Two-Factor Authentication (2FA) Implementation in Go

This repository contains a simple implementation of Two-Factor Authentication (2FA) in Go using the Gin web framework and Redis for OTP storage.

Overview

The provided Go code demonstrates a basic 2FA flow, including user registration, login, OTP generation, and token validation. It uses a Redis database to store OTPs temporarily.

Features

1. User Registration (SignUpUser):

   • Users can sign up by providing their email, username, and password.
   • Passwords are hashed using bcrypt for security.

2. User Login (Login):

   • Users can log in using their email and password.
   • One-Time Passcodes (OTPs) are generated and sent to the user's email for additional verification.

3. OTP Generation (generateTOTP):

   • OTPs are generated using the TOTP algorithm, which is a time-based OTP.
   • The TOTP secret is stored securely on the server.

4. OTP Validation (ValidateOTP):

   • Users submit the OTP received via email for validation.
   • The server validates the OTP, and upon success, issues a JSON Web Token (JWT) for authentication.

5. JWT Token Refresh (RefreshToken):

   • Provides a mechanism to refresh the JWT token, extending the user's session.

Dependencies

• Gin: HTTP web framework.
• Golang JWT: JSON Web Token implementation.
• GoMail: Email sending library.
• GoValidator: Validator package for Go.
• Badoux Checkmail: Email validation package.
• Go-Redis: Redis client for Go.
• OTP TOTP: One-Time Password (OTP) library.

Environment Variables

• Sender_email: Email address used to send OTPs.
• Sender_pass: Password for the sender email account.
• smtpServer: SMTP server address.
• smtpPort: SMTP server port.
• DB_URL: PostGres Database connection URL
• REDIS_URL: Redis cache connection URL

Setup

1. Clone the repository:

   git clone https://github.com/navaneesh/2FA.git