Closed Lsquared13 closed 4 years ago
This issue probably ought to be on dappbot-api-lambda
, but that aside, the new /auth
endpoint actually implements most of the server-side handling for this. It's hardcoded to SMS_MFA
, so I don't know if it would correctly handle other user preferences, but we implement the methods for setting up & validating MFA with Cognito. Next step would be to implement the client-side logic on dappbot-management-spa
, see if it all behaves together.
We need to spec this out a bit. Ideally we aren't limited to SMS MFA
Here's instructions for doing this with Google Authenticator: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html
We should be able to support MFA for users logging into Cognito