14. Enable Two Factor Auth/03. Verify Code (💪 problem)

Verify Code

Loading "Testing the Two Factor Authentication Setup"

Testing the Two Factor Authentication Setup

👨‍💼 If you have a phone that can scan the QR code (or the 1Password desktop app can scan the code on your screen), you can use this to generate a code. Otherwise, you can actually just use this script to do it as well:

import { generateTOTP } from '@epic-web/totp'

// Paste your string here. It should start with "otpauth://totp/" and include a secret and other params
const otpString = ``

const otpUri = new URL(otpString)
const { secret, algorithm, digits, period } = Object.fromEntries(
	otpUri.searchParams.entries(),
)

const { otp } = generateTOTP({
	secret,
	algorithm,
	digits,
	period,
})

console.log(otp)

Create a file called otp.js

and then you can paste that code in there and run node otp.js to get the code.

Paste the URI in there and run the script, it will output the code which you can use to test things out.

In this one you'll want to start in the action of

app/routes/settings+/profile.two-factor.verify.tsx

. You'll first verify the code, and then you can update the verification in the database to go from the 2fa-verify type to a regular 2fa type and remove the expiresAt.

This will involve creating a new verification type for 2fa so our /verify route can handle that, so you'll be working in

app/routes/_auth+/verify.tsx

as well.

Finally, you'll need to update the

/settings/profile

route so it shows whether 2FA is enabled or not as well as

/settings/profile/two-factor

Once you're done, we still won't actually ask the user to verify with their 2FA code when they login yet, but you should be able to enable 2FA on an account and have that reflected in the settings page.

Once you enable it, we don't have the ability to disable it yet, so if you need to do that, you can always run npx prisma db seed to reseed the database if you need.

← Previous Next →

Edit on GitHubEdit this page on GitHub

problem solution diff chat

general
npm install everytime I setup a new playground
Duki 🌌:
Is it normal that I have to run `npm install` in my playground directory, everytime I setup the play...
✅1
2 · 2 days ago
general
Welcome to EpicWeb.dev! Say Hello 👋
Kent C. Dodds ◆ 🚀🏆🌌:
This is the first post of many hopefully!
18
78 · a year ago
🔐auth
The latest web-auth workshop cannot be launch
QzCurious 🌌:
I've done: 1. Remove web-auth directory 2. Follow https://github.com/epicweb-dev/web-auth?tab=readme...
✅1
7 · a month ago
general
Migration to Vite: Server-only module referenced by client
Fabian 🌌:
Hi, I'm working on migrating to Vite following the remix docs (https://remix.run/docs/en/main/guides...
✅1
1 · 2 months ago
🔐auth
Github token added on refactor of connection model exercise
abraham_aguilera 🌌:
Where does the newly created `GITHUB_TOKEN` come from in the `resolveConnectionData` introduced in t...
✅1
2 · 5 months ago
🔐auth
Potential Security Concern with Empty Session Data in createCookieSessionStorage?
QzCurious 🌌:
Since session data can be an empty object, it seems possible that someone could guess when encrypted...
✅1
6 · a month ago
general
Remix Vite Plugin
Binalfew 🚀 🌌:
<@105755735731781632> Now that remix officially supports vite (though not stable) what does it mean...
✅1
3 · a year ago
general
🔭foundations
Solutions video on localhost:5639 ?
quang 🚀 🌌:
Hi, so I'm having a hard time navigating (hopefully will be better with time) The nav on epicweb.de...
✅1
9 · a year ago
🔐auth
Where are we getting target_type from?
Salym 🚀 🏆 🌌:
I don't see target_type in ur verification schema, how are we generating this?
✅1
9 · 4 months ago
🔐auth
Unknown file extension ".png" for ".../user.png"
TraderDave79 🌌:
I'm going through the `web-auth` module and in the "Require Authenticated" exercise, after making th...
✅1
9 · 5 months ago
🔐auth
github.com refuses to connect in workshop app
TraderDave79 🌌:
Web Authentication / OAuth / 02. GitHub Strategy / Problem & Solution apps, when clicking "Login wit...
✅1
3 · 4 months ago
general
Epicshop is now social and mobile friendly!
Kent C. Dodds ◆ 🚀🏆🌌:
I'm excited to announce that now the Epic Web workshops are mobile friendly! https://foundations.ep...
🎉2
0 · 4 months ago
💾data
general
📝forms
🔭foundations
double underscore?
trendaaang 🌌:
What with the `__note-editor.tsx`? I don't see that in the Remix docs and I don't remember Kent talk...
✅1
2 · 6 months ago
🔐auth
RBAC with Entity scoping
abraham_aguilera 🌌:
Hi all! I'm working on implementing access control but I want to be able to scope permissions per en...
✅1
3 · 6 months ago
🔐auth
💾data
08. ROLE-BASED ACCESS / 02. ROLES SEED - migration to local vs production
Fabian 🌌:
So I'm in a bit over my head with this one, in particular with how migration works in a local env vs...
✅1
1 · 6 months ago
🔐auth
Redirect Cookie > 03. Redirect missing ProgressToggle form
Román 🏆 🚀 🌌:
This last exercises of the Auth module isn't showing the ProgressToggle form for some reason. I fork...
✅1
5 · a year ago
💾data
🔐auth
Prisma batching in the Require Authorized (07/03/solution)
ajara 🌌 🚀:
When I did the `requireUser` function in `auth.server.ts` I thought about using `requireUserId` func...
✅1
4 · 7 months ago
🔭foundations
💾data
general
📝forms
🔐auth
Native Logging
trendaaang 🌌:
I was thinking that it could be useful to log every CRUD operation to help track down errors. Is tha...
✅1
6 · 7 months ago
general
The video play is pretty laggy currently
QzCurious 🌌:
I thought I should tag you for this <@105755735731781632>. Please take a look if something wrong.
✅2
9 · 7 months ago
general
New Workshop Scheduled
Kent C. Dodds ◆ 🚀🏆🌌:
Hey Epic Web devs! I wanted to let you know before everyone else on here: https://www.epicweb.dev/ev...
2
0 · 7 months ago

Create Post