2FA

Two-factor authentication

To help user secure their accounts better, the PAKT SDK offers two-factor authentication. Users can initiate, activate and deactivate their choice of authentication.

There are currently two types of two-factor authentication: "google_auth" | "email".

When initiating a google_auth, an authenticator app, such as the Google Authenticator App, or Authy Authenticator app can be used to set up this type of two-factor authentication. Upon a successful response, the TwoFAresponse is returned.

To initiate a two-factor authentication, the authenticated user token is required.

When initiating an email two-factor authentication, the user's email receives a token to verify the two-factor and upon successful entry, is activated.

TwoFAresponse

See example below:

Initiate two-factor authentication

This begins the process of the two-factor auth setup.

type TwoFaType = "google_auth" | "email";
export const initiateTwoFa = async (type: TwoFaType) => {
  interface TwoFAresponse {
    type: TwoFaType;
    qrCodeUrl?: string;
    secret?: string
   }

  const twoFaInit: ResponseDto<TwoFAresponse> = await sdkInit.account.initate2FA(type, authToken: string);
};

Activate two-factor authentication

Activating the two-factor authentication is easy.

For the google_auth type of authentication, use the TwoFAresponse#secret to create a new entry in the app of your choice, the new entry returns a code in a time-sync setup. Use the code, with the authenticated user token to activate the two-factor authentication.

For email authentication, pass the token received via email as the code, with the authenticated user token.

To activate the two-factor auth, see example:

export const activateTwoFa = async (code: string, authToken: string) => {
  const resp: ResponseDto<void> = await sdkInit.account.active2FA(code, authToken);
};

Deactivate two-factor authentication

Deactivating two-factor authentication is easy.

For the google_auth type of two-factor authentication, the active code in the authenticator app is required as well as the authenticated user jwt token.

For the email type of two-factor authentication, an email is sent, the code sent is used alongside the authenticated user jwt token.

To deactivate the two-factor auth, see the example:

export const activateTwoFa = async (code: string, authToken: string) => {
  const resp: ResponseDto<void> = await sdkInit.account.deactive2FA(code, authToken);
};

Send an email for two-factor authentication

Users who have activated the email type option can receive the email code. The code is sent to their email.

This feature is also called when the user deactivates the two-factor authentication.

The authenticated user jwt token is required for this feature.

export const sendEmailTwoFa = async (authToken: string) => {
  const emailTo:ResponseDto<{}>  = await sdkInit.account.sendEmailTwoFA(authToken);
};