I have seen some web applications making use of Google Authenticator(i.e. 6 digit numeric code generator) as a 2nd level security measure(examples: Binance, Kraken etc). I am making an app on google cloud platform, and need that to use Authenticator.
How do I do this?
N/A
This has to be implemented on a nodeJS server
Update: Even tho this example might still work, it's using library speakeasy which is no longer maintained.
good Example google-authenticator-node-js-web-app
> mkdir back-end
> cd back-end
> npm init -y
> npm install --save express body-parser cors qrcode speakeasy
Now, we have created a directory ‘back-end’ and initialized it as a Node.js project by installing the following dependencies:
express — This is a minimal and flexible web framework for creating API services. body-parser — In order to parse the HTTP method’s body data, this package is being used.
cors — This package is used in order to enable the client side web application to communicate with the API services and to avoid the cross-origin issue.
qrcode — In this application we would be generating the QR-code as a base64 image data, and thus we require qrcode package.
speakeasy — This is the package that enables our application to provide with the secret key and the T-OTP algorithm that the Google Authenticator uses and is also useful for the verification of the Auth code being provided.
We will now create a few API services, with app.js as the main file of execution. For the simplicity of learning process, separation of concerns is followed for the scaffolding of the application.