search

netzbegruenung / keycloak-mfa-plugins

Keycloak Authentication Provider implementation to get a 2nd-factor authentication with a OTP/code/token send via SMS
Apache License 2.0
42 stars 9 forks source link

Optimize 2FA enforcement #56

Closed melegiul closed 1 year ago

melegiul commented 1 year ago

Abort 2FA enforcement code as soon as possible:

  1. Check credentials and if any 2FA method is found then abort
  2. Check auth session for already set required actions
  3. Check user model for required actions We may try to switch the order to optimize further.

Fixes: #55