This post may seem a bit wide but it's because I'm kind of lost in this part and I really need orientation. I've been building an Angular2+ app and now I to implement Two Factor Authentication but I'm unable to understand exactly how 2fa works.
After googling and reading, it seems that auth0 and twilio are an option for doing what I want, but it seems that a backend server is needed and currently I don't have any. I have some functions in webtask.io to handle the parts of my app that require a backend, and also I'm using firebase for authentication and database.
So, is it possible to implement 2fa in a serverless enviroment? As far as my reading went webtask.io belongs to auth0 and twilio has twilio functions, but I couldn't find any docs or resources to do this. I learned how to verify phone numbers using twilio functions or to send sms notifications to my users.
Other thing I found interesting is that it's possible to implement firebase authentication through auth0 but still found nothing relevant to 2fa. In auth0 do I need also a backend to implement 2fa?
I know it seems wide but please have me patience, it's my first app ever.
So, what's the best course of action? Are there other alternatives I'm missing?
Sales engineer at Twilio here.
You should consider using Twilio Functions and TwiML Bins. This should give give you decent infrastructure for doing 2FA in your application, and you can just post the request to your function. You may also need to look into using Sync, which would help you keep your webpage updated as authentication is underway. I'm not an angular dev, so I can't speak to how you'd completely integrate these tools into your application architecture, but they're a solid toolset that will prevent you from having to spin up, maintain, and host an entire server.