Two-Factor Authentication with Authy and Servlets

This application example demonstrates how to use Authy as the two-factor authentication provider using Servlets.

Local Development

1. First clone this repository and cdinto it.

   $ git clone git@github.com:TwilioDevEd/authy2fa-servlets.git
   $ cd authy2fa-servlets

2. Create the database.

   $ createdb authy2fa_servlets

   The application uses PostgreSQL as the persistence layer. If you don't have it already, you should install it. The easiest way is by using Postgres.app.

3. Copy the sample configuration file and edit it to match your configuration.

   $ cp .env.example .env

   You'll need to set JDBC_URL, DB_USERNAME, and DB_PASSWORD.

   You can find your AUTHY_API_KEY in an application in the Authy Console, under 'Settings'.

   Once you have populated all the values, load the variables with source.

   $ source .env

   If you are using a different operating system, make sure that all the variables from the .env file are loaded into your environment.

4. Execute the migrations.

   $ mvn compile flyway:migrate

5. Run the application.

   $ mvn compile jetty:run

6. Check it out at http://localhost:8080/

Enabling OneTouch Verification Support

1. To enable Authy OneTouch to use the callback endpoint you exposed, your development server will need to be publicly accessible. We recommend using ngrok to solve this problem.

   $ ngrok http 8080

2. In the Authy Console, select your application, go to Push Authentication, and add your publicly accessible url with /authy/callback appended.

Run the tests

Assuming you have configured the application for your local test environment, you can then use Flyway to migrate the test database (by setting the correct JDBC_URL) and then use Maven to run the tests:

mvn test

Meta

• No warranty expressed or implied. Software is as is. Diggity.
• MIT License
• Lovingly crafted by Twilio Developer Education.