A simple Python and Flask implementation of a website that uses Twilio Account Security services to protect all assets within a folder. Additionally, it shows a Phone Verification implementation.
It uses four channels for delivery, SMS, Voice, Soft Tokens, and Push Notifications. You should have the Authy App installed to try Soft Token and Push Notification support.
- URL path "/protected" is protected with both user session and Twilio Two-Factor Authentication
- One Time Passwords (SMS and Voice)
- SoftTokens
- Push Notifications (via polling)
- Phone Verification
- SMS or Voice Call
This project is built using the Flask web framework. It runs on Python 2.7+ and Python 3.4+.
-
To run the app locally, first clone this repository and
cdinto it. -
Create and activate a new python3 virtual environment.
python3 -m venv venv source venv/bin/activate -
Install the requirements using pip.
pip install -r requirements.txt
-
Copy the
.env.examplefile to.env, and edit it to add your Application API Key. Can get/create one here.ACCOUNT_SECURITY_API_KEY=<your API key> -
Create Flask application variables for development
export FLASK_APP=twofa export FLASK_ENV=development
-
Run the migrations.
flask db upgrade
-
Start the development server.
flask run
- No warranty expressed or implied. Software is as is. Diggity.
- MIT License
- Lovingly crafted by Twilio Developer Education.