service-mfa

A service for adding multi-factor authentication on top of Pryv.io login calls.

Installation

Prerequisites: Node.js 16, just

Then:

just setup-dev-env
just install to install node modules

Running just with no argument displays the available commands (defined in justfile).

Testing

just test [...params]

Extra parameters at the end are passed on to Mocha (default settings are defined in .mocharc.js)
Replace test with test-detailed, test-debug, test-cover for common presets

Configuration

Here is a documented default configuration for this service:

  http: {
    port: 7000,
    ip: '127.0.0.1',
  },
  logs: {
    prefix: 'mfa',
    console: {
      active: true,
      level: 'info',
      colorize: true
    },
    file: {
      active: false
    },
  },
  // Pryv.io core to which the login calls will be forwarded
  core: {
    url: 'http://core_router:1337'
  },
  // API to send MFA challenge by SMS
  sms: {
    endpoints: {
      challenge: '', // Endpoint that triggers the MFA challenge
      verify: '', // Endpoint that verifies the MFA challenge
    },
    auth: '' // API key, sent as 'Authorization' header
  },
  // Sessions are used to cache the state of MFA processes in progress
  sessions: {
    ttlSeconds: 1800 // Duration in seconds after which sessions are destroyed
  }

API routes

/:username/login

The proxied Pryv.io login call.

Request body:

username
password
appId

Request headers:

'Origin'?

Response:

if MFA activated: 302 {mfaToken: 'mfaToken'}
if MFA not activated: 200 {token: 'pryvPersonalToken'}

/:username/mfa/activate

Ask activation of MFA for current user.

Request body:

phone: the phone number that will receive the challenge code by SMS

Request headers:

'Authorization': Pryv.io personal token

Response:

302 {mfaToken: 'mfaToken'}

/:username/mfa/confirm

Confirm activation of MFA for current user.

Request body:

code: the challenge code to be verified

Request headers:

'Authorization': mfaToken

Response:

200 'MFA activated.'

/:username/mfa/challenge

Trigger the MFA challenge.

Request headers:

'Authorization': mfaToken

Response:

200 'Please verify MFA challenge.'

/:username/mfa/verify

Verify the MFA challenge.

Request body:

code: the challenge code to be verified

Request headers:

'Authorization': mfaToken

Response:

200 {token: 'pryvPersonalToken'}

Contributing

Todo

update docker pryvio/base1.8.1 to base1.9.0 (or latest)
realease github workflow has been archived in archives it needs to rewritten to publish on dockerHub

License

BSD-3-Clause

Name		Name	Last commit message	Last commit date
Latest commit History 153 Commits
.github/workflows		.github/workflows
archives		archives
build		build
config		config
scripts		scripts
src		src
test		test
.dockerignore		.dockerignore
.eslintrc.yml		.eslintrc.yml
.gitignore		.gitignore
.licenser.yml		.licenser.yml
.mocharc.js		.mocharc.js
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
justfile		justfile
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

service-mfa

Installation

Testing

Configuration

API routes

/:username/login

/:username/mfa/activate

/:username/mfa/confirm

/:username/mfa/challenge

/:username/mfa/verify

Contributing

Todo

License

About

Releases

Packages

Contributors 5

Languages

License

pryv/service-mfa

Folders and files

Latest commit

History

Repository files navigation

service-mfa

Installation

Testing

Configuration

API routes

/:username/login

/:username/mfa/activate

/:username/mfa/confirm

/:username/mfa/challenge

/:username/mfa/verify

Contributing

Todo

License

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 5

Languages

Packages