Build Two-Factor Authentication Using the Telnyx API and Ruby SDK
Articles - 3 min read

Build Two-Factor Authentication Using the Telnyx API and Ruby SDK

As a result of the ever-increasing number of data breaches and phishing attacks, two-factor authentication (2FA) is now a commonplace solution for most businesses to protect their customers and their own data. The 2FA implementation used by most applications uses a token generator to send users a numeric code via SMS or smartphone app, that the user enters into the application to authenticate their identity when they attempt to log in.
In this guide we’ll go over how to add two-factor authentication to your application using the Telnyx API v2. We’ll be using Ruby for the examples in this article, but you can access guides for other languages here.

Configuration Details

Create a config.cfg file in your project directory. Flask will load this at startup. First, use this guide to provision an SMS number and messaging profile, and create an API key. Then add those to the config file.
Note: This file contains a secret key, it should not be committed to source control.
Token Storage
We'll use a class to store tokens in memory for the purposes of this example. In a production environment, a traditional database would be appropriate. Create a class called TokenStorage with three methods. This class will store uppercase tokens as keys, with details about those tokens as values, and expose check and delete methods.
Server Initialization
Setup a simple Flask app, load the config file, and configure the telnyx library. We'll also serve an index.html page, the full source of this is available on GitHub, but it includes a form that collects a phone number for validation.
Token Generation
We'll start with a simple method, get_random_token_hex, that generates a random string of hex characters to be used as OTP tokens. We'll use the SecureRandom gem for this, as it comes pre-installed in Ruby.
The SecureRandom.hex method accepts a number of bytes, so we need to divide by two and and round up in order to ensure we get enough characters (two characters per byte), and then finally trim by the actual desired length. This allows us to support odd numbered token lengths.
Next, handle the form on the /request route. First this method normalizes the phone number.
Then generate a token and add the token/phone number pair to the data store.
Then generate a token and add the token/phone number pair to the data store.
Token Verification
The verify.html file includes a form that collects the token and sends it back to the server. If the token is valid, we'll clear it from the datastore and serve the success page.
Otherwise, send the user back to the verify form with an error message.

Finishing Up

To start the application, run ruby 2fa.rb.
For full instructions and more developer docs click here.
Share on Social

Worth checking out

By using the site, you agree to our use of cookies. Accept and close Find out more here.