2

I don't have a programming experience but I am pretty sure my developer is wrong about believing that the only way we could integrate twilio into our app is if we use Auth0. He thinks we have no other alternative since firebase has changed so much since google purchased it. I personally think Auth0 is too expensive and I would like to find a cheaper alternative that works.

Can someone dumb the process down and explain to me (Me = a person with only basic background in programming) as to why he is wrong or right ? If he's wrong, can you give me an alternative to Auth0 ?

AL.
  • 36,815
  • 10
  • 142
  • 281
Ari Eddy Koftikian
  • 59
  • 4

1 Answers1

2

I would definitely double check if your developer mean Auth0 or Authy (https://www.twilio.com/authy) . Authy is Twilio's use case API for 2FA to Add 2FA to web and mobile apps with fewer than 10 lines of code (https://www.twilio.com/docs/tutorials/walkthrough/two-factor-authentication/node/express) .

You could build it on your own by just using Twilio's SMS API , but that would mean you maintaining the token generation , maintainence and disposal at your app . Using Authy takes all that trouble from you and you can achieve the 2FA through a simple and powerful REST API .

Update based on OP's comment

So seems he wants to handle the 2FA himself and integrate it with firebase. I don't still see why is Auth0 mandatory, You can connect to Firebase and Twilio (using either of the authentication method I mentioned above)in the same service .

Example (assuming nodejs backend server):

app.post('/send2FASMS', function (req, res) 
{
  var resp = new twilio.TwimlResponse();
  var fromNum = req.body.From;



   var Firebase = require('firebase'),
   /*your firebase stuff here using FireBase - example : new Firebase('{FIREBASEURL}/Users/');*/

     resp.message(customeMessageThatYoumightHaveConstructedUsingYourFireBaseDB + 'Your 2FA code is 438469.');

  res.writeHead(200, 
                               {
                                     'Content-Type':'text/xml'
                               }
                            );
   res.end(resp.toString());

 }
);

Obviously , firebase should be installed before this 

npm install firebase

Having said this , I would still advise having a look at Authy , which can be integrated similarly to above ( Authy APIs instead of SMS ) and give you the better 2FA experience as compared to developing the 2FA logic yourself.

am1704
  • 837
  • 1
  • 6
  • 15
  • He means Auth0. One of it's features for silver level customers is the ability to integrate with firebase. – Ari Eddy Koftikian Sep 07 '16 at 11:06
  • Updated my answer based on your comment – am1704 Sep 07 '16 at 11:34
  • Look at this github repo : https://github.com/rickyrobinett/dailysms You can modify this to build the 2FA logic on your own and send out the SMS using Twilio integrated with Firebase – am1704 Sep 07 '16 at 11:41