .env, and edit it to include your Authy API key

4. Run source .env to apply the environment variables (or even better, use autoenv)

5. Start a local PostgreSQL database and create a database called 2fa_flask:

   • If on a Mac, we recommend Postgres.app. After install, open psql and run CREATE DATABASE 2fa_flask;
   • If Postgres is already installed locally, you can just run createdb 2fa_flask from a terminal

6. Run the migrations with:

   python manage.py db upgrade
   

7. Start the development server

   python manage.py runserver
   

To actually process OneTouch authentication requests, your development server will need to be publicly accessible. We recommend using ngrok to solve this problem.

Once you have started ngrok, set your Authy app's OneTouch callback URL to use your ngrok hostname, like this:

http://88b37ada.ngrok.io/authy/callback

Run the tests

You can run the tests locally through coverage:

1. Optionally create a separate test database and update your DATABASE_URL environment variable if you don't want your development data overwritten

2. Run the tests:

   $ coverage run manage.py test
   

You can then view the results with coverage report or build an HTML report with coverage html.