← Back to all products
$10
Two-Factor Auth
TOTP (RFC 6238), backup codes, QR generation for authenticator apps, and recovery flows.
JSONMarkdownPythonLLM
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 9 files
two-factor-auth/
├── LICENSE
├── README.md
├── examples/
│ └── config.example.json
├── free-sample.zip
├── guide/
│ ├── 01_two-factor-auth.md
│ ├── 02_features.md
│ └── 03_quick-start.md
├── index.html
└── src/
└── main.py
📖 Documentation Preview README excerpt
Two-Factor Auth
TOTP (RFC 6238), backup codes, QR code generation for authenticator apps, and recovery flows. Zero dependencies.
Part of the Auth Vault toolkit by [CodeVault](https://codevault.dev).
Features
- TOTP generation per RFC 6238 (30-second intervals, 6-digit codes)
- QR code generation as SVG — no image library dependencies
- Backup codes: cryptographically secure, single-use
- Compatible with Google Authenticator, Authy, and 1Password
- Configurable time window tolerance for clock drift
- Recovery flow with backup code verification
- CLI tool for enrollment, verification, and backup code management
- Zero dependencies — Python stdlib only
Quick Start
# Enroll a new user (generates secret + QR code)
python3 src/main.py enroll --user user@example.com --issuer "My App"
# Verify a TOTP code
python3 src/main.py verify --user user@example.com --code 123456
# Generate backup codes
python3 src/main.py backup-codes --user user@example.com
# Verify a backup code
python3 src/main.py verify-backup --user user@example.com --code "abcd-efgh"
# Show the QR code SVG
python3 src/main.py qr --user user@example.com --issuer "My App"
Using as a Library
from main import TwoFactorAuth
tfa = TwoFactorAuth()
# Enroll a user
secret, qr_svg, backup_codes = tfa.enroll(
user="user@example.com",
issuer="My App",
)
print(f"Secret: {secret}") # Store securely
print(f"Backup codes: {backup_codes}") # Show once to user
# Save QR code SVG to file
with open("qr.svg", "w") as f:
f.write(qr_svg)
# Verify a TOTP code from the user's authenticator app
is_valid = tfa.verify(user="user@example.com", code="123456")
TOTP Parameters
... continues with setup instructions, usage examples, and more.
📄 Code Sample .py preview
src/main.py
#!/usr/bin/env python3
"""
Two-Factor Authentication — TOTP, Backup Codes & QR Generation
================================================================
A complete two-factor authentication system implementing TOTP (RFC 6238),
backup codes, and QR code generation for authenticator app enrollment.
Why roll your own? Because most 2FA libraries depend on pyotp which
depends on nothing you can't do yourself. TOTP is just HMAC-SHA1 over
a counter derived from time. This implementation shows you every byte.
Zero dependencies. Import or run as CLI.
Part of the Auth Vault toolkit by DataNest.
License: MIT
"""
from __future__ import annotations
import base64
import hashlib
import hmac
import json
import logging
import os
import secrets
import struct
import threading
import time
import urllib.parse
from dataclasses import dataclass, field, asdict
from pathlib import Path
from typing import Any
# ---------------------------------------------------------------------------
# Configuration
# ---------------------------------------------------------------------------
STORAGE_FILE = Path("./2fa_secrets.json")
TOTP_DIGITS = 6 # Standard TOTP output length
TOTP_PERIOD = 30 # Time step in seconds (RFC 6238 default)
TOTP_WINDOW = 1 # Accept codes ±1 period for clock skew
BACKUP_CODE_COUNT = 10 # Number of backup codes to generate
BACKUP_CODE_LENGTH = 8 # Characters per backup code
SECRET_LENGTH = 20 # Bytes of randomness for TOTP secret
logging.basicConfig(
level=logging.INFO,
format="%(asctime)s [%(levelname)s] %(message)s",
# ... 466 more lines ...