# Two-Factor Authentication

Two-factor authentication (2FA) using Time-based One-Time Passwords (TOTP) adds an extra layer of security to user authentication. 

These codes expire after a short period, making it difficult for attackers to gain unauthorized access even if passwords are compromised. 

You can see the implementation below

<https://github.com/madewithnovel/novel/blob/main/packages/novel/auth.js#L142>

<https://github.com/madewithnovel/novel/blob/main/app/api/internal/v1/auth-mfa/index.ts>

## Confugration

You will need to set up the `mfa` setting to true in `config/auth.js`.

{% code title="config/auth.js" lineNumbers="true" %}

```typescript
export default {
	/**
	 * Allows the use of MFA for users in the application.
	 */
	mfa: true,
}
```

{% endcode %}

## API

You can use `/auth/password/mfa`  to perform a Magic Link flow.

{% openapi src="<https://1230772123-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgjPdizpdFKu8XPFFoBRj%2Fuploads%2FBSDtmhW0VYiMTiBBhApj%2Fopenapi.json?alt=media&token=6bf741e5-9e70-4443-9b94-5c062e5c697c>" path="/auth/{strategy}/mfa" method="post" %}
[openapi.json](https://1230772123-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgjPdizpdFKu8XPFFoBRj%2Fuploads%2FBSDtmhW0VYiMTiBBhApj%2Fopenapi.json?alt=media\&token=6bf741e5-9e70-4443-9b94-5c062e5c697c)
{% endopenapi %}

## Changelog

* 2024-12-20 - Initial Documentation