Instead of requiring the user to configure the IP address of their XIVLauncher installation, support the user of mDNS (and the _xivlauncher service) to automatically discover relevant hosts.
As part of the new sign-in flow:
The user opens the application and is brought to a screen showing a list of all associated accounts and (hidden) MFA codes. A top banner indicates that the application is "Looking for login requests...".
In the background, the application launches a service that scans the local network (via mDNS) looking for the _xivlauncher service. For every computer found, the authenticator will poll GET /totp/status every second to determine if any login attempt is ongoing.
If a valid login request is found, the banner shall be replaced with a message - "Login request from ", with Approve and Deny buttons. Depending on implementation, this may be a pop-up.
Upon user approval, the MFA code will be generated and sent to POST /totp/submit, completing the login flow.
Users will still be able to manually define computers, though TBD as to whether XL should scan these clients.
Sister issue of https://github.com/goatcorp/FFXIVQuickLauncher/issues/1468, and will require that be implemented first.
Instead of requiring the user to configure the IP address of their XIVLauncher installation, support the user of mDNS (and the
_xivlauncher
service) to automatically discover relevant hosts.As part of the new sign-in flow:
_xivlauncher
service. For every computer found, the authenticator will pollGET /totp/status
every second to determine if any login attempt is ongoing.Approve
andDeny
buttons. Depending on implementation, this may be a pop-up.POST /totp/submit
, completing the login flow.Users will still be able to manually define computers, though TBD as to whether XL should scan these clients.