Merge pull request #1 from IbrahimTareq/glitch

🚆🦁 Updated with Glitch

.glitch-assets

@@ -0,0 +1,4 @@
+{"name":"drag-in-files.svg","date":"2016-10-22T16:17:49.954Z","url":"https://cdn.hyperdev.com/drag-in-files.svg","type":"image/svg","size":7646,"imageWidth":276,"imageHeight":276,"thumbnail":"https://cdn.hyperdev.com/drag-in-files.svg","thumbnailWidth":276,"thumbnailHeight":276,"dominantColor":"rgb(102, 153, 205)","uuid":"adSBq97hhhpFNUna"}
+{"name":"click-me.svg","date":"2016-10-23T16:17:49.954Z","url":"https://cdn.hyperdev.com/click-me.svg","type":"image/svg","size":7116,"imageWidth":276,"imageHeight":276,"thumbnail":"https://cdn.hyperdev.com/click-me.svg","thumbnailWidth":276,"thumbnailHeight":276,"dominantColor":"rgb(243, 185, 186)","uuid":"adSBq97hhhpFNUnb"}
+{"name":"paste-me.svg","date":"2016-10-24T16:17:49.954Z","url":"https://cdn.hyperdev.com/paste-me.svg","type":"image/svg","size":7242,"imageWidth":276,"imageHeight":276,"thumbnail":"https://cdn.hyperdev.com/paste-me.svg","thumbnailWidth":276,"thumbnailHeight":276,"dominantColor":"rgb(42, 179, 185)","uuid":"adSBq97hhhpFNUnc"}
+{"uuid":"adSBq97hhhpFNUna","deleted":true}

README.md

@@ -1 +1,19 @@
-# 2fa-glitch
+# Two-Factor Authentication with MessageMedia Messages API
+Two-Factor Authentication (2FA) adds an extra layer of protection beyond the password. This notably decreases the risk of a hacker accessing your online accounts by combining something you know (a password) with a second factor, something you have such as a mobile phone. By adding this additional factor to your security flow, an account with a compromised password will still remain secure.
+
+#### Getting Started
+To get started you need to:
+
+* Sign up for API keys from the [MessageMedia Developer Portal](https://developers.messagemedia.com/register)
+* Clone this project by clicking on the button below
+[![Remix on Glitch](https://cdn.glitch.com/2703baf2-b643-4da7-ab91-7ee2a2d00b5b%2Fremix-button.svg)](https://glitch.com/edit/#!/remix/https://glitch.com/~messagemedia-messages)
+* Copy across the API keys into the .env file
+* Click on "Show Live" at the top left
+* Enter your mobile phone number and submit the form
+* You should receive an SMS with a 6-digit code
+* Enter the code and click verify
+
+#### Resources
+* [API Documentation](https://developers.messagemedia.com/code/messages-api-documentation/)
+* [Github Repo](https://github.com/messagemedia/2fa-glitch-nodejs)
+* [Speakeasy](https://github.com/speakeasyjs/speakeasy)

package.json

@@ -0,0 +1,28 @@
+{
+  "name": "hello-express",
+  "version": "0.0.1",
+  "description": "A simple Node app built on Express, instantly up and running.",
+  "main": "server.js",
+  "scripts": {
+    "start": "node server.js"
+  },
+  "dependencies": {
+    "express": "^4.16.3",
+    "messagemedia-messages-sdk": "^1.0.3",
+    "body-parser": "1.18.3",
+    "speakeasy": "2.0.0",
+    "ejs": "^2.5.6"
+  },
+  "engines": {
+    "node": "8.x"
+  },
+  "repository": {
+    "url": "https://glitch.com/edit/#!/hello-express"
+  },
+  "license": "MIT",
+  "keywords": [
+    "node",
+    "glitch",
+    "express"
+  ]
+}

public/client.js

@@ -0,0 +1,52 @@
+$(document).ready(function() {
+  $('.ui.form')
+    .form({
+      fields: {
+        code: {
+          identifier  : 'code',
+          rules: [
+            {
+              type   : 'empty',
+              prompt : 'Please enter your code'
+            }
+          ]
+        },
+        mobile: {
+          identifier  : 'mobile',
+          rules: [
+            {
+              type   : 'empty',
+              prompt : 'Please enter your mobile number'
+            }
+          ]
+        }
+      }
+    });
+});
+
+$('#submit').click(function(e){
+  e.preventDefault();
+  console.log("submit");
+  $.ajax({
+      type: 'POST',
+      data: $("form").serialize(),
+      url: '/verify',
+      dataType: 'json',
+      success: function(data) {
+          console.log('success');
+          console.log(data);
+
+          if (data == true){
+            var element = document.getElementById("verifyForm");
+            element.classList.remove("error");
+            element.classList.add("success");
+          }else{
+            var element = document.getElementById("verifyForm");
+            element.classList.add("error");
+          }
+      },
+      error: function(request, status, error) {
+        console.log(error);
+      }
+  });
+});

public/style.css

@@ -0,0 +1,12 @@
+body {
+  background-color: #DADADA;
+}
+body > .grid {
+  height: 100%;
+}
+.image {
+  margin-top: -100px;
+}
+.column {
+  max-width: 450px;
+}

server.js

@@ -0,0 +1,64 @@
+var express = require('express');
+var app = express();
+var speakeasy = require("speakeasy");
+var sdk = require('messagemedia-messages-sdk');
+var controller = sdk.MessagesController;
+const ejs = require('ejs');
+var bodyParser = require("body-parser");
+
+app.set('views', __dirname + '/views');
+app.set('view engine', 'html');
+app.engine('html', ejs.renderFile);
+app.use(express.static(__dirname + '/public'));
+
+var jsonParser = bodyParser.json()
+var urlencodedParser = bodyParser.urlencoded({ extended: false })
+
+var secret = speakeasy.generateSecret({length: 20});
+
+app.get('/', function(req, res){
+  res.render('index');
+});
+
+app.post("/register", urlencodedParser, function (req, res) {
+  var token = speakeasy.totp({
+    secret: secret.base32,
+    encoding: 'base32'
+  });
+
+  sdk.Configuration.basicAuthUserName = process.env.KEY; 
+  sdk.Configuration.basicAuthPassword = process.env.SECRET; 
+
+  var body = new sdk.SendMessagesRequest({
+      "messages":[
+          {
+              "content":"Your MessageMedia security code is: "+token,
+              "destination_number":req.body.mobile
+          }
+      ]
+  });
+
+  controller.createSendMessages(body, function(error, response, context) {
+    if (!error){
+      res.render("verify");
+    } else {
+      res.send(error);
+    }
+  });
+
+});
+
+app.post("/verify", urlencodedParser, function (req, res) {
+  var userCode = req.body.code;
+  var tokenValidates = speakeasy.totp.verify({
+    secret: secret.base32,
+    encoding: 'base32',
+    token: userCode,
+    window: 6
+  });
+  res.send(tokenValidates);
+});
+
+var listener = app.listen(process.env.PORT, function() {
+  console.log('Your app is listening on port ' + listener.address().port);
+});