Current section: Enable Two-Factor Authentication (2FA) 5 exercises

Intro to Enable Two-Factor Authentication

Loading lesson


00:00 we're going to enable two-factor authentication for our users. And I think it's best to explain this using a diagram. So here we are. The user is going to say, hey, I want to enable two-factor authentication. The server says, that sounds great. But I need to make sure that you're able to generate these codes. Because if we enable this for you

00:19 and then lock you out unless you give us code, then that's going to be a problem. You need to make sure to demonstrate to me that you can generate these two-factor auth codes. So we're going to create a verification, but it's going to be a verify verification, something that's like temporary that you're supposed to verify you can generate these codes. So we create it.

00:38 And then we send an auth URI to the user. That's in the form of a QR code as well as the URL. And then the user is going to scan that with their app, their two-factor authentication app. And that app is going to then generate a code, which the user will then submit. And then we double-check that is correct.

00:58 And if it is correct, then we upgrade that verification we made originally to a long-living two-factor authentication verification. So this verification system we've set up already is perfectly suited for two-factor auth. We're going to be doing things a little bit differently than we have with the previous ones, where

01:18 we just generate a one-time password and send it to people. We need to generate the secret that they need for their two-factor auth app so the app can generate these two or one-time passwords every 30 seconds. So that's the flow. That's how that all works.

01:37 We are only going to be doing this part of it. This doesn't demonstrate the part where the user actually enters a new code and everything. That part's not a whole lot more. But we're splitting this up a little bit because there's a fair bit that you're going to be working on here. So don't worry. You don't have to write your own library for generating

01:56 a QR code and stuff. We've got libraries for that and all of that stuff. So this is actually pretty cool. And by the end of it, hopefully you have a really great understanding of how two-factor authentication works. And you can add it to your applications to great success. So have a good time.