2fa #749
Comments
|
The access code is not given by discord it's given by whatever service you use. So you need to do the following
|
|
I already coded the function that Crete the 2fa code I'm just stuck with getting the access code
|
|
I don't think any 2fa apps have public apis for security purposes You could try and reverse engineer their api and see if you can get it that way |
|
u don't need any api or application for this.
it's just an algorithm and you can create the 2fa code ez with the access code i tested it and it works fine and it enabled the 2fa.
I just need a way to get the access code with the a request i don't want to do it manually
|
|
also to correct the access code is given by discord.
when you try to enable the 2fa it give you 2 options one is to scan and the other is a code. that code is the access token
|
|
Ohhhhh, I am currently not home but if someone doesn't give you a response by the time I get home tomorrow I'll take a look at discords api and see if I can get the 2fa token |
|
Yee thanks. what i want is this the access code
|
|
From what I can see there is no way to get the access code via the api you would have to do some web scraping to get it |
|
you can only get it when you enable 2fa for the first time (just like you reset bot's token) |
and how i can get it? |
|
Actually you can enable/disable 2FA with node using const speakeasy = require('speakeasy')
const secret = 'A'.repeat(32) // anything you can want (but it must be 32 char)
const totp = speakeasy.totp({
secret,
encoding: 'base32'
})
const response = await axios.post('https://discord.com/api/v9/users/@me/mfa/totp/enable', {
code: totp,
secret: secret,
password: "<DISCORD_PASSWORD>"
}, { headers: { Authorization: '<DISCORD_TOKEN>' } })HTTP Syntax POST /api/v9/users/@me/mfa/totp/enable HTTP/1.1
Host: discord.com
Content-Type: application/json
Authorization: <TOKEN>
{
"code": "<TOTP_CODE>",
"secret": "<2FA_SECRET_YOU_GENERATED>",
"password": "<ACCOUNT_PASSWORD>"
}It returns {
"token": "<NEW_DISCORD_TOKEN>",
"backup_codes": [
{
"user_id": "<YOUR_USER_ID>",
"code": "<BACKUP_CODE>",
"consumed": false
},
... // it generates 10 backup code
]
}You're old discord token will be invalid after 2FA enabled, if you want to disable it simply just: POST /api/v9/users/@me/mfa/totp/disable HTTP/1.1
Host: discord.com
Authorization: <TOKEN>It returns a 401 response like: HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
"message": "Two factor is required for this operation",
"code": 60003,
"mfa": {
"ticket": "<TOKEN_TICKET>",
"methods": [
{
"type": "totp",
"backup_codes_allowed": true
},
{
"type": "backup" // if you have backup keys or something like that idk
}
]
}
}You need POST /api/v9/mfa/finish HTTP/1.1
Host: discord.com
Authorization: <TOKEN>
Content-Type: application/json
{
"ticket": "<TOKEN_TICKET>",
"mfa_type": "totp", // or another method you want
"data": "<TOTP_CODE_or_something>"
}And it responds with a object, that has a token like {
"token": "<JWT_TOKEN>"
}And last step! POST /api/v9/users/@me/mfa/totp/disable HTTP/1.1
Host: discord.com
Authorization: <TOKEN>
Content-Type: application/json
X-Discord-Mfa-Authorization: <JWT_TOKEN>
{
"token": "<TOKEN_TICKET>"
}And if its successful it returns your discord token like {
"token": "<YOUR_NEW_DISCORD_TOKEN>"
}Note: I did NOT tried the 2FA remove method, but it will probably work, and the adding method seems to work without any problems. Thats all i got :D |
Which package is the feature request for?
The core library
Feature
add a way to enable 2fa
Ideal solution or implementation
so the abilty to activate 2fa in the account. it can give the user the access code and with that access you can generate the 2fa code and put it and activate it normally.
Alternative solutions or implementations
No response
Other context
No response
The text was updated successfully, but these errors were encountered: