moggers87
commented
1 week ago Sounds good, we would ideally want this either as part of or after #347
Open rafsaf opened 1 week ago
moggers87
commented
1 week ago Sounds good, we would ideally want this either as part of or after #347
Expected Behavior
Users should be given an option to setup more methods instead of only primary method.
Current Behavior
When user setup for example yubikey, then in two_factor view sees "Primary method: Use your Yubikey device" and setup for another methods is not possible.
In setup this is clearly visible that this is intentional disabled:
https://github.com/jazzband/django-two-factor-auth/blob/95255bbe714830152e68c9ff2dd09dee4087a2a1/two_factor/views/core.py#L486-L492
However, in login view, many different methods are handled if they exist, for example created in custom form or via admin panel
https://github.com/jazzband/django-two-factor-auth/blob/95255bbe714830152e68c9ff2dd09dee4087a2a1/two_factor/views/core.py#L359-L367
And here how it looks when i add more methods in admin panel:
Possible Solution
Allow users to setup 2fa many times. It's already handled in login so that's for free and could be supported in account and setup views with relatively moderate code changes. Note that I am not sure why is it not a case, maybe there are some non trivial things to consider or breaking changes like that are not acceptable for some reason.
Context
For yubikey setup for eaxmple it totally makes sense and is popular to have 2 or more different keys for example one dedicated to pc, second to laptop and alternatively some backup one.