Skip to content
This repository has been archived by the owner on Jan 22, 2025. It is now read-only.

Latest commit

 

History

History
43 lines (33 loc) · 2.51 KB

README.md

File metadata and controls

43 lines (33 loc) · 2.51 KB

In this repository we keep the current state of development of our Authentication Service. The Authentication Service is a secure web application that provides users with two-factor authentication using Google Authenticator. The project is built using Java 11 and the web core framework. We have a heap of documentation available for the code in this repository. You may be interested in...

Requirements

  • Java 11 or later
  • Apache Maven 3.6.3 or later

Installation

  1. Clone the repository.
  2. Run mvn clean install to build the application.
  3. Start the application using java -jar "file-name".
  4. Configure the config.json and restart the program.
  5. The application will be available at http://localhost:6472.

Usage

  1. Register a new user by providing a valid email address and password.
  2. After successful registration, log in to the application using the registered email and password.
  3. Enable two-factor authentication by scanning the QR code with the Google Authenticator app or manually entering the secret key.
  4. Log out of the application and log in again using the registered email and password.
  5. Enter the six-digit code generated by the Google Authenticator app when prompted.
  6. The application will authenticate the user and redirect to the home page.

Security

  • Passwords are hashed using BCrypt with a randomly generated salt for each user.
  • Two-factor authentication is implemented using Google Authenticator, which generates one-time passwords that expire after a short time period.
  • Secret keys for two-factor authentication are generated using a cryptographically secure random number generator and stored securely in the database.

Branch guide

  • main: The current main stage with the latest development version.
  • prod: Production build (automatically deployed to the appropriate services)
  • release/*: Release builds (e.g. release/2023.2.1, a stable running version named after the date)
  • fix/*: Bug fix Branch (e.g. fix/hash-bug, for bug fixes)
  • feature/*: Feature Update Branch (e.g. feature/hash-update, for large updates)
  • dev/*: Developer specific branch (e.g. dev/nicokempe, designed for small changes and only temporary)

Credits