Open jackwander opened 3 years ago
Hi @jackwander. Did you get any solution for this?
@ashu555 Sad to say but I haven't.
@ashu555 Hi. Did you get any solution?
I'm also waiting for the same answer. How is 2fa implemented in the API, and what is the mechanism like. API is stateless, different from the web, which has a session.
I still don't have a solution for this.
Hello everyone, I find solution I make a few endpoints I add a few fields to Users model, two_fa_enabled(flag) and two_fa_code 1.endpoint return generated Qr and code, before sending response I save code in my db for auth user 2.endpoint for enabling 2FA, I get current code for auth user ($code = $google2fa->getCurrentOtp(auth('sanctum')->user()->google2fa_secret);) and check it with request otp, if checked i put two_fa_enabled to true. Same steps for disabling 2FA
Hi all, I find the solution in this article 2FA stateless, and I've implemented it with the same concept!
I would like to ask how can i use this for API authentication especially for generating bearer token.