Second Factor Auth for Distributed Systems using Twilio
This module hashes and salts a valid and verified phone number and returns a NaCL sr25519 keypair based on the generated seed. It is currently used in the Remote Education Log.
Usage of this module requires a Twilio account as well as a working Verify Service.
- Create an account at https://twilio.com
- Go to https://www.twilio.com/console/project/settings and get your account SID and Auth token from the LIVE Credentials section (Verify does not work with TEST Credentials)
- Go to https://www.twilio.com/console/verify/services and add a new service
At the end of the above process, you should have the values you need for these three environment variables:
TWILIO_ACCOUNT_SID=[Account SID taken from LIVE credentials on settings page]
TWILIO_AUTH_TOKEN=[Auth token from LIVE credentials on settings page]
TWILIO_VERIFY_SID=[Service of your Twilio Verify Service]
Then, generate a strong salt value and use that for the SALT environment variable.
Finally choose an HTTP_HOST and HTTP_PORT.
Now let's put those variables to use!
First clone the repo:
git clone https://github.com/tallylab/twilio-auth- Create an .env file, see .env.example for the required configuration keys.
npm start
This repo also comes with a Dockerfile which would allow you to package and build this.
Note that this automatically sets HTTP_HOST to 0.0.0.0 and HTTP_PORT to 3000 so you
don't need to worry about those.
docker run -d \
-e SALT=[your salt] \
-e TWILIO_ACCOUNT_SID=[enter account sid] \
-e TWILIO_AUTH_TOKEN=[your auth token] \
-e TWILIO_VERIFY_SID=[your verify service id] \
-p 3000:3000 \
--name twilio-auth \
tallylab/twilio-auth:latestPRs and Issues welcome and accepted! We would love to hear your feedback.
MIT Copyright © 2019-2020 TallyLab, LLC