Open sffc opened 5 years ago
@sffc is this issue still up? I would like to work on this.
Yep, this issue is still open. The problem is that today, accounts are identified by their email. If we add TOTP as an alternative to email-based login (including Google OAuth), we need to figure out how to identify those accounts.
After the user signs in with the email, in any case, we may have another tab add TOTP or something like that, where the user can add TOTP authentication, for any future login. We can allow TOTP authentication and the user email would still be the one that can be used to map the identity.
On a side note: I am using octave online for my classes, would be glad to push code over here. This is an awesome platform, thanks for this.
This should be added as another login strategy for easy use with smartphones.
Example: https://github.com/jaredhanson/passport-totp