Minimal Two Factor Authentication (2FA) in FastAPI 🚀

This repository contains a minimal implementation of enabling/disabling 2FA in a FastAPI application using PyOTP and qrcode.

Features

User Signup with Optional MFA
Register a new user with the option to enable MFA. When enabled, the server generates a secret and provisioning URI, and the user can scan the QR code to configure their authenticator app.

Show Illustration
Login with 2FA
After providing valid credentials, if MFA is enabled the user is prompted for an OTP generated by their authenticator app.
Disable MFA
Users can disable MFA by verifying their password and an OTP. After disabling, they must manually remove the account from their authenticator app.

Clone the repository:

git clone https://github.com/agfianf/color-correction

Install the dependencies:

via pip:

source .venv/bin/activate
pip install -r requirements.txt

Signup with MFA:

Send a POST request to /signup with:
```
{
    "username": "your_username",
    "password": "your_password",
    "enable_mfa": true
}
```
Retrieve the provisioning URI from the response. Optionally, access /qrcode/your_username to view the QR code image.
Login with MFA:

Use /login to verify your username and password. If MFA is enabled, follow up with a POST request to /login-2fa by providing your OTP.
Disable MFA:

Send a POST request to /disable-mfa with:
```
{
    "username": "your_username",
    "password": "your_password",
    "token": "your_current_OTP"
}
```
After receiving a success response for MFA disablement, manually remove the account from your authenticator app.

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
.vscode		.vscode
app		app
assets		assets
.gitignore		.gitignore
.python-version		.python-version
README.md		README.md
pyproject.toml		pyproject.toml
requirements.txt		requirements.txt
uv.lock		uv.lock
workflows.md		workflows.md