Optic is an app that helps you securely generate OTP tokens for 2FA protected npm accounts. It allows auto-publish npm packages using CI.
- Node LTS
- yarn
- expo go app (on your ios/android phone or you can use the ios simulator)
yarn
yarn start
In order to successfully run the Optic-expo app locally you will need the following:
- Expo user account. You can sign up here.
- Once you have an Expo account, your account needs to be added to the NearForm organization (ask @simoneb to do that for you).
- Scan the QR code on your terminal or go to
exp://172.22.22.56:19000
- Once the app loads, if you get the signin screen, in your terminal run
expo login -u <username> -p <password>
and reload the app
- Create an issue in this repo asking for apple connect developer access for the app (see section: Providing Apple Developer Access)
- Install expo-cli globally:
npm i -g expo-cli
- Run in the simulator first:
npm run ios
- Install expo go on your device
- Connect the ios device to your mac and select trust computer when prompted.
- Confirm your device is in developer mode
- Setup code signing certificates in xcode for developement
- In Xcode select your device as deployment target and select the development certificate (you may need to connect the device to your account if it was not done before)
- Run:
expo run:ios --device
- Select your device from the list
- Running
yarn android
will help you throughout the process. - Follow the expo tutorial.
- Java Runtime will be necessary. OpenJDK version 11 worked. Homebrew
- Read the output of the installation and execute the suggested commands related to symlink and including in the PATH variable.
- Running
yarn ios
will help you throughout the following steps; - Create an Apple ID if you don't have one. If applicable, use your NearForm email.
- Download Xcode from the App Store.
- Open Xcode, navigate to "Preferences / Locations" and select the appropriate version in Command Line Tools.
- Login to Apple Developer using an account with "App Manager" role
- You might need to use the nearform root account to provide permission above 'developer'
- 'App Manager' role is needed if you want to give access to create new releases in play store
- Navigate to https://appstoreconnect.apple.com/access/users
- Click on the "+" button on the top left corner and add the user info (most of the time will be developer or app manager) and choose what apps they have access to
- The app doesn't run on the web
yarn start:native
is different fromyarn start
having the flag--dev-client
you need to build a native version of the app as it generates a url like this:com.nearform.optic://expo-development-client/?url=http%3A%2F%2F192.168.5.92%3A8081
so you have to runexpo run:android
first. exp://192.168.5.92:19000
As most things, it's a trade-off.Pp Without --dev-client it's faster to start working as you don't have to install native tools but it hides some problems that only occur in the native versions like the google login problem and the qr code scan.
The figma designs can be found here
The first step to use the optic-expo
application is adding a Secret. You can add it by scanning a QR code provided by the OTP Issuer or by inputing it manually.
An example adding an NPM user secret:
You will see your secret added to the application home page:
Finally, you need to generate your optic-token
s by adding a new token:
You can save this token to any system that need to sent to you a notification. The notification will ask you to approve or deny the system's read to your Secret's OTP.
As you can see by the home page layout, you can generate many tokens to read the same Secret's OTP:
By doing so, you will be able to understand who is the caller that wants to read your OTP.
Few notes on the NPM secret:
- the NPM secret (QR or the textual code) is the one that you get, when you enable 2FA in your npm profile
- if you already have 2FA activated (with a different authenticatior app e.g. Google Authenticator) and you need to get the secret, the easiest way is to get is to open the authenticator app you were using previously and get the QR code from that app and scan it with Optic Expo