Open confact opened 2 years ago
I was looking for a login solution in lucky for one of my apps. Looks good!
Glad to know.
The only thing I am missing is OTP/2FA support.
I think so too. An ideal 2FA integration should allow multiple methods (at least TOTP and email). Overall, it seems it would require a non-trivial amount of time to design and build.
I am currently tied up on a project, so time is not my friend now. If you have any ideas or PR, that would be great. I'll try to squeeze in some time and work on a design. We'll see.
There's already a TOTP implementation here: https://github.com/Axentro/crystal-two-factor-auth. I haven't used it in any way, but it looks good, and looks like it would save some amount of work.
Ideal implementation would be to have pluggable providers (e.g. TOTP, HOTP, FIDO, random token generation fro SMS/email, etc.), and pluggable transports: none for TOTP, FIDO because it's already on the device, or SMS/email/Matrix, etc.
I was looking for a login solution in lucky for one of my apps. Looks good!
The only thing I am missing is OTP/2FA support. With Google Authentication or Authy, it would be amazing, making it very secure.