Skip to content
/ two-fast-auth Public

FastAPI middleware that provides seamless two-factor authentication implementation. It integrates with FastAPI to offer robust 2FA protection for your application routes.

rennf93.github.io/two-fast-auth/

License

MIT license
34 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rennf93/two-fast-auth

BranchesTags

Repository files navigation

Two-Fast-Auth Logo

PyPI version Release License: MIT CI CodeQL Docs Update Downloads

two-fast-auth is a FastAPI middleware that provides seamless two-factor authentication implementation. It integrates with FastAPI to offer robust 2FA protection for your application routes.

Documentation

📚 Full Documentation - Comprehensive technical documentation and API reference

Features

  • QR Code Generation: Automatic QR code creation for authenticator apps
  • TOTP Verification: Time-based one-time password validation
  • Recovery Codes: Secure recovery code generation and management
  • Optional Secret Encryption: Securely store and verify 2FA secrets
  • Middleware Integration: Easy integration with FastAPI routes

Installation

To install two-fast-auth, use pip:

pip install two-fast-auth

Basic Usage

from fastapi import FastAPI
from two_fast_auth import TwoFactorMiddleware, TwoFactorAuth

app = FastAPI()

async def get_user_secret(user_id: str) -> str:
    # Implement your logic to retrieve user's secret from database
    return "user_stored_secret"  # Replace with actual DB lookup

app.add_middleware(
    TwoFactorMiddleware,
    get_user_secret_callback=get_user_secret,
    excluded_paths=["/docs", "/redoc"],
    header_name="X-2FA-Code",
    encryption_key="your-key-here"  # Optional
)

@app.get("/protected-route")
async def protected_route():
    return {"message": "2FA protected content"}

Configuration Options

TwoFactorAuth Parameters

Parameter Default Description
secret Auto-generated Base32 secret for TOTP generation
qr_fill_color "black" QR code foreground color
qr_back_color "white" QR code background color
issuer_name "2FastAuth" Name displayed in authenticator apps

TwoFactorMiddleware Parameters

Parameter Default Description
encryption_key None Encryption key for securing 2FA secrets (Fernet-compatible key)
excluded_paths ["/login", "/setup-2fa"] Paths that bypass 2FA verification
header_name "X-2FA-Code" Request header containing 2FA verification code

Advanced Configuration

# Generate and encrypt secret
secret = TwoFactorAuth().secret
encrypted_secret = TwoFactorAuth.encrypt_secret(
    secret,
    encryption_key="your-key-here"
)

# Store encrypted secret in database
async def get_user_secret(user_id: str) -> str:
    return await fetch_encrypted_secret_from_db(user_id)

# Middleware with encrypted secrets
app.add_middleware(
    TwoFactorMiddleware,
    get_user_secret_callback=get_user_secret,
    encryption_key="your-key-here",
    excluded_paths=["/healthcheck"]
)

Contributing

Contributions are welcome! Please open an issue or submit a pull request on GitHub.

License

MIT License - See LICENSE for details

Author

Renzo Franceschini

Acknowledgements

About

FastAPI middleware that provides seamless two-factor authentication implementation. It integrates with FastAPI to offer robust 2FA protection for your application routes.

rennf93.github.io/two-fast-auth/

Topics

python security middleware 2fa fastapi

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

34 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 2

1.1.0 Latest
Feb 3, 2025
+ 1 release

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages