search

mrellipse / toucan

Boilerplate template using Vue.js, TypeScript and .NET Core 2.1, based on SOLID design principles
MIT License
212 stars 36 forks source link

Triggering of Verification Process #16

Closed mrellipse closed 6 years ago

mrellipse commented 6 years ago

it is very essential to have pop-up just like "https://github.com/stoodz/vuejsTimer.git", I have integrated like if the user click on stay the token is updated with new expiry time.

The oauth implicit workflow is designed to be short-lived - and since the browser cannot be relied on to 'keep a secret', allowing an automated token refresh (without having the user supply their password again) would be a security hole.

However, it got me thinking that I would like to add some additional security to the default setup - so that two-factor verification is triggered if the user logs on from a different devices, or with a different browser.

mrellipse commented 6 years ago

breaking database change, but very simple fix, so will publish this as a 'major' release