Share your repls and programming experiences

← Back to all posts
2FA authenticator!
PixelNinja (329)


Have you ever wanted to add 2FA to your website? Well now you can with 2 simple functions. The first function makes a new token for a user, it takes one, optional parameter, the length of the token, the longer, the better. When you generate this token, you should use the returned secret as so: secret.otpauth_url turned into a QR code, while saving secret.base32 to the user database.

The second function is used to verify what pin the user enters. It takes 2 required parameters, and one optional one. The first, is the user's secret, the base32 one we saved. Then, you should have the 6 digit pin the user enters when they try and login! The final, optional one is the window, this is the number of 30 second intervals you will allow the entered pin to be out. For example, if a user enters 123456, which was the old pin before it refreshed, it will still be accepted.

I highly recommend adding 2fa to your site!