Two-factor authentication for everyone

    Based on the publication “Designing a Microservice”, I decided to write (and wrote!) Open source for the implementation of two-factor authentication. In fact, we got two repositories that provide the entire “background” of the second authentication factor and provide a convenient architecture for implementing buns.



    Separately, I note that the first part can serve as a standalone application. Both services work through the API.

    Pincodes


    This application is responsible for creating, sending and checking the pin. Under the hood of Sinatra + Redis.

    Implemented by:
    • setting the pincode life time;
    • restriction on the number of attempts to enter;
    • selection of a third-party gateway for sending SMS.

    In the plans:
    • other ways to deliver pins (ideally, put this delivery in a separate module / service);
    • customizable code complexity.


    Accounting


    This part deals with everything that is useful in authentication, but does not apply directly to it. Powered by Rails + PG.

    Implemented by:
    • access by generated keys.

    In the plans:
    • access settings (for example, open access only for certain IPs);
    • collection of statistics.

    If we talk about statistics, then for two-factor it is a vital feature. For example, SMS gateways sometimes mark missing sms as delivered. In this regard, statistics created / confirmed will say much more and help not to lose valuable users.

    Summary


    Of course, the solution was not developed as an existing competitor, but as an alternative. For example, when you need to implement delivery through your gateway, work in closed mode, finish a feature for yourself, and so on. I also hope that the community will help make the service better with its expert assessment, pull-quests and “God knows what else.”

    References


    Pincodes: github.com/IlyaDonskikh/pincode
    Accounting: github.com/IlyaDonskikh/pincode_account

    Perhaps one of the readers has a question, what is this services folder and why is all the business logic stored in it. The answer is here: brewhouse.io/blog/2014/04/30/gourmet-service-objects.html .

    Bonuses


    In addition to all of the above, I have free computing power on Azur, so if you are interested in experimenting on this project, but "nowhere", then write to me in PM. The project is launched in the cloud version here: pinc0de.com .

    Also popular now: