Skip to content

TwilioDevEd/account-security-quickstart-node

 
 

Repository files navigation

Twilio Logo

Twilio Account Security Quickstart - Twilio Authy and Twilio Verify

This template is part of Twilio CodeExchange. If you encounter any issues with this code, please open an issue at github.com/twilio-labs/code-exchange/issues.

About

A simple NodeJS implementation of a website that uses Twilio Account Security services to protect all assets within a folder with Two-factor authentication. Additionally, it shows a Verify Phone Verification implementation.

It uses four channels for two-factor authentication delivery, SMS, Voice, Soft Tokens, and Push Notifications. You should have the Authy App installed to try Soft Token and Push Authentication support.

Learn more about Account Security and when to use the Authy API vs the Verify API in the Account Security documentation.

Implementations in other languages:

.NET Java Python PHP Ruby
TBD Done Done Done Done

Features

Authy Two-Factor Authentication Demo

  • URL path "/protected" is protected with both user session and Twilio Authy Two-Factor Authentication
  • One Time Passwords (SMS and Voice)
  • SoftTokens
  • Push Notifications (via polling)

Verify Phone Verification

  • Phone Verification
  • SMS or Voice Call

Set up

Requirements

Twilio Account Settings

This application should give you a ready-made starting point for writing your own application. Before we begin, we need to collect all the config values we need to run the application:

Config Value Description
TWILIO_ACCOUNT_SID Find in the Twilio console
TWILIO_AUTH_TOKEN console
VERIFY_SERVICE_SID Create a Verify Service in the console
ACCOUNT_SECURITY_API_KEY Create a new Authy application in the console. After you give it a name you can view the generated Account Security production API key. This is the string you will later need to set up in your environmental variables.

Get Authy API Key

Local Development

  1. Clone this repo and cd into it.

    git clone https://github.com/TwilioDevEd/account-security-quickstart-node.git
    cd account-security-quickstart-node
  2. Install the dependencies.

    npm install
  3. Set your environment variables. Copy the env.example file and edit it.

    cp .env.example .env

    See Twilio Account Settings to locate the necessary environment variables.

  4. Check and make sure MongoDB is up and running.

  5. Start the server (will run on port 3000).

    npm start
  6. Navigate to http://localhost:3000

That's it!

Docker

If you have Docker already installed on your machine, you can use our docker-compose.yml to setup your project.

  1. Make sure you have the project cloned.
  2. Setup the .env file as outlined in the Local Development steps.
  3. Run docker-compose up.

Tests

You can run the tests locally by typing:

npm test

Cloud deployment

Additionally to trying out this application locally, you can deploy it to a variety of host services. Here is a small selection of them.

Please be aware that some of these might charge you for the usage or might make the source code for this application visible to the public. When in doubt research the respective hosting service first.

Service
Heroku Deploy

Resources

  • The CodeExchange repository can be found here.

Contributing

This template is open source and welcomes contributions. All contributions are subject to our Code of Conduct.

License

MIT

Disclaimer

No warranty expressed or implied. Software is as is.

About

A simple implementation of a Twilio Account Security protected site using NodeJS and Angular.

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 56.0%
  • HTML 43.4%
  • Other 0.6%