SapphoLover39
BABetter Auth
•Created by SapphoLover39 on 4/1/2025 in #help
Help with Email + Phone before 2FA Flow
Another concern I have is the session creation 2FA seems to create it's own session and so does phone plugin so I fear they may conflict and not return right session / user data on client
7 replies
BABetter Auth
•Created by SapphoLover39 on 4/1/2025 in #help
Help with Email + Phone before 2FA Flow
-
7 replies
BABetter Auth
•Created by SapphoLover39 on 4/1/2025 in #help
Help with Email + Phone before 2FA Flow
PS: It would be great in the future if the 2FA plugin allowed you to choose which method TOTP or OTP used for 2FA Verification
7 replies
BABetter Auth
•Created by SapphoLover39 on 4/1/2025 in #help
Help with Email + Phone before 2FA Flow
-
7 replies
BABetter Auth
•Created by SapphoLover39 on 4/1/2025 in #help
Help with Email + Phone before 2FA Flow
My current theoradical solution is:
- Use phone plugin
- Disable all endpoints related to phone login
- Manually call sendOTP after email verification from client
- After verification, force on client enabling 2FA
- Skip 2FA verification since it requires TOTP
Thoughts?
7 replies