1
1
.
.
1
1
0
0
2
2
F
F
A
A
(
(
2
2
F
F
a
a
c
c
t
t
o
o
r
r
A
A
u
u
t
t
h
h
e
e
n
n
t
t
i
i
c
c
a
a
t
t
i
i
o
o
n
n
)
)
I
I
n
n
f
f
o
o
[
[
G
G
]
]
Following tutorials show how to implement 2FA (2 Factor Authentication).
2 Factor Authentication is called that way because User must Authenticate twice
● first he must provide his Username and Password
● then he must enter a Code sent to him by Google Authentication Service
To enable 2FA we will add following Properties to Account Entity
● Boolean google2faEnabled = true indicates that Account now has Google Secret Key and it can start using 2FA Service.
This is triggered by calling Endpoint http://localhost:8080/CodeEnter (and before it returns HTML Page with QRCode).
User can now scan QRCode with specialized Mobile App to get his Account into the Mobile App.
After that User can simply open Mobile App to get Temporary Code any time he wants to Login again.
P
P
r
r
o
o
c
c
e
e
s
s
s
s
F
F
l
l
o
o
w
w
User tries to access restricted URL http://localhost:8080/Hello
User is redirected to Login Page http://localhost:8080/login
● User enters his Username and Password
User is redirected to QR Code Page http://localhost:8080/QRCode
● User scans QR Code with his Mobile Phone (contains URL with parameters)
● User is redirected to Google Authentication Page which shows him a Code (this Code is valid only for him for 30s)
● User enter Code into QR Code Page
● User presses Submit Button
User is redirected to Endpoint that verifies entered Code http://localhost:8080/VerifyCode
A
A
p
p
p
p
l
l
i
i
c
c
a
a
t
t
i
i
o
o
n
n
S
S
t
t
r
r
u
u
c
c
t
t
u
u
r
r
e
e
Following tutorials are based on User - From DB tutorial as starting point (which uses Accounts stored in DB).
Compared to User - From DB tutorial we will need additional Spring Boot Starters higlighted below.
Their respective Maven dependencies are shown in below pom.xml.
pom.xml
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
