Replies: 4 comments
-
|
Two factor is not something that NextAuth has announced plans to build into the library, at least at the time of this comment. We've been faced with the same requirement for TOTP-based 2FA on our team. #4820 discussed how to (conceptually) implement a customization like 2FA. To implement something like password-less login, then provide TOTP 2FA code, to log in, you'll need to add some custom logic to the default function on your |
Beta Was this translation helpful? Give feedback.
-
|
@rklubenspies thanks. Do you know if its possible to reuse logic from the providers in the custom code? Like would that be as simple to call some functions or do you have to copy/paste and modify the code? |
Beta Was this translation helpful? Give feedback.
-
|
@ryuken I'm not sure how much NextAuth exposes in the way of internals to trigger something like that. When a provider runs, all the normal callbacks run so I'd think that trying to do this would overwrite some of the session storage by default. There may be a highly tweaked way to do that, but using a third-party service to send 2-factor codes via email and treating it like we would be treating TOTP 2FA may be the easier route for implementation. If we arrive at a solid TOTP 2FA implementation with NextAuth, I plan to open source the example. |
Beta Was this translation helpful? Give feedback.
-
|
EDIT: Nevermind. My response is basically this documented feature. But maybe for unsupported yet framework like Nuxt.js then you can mock the Keycloak as I mentioned. |
Beta Was this translation helpful? Give feedback.
-
Question 💬
Hi is it possible to use the email provider (passwordless login) together with another provider (like onelogin) for two factor authentication? How could I combine these?
So I want to login with both required. Is this possible?
How to reproduce ☕️
It's not a bug to reproduce
Contributing 🙌🏽
No, I am afraid I cannot help regarding this
Beta Was this translation helpful? Give feedback.
All reactions