← Back to all products

Two-Factor Auth

$10

TOTP (RFC 6238), backup codes, QR generation for authenticator apps, and recovery flows.

📁 9 files
JSONMarkdownPythonLLM

📄 Product Preview

Try the interactive reader and demo tools below, or get the full product with all content unlocked.

📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample

📁 File Structure 9 files

two-factor-auth/ ├── LICENSE ├── README.md ├── examples/ │ └── config.example.json ├── free-sample.zip ├── guide/ │ ├── 01_two-factor-auth.md │ ├── 02_features.md │ └── 03_quick-start.md ├── index.html └── src/ └── main.py

📖 Documentation Preview README excerpt

Two-Factor Auth

TOTP (RFC 6238), backup codes, QR code generation for authenticator apps, and recovery flows. Zero dependencies.

Part of the Auth Vault toolkit by [CodeVault](https://codevault.dev).

Features

  • TOTP generation per RFC 6238 (30-second intervals, 6-digit codes)
  • QR code generation as SVG — no image library dependencies
  • Backup codes: cryptographically secure, single-use
  • Compatible with Google Authenticator, Authy, and 1Password
  • Configurable time window tolerance for clock drift
  • Recovery flow with backup code verification
  • CLI tool for enrollment, verification, and backup code management
  • Zero dependencies — Python stdlib only

Quick Start


# Enroll a new user (generates secret + QR code)
python3 src/main.py enroll --user user@example.com --issuer "My App"

# Verify a TOTP code
python3 src/main.py verify --user user@example.com --code 123456

# Generate backup codes
python3 src/main.py backup-codes --user user@example.com

# Verify a backup code
python3 src/main.py verify-backup --user user@example.com --code "abcd-efgh"

# Show the QR code SVG
python3 src/main.py qr --user user@example.com --issuer "My App"

Using as a Library


from main import TwoFactorAuth

tfa = TwoFactorAuth()

# Enroll a user
secret, qr_svg, backup_codes = tfa.enroll(
    user="user@example.com",
    issuer="My App",
)
print(f"Secret: {secret}")   # Store securely
print(f"Backup codes: {backup_codes}")  # Show once to user

# Save QR code SVG to file
with open("qr.svg", "w") as f:
    f.write(qr_svg)

# Verify a TOTP code from the user's authenticator app
is_valid = tfa.verify(user="user@example.com", code="123456")

TOTP Parameters

... continues with setup instructions, usage examples, and more.

📄 Code Sample .py preview

src/main.py #!/usr/bin/env python3 """ Two-Factor Authentication — TOTP, Backup Codes & QR Generation ================================================================ A complete two-factor authentication system implementing TOTP (RFC 6238), backup codes, and QR code generation for authenticator app enrollment. Why roll your own? Because most 2FA libraries depend on pyotp which depends on nothing you can't do yourself. TOTP is just HMAC-SHA1 over a counter derived from time. This implementation shows you every byte. Zero dependencies. Import or run as CLI. Part of the Auth Vault toolkit by DataNest. License: MIT """ from __future__ import annotations import base64 import hashlib import hmac import json import logging import os import secrets import struct import threading import time import urllib.parse from dataclasses import dataclass, field, asdict from pathlib import Path from typing import Any # --------------------------------------------------------------------------- # Configuration # --------------------------------------------------------------------------- STORAGE_FILE = Path("./2fa_secrets.json") TOTP_DIGITS = 6 # Standard TOTP output length TOTP_PERIOD = 30 # Time step in seconds (RFC 6238 default) TOTP_WINDOW = 1 # Accept codes ±1 period for clock skew BACKUP_CODE_COUNT = 10 # Number of backup codes to generate BACKUP_CODE_LENGTH = 8 # Characters per backup code SECRET_LENGTH = 20 # Bytes of randomness for TOTP secret logging.basicConfig( level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s", # ... 466 more lines ...
Buy Now — $10 Back to Products