Help with Email + Phone before 2FA Flow
Hello,
At work we require to implement auth for login and I would like to use BetterAuth for it if possible
The requirements are that we signup with email password, then we enter phone number and verify it with OTP, then we enable 2FA.
During login you put email, verify otp during 2FA then you're authenticated.
The hard time I'm having is wrapping my head around how to have phone number verification
If you can tell me if it's possible and perhaps help in how that would be awesome
thank you!
1 Reply
My current theoradical solution is:
- Use phone plugin
- Disable all endpoints related to phone login
- Manually call sendOTP after email verification from client
- After verification, force on client enabling 2FA
- Skip 2FA verification since it requires TOTP
Thoughts?
-
PS: It would be great in the future if the 2FA plugin allowed you to choose which method TOTP or OTP used for 2FA Verification
-
Another concern I have is the session creation 2FA seems to create it's own session and so does phone plugin so I fear they may conflict and not return right session / user data on client