This application example demonstrates how to implement Two-Factor Authentication on a Python Flask application using Authy OneTouch.
Learn more about this code in our interactive code walkthrough.
Create a free Twilio account if you haven't already done so.
Create a new Authy application. Be sure to set the OneTouch callback endpoint to http://your-server-here.com/authy/callback once you've finished configuring the app.
This project is built using the Flask web framework and the SQlite3 database.
-
To run the app locally, first clone this repository and
cdinto it. -
Create and activate a new python3 virtual environment.
python3 -m venv venv source venv/bin/activate -
Install the requirements using pip.
pip install -r requirements.txt
-
Copy the
.env.examplefile to.env, and edit it to include your Authy Application's Production API key. This key can be found right below the Application's name in its Settings menu.cp .env.example .env
-
Create the Flask app specific environment variables
export FLASK_APP=twofa export FLASK_ENV=development
-
Initialize the development database
flask db upgrade
-
Start the development server.
flask run
To actually process OneTouch authentication requests, your development server will need to be publicly accessible. We recommend using ngrok to solve this problem. Note that in this tutorial only the HTTP address from ngrok will work, so you should start it using this command:
ngrok http -bind-tls=false 5000Once you have started ngrok, set your Authy app's OneTouch callback URL to use your ngrok hostname, like this:
http://[your ngrok subdomain].ngrok.io/authy/callback
You can run the tests locally through coverage:
-
Run the tests.
python test.py
You can then view the results with coverage report or build an HTML report with coverage html.
That's it!
- No warranty expressed or implied. Software is as is. Diggity.
- MIT License
- Lovingly crafted by Twilio Developer Education.