feat(2fa): add two factor authentification #875
Conversation
maudetes
requested review from
ThibaudDauce and
nicolaskempf57
as code owners
| return false | ||
| } | ||
| finally { | ||
| loading.value = false |
There was a problem hiding this comment.
Maybe we should reset the qrcode here? To be sure it is used once and refresh if the modal is open again?
There was a problem hiding this comment.
We don't want to reset qrcode on invalid code for example? Don't you think we should reset only on success? The totp isn't valid until then
There was a problem hiding this comment.
Yep on success, or maybe juts on modal open?
There was a problem hiding this comment.
It is currently reset on success, I'm not sure what you would like here
Co-authored-by: Thibaud Ollagnier <ThibaudDauce@users.noreply.github.com>
Add minimal 2FA implementation. The 2FA flow is self sufficient in udata but see also [cdata integration counterpart](datagouv/cdata#875). The settings that should be overridden if setting up 2FA: ``` SECURITY_TWO_FACTOR SECURITY_TOTP_SECRETS SECURITY_TOTP_ISSUER SECURITY_TWO_FACTOR_RESCUE_MAIL ```
| }) | ||
| }) | ||
|
|
||
| test.afterAll(async () => { |
There was a problem hiding this comment.
What do you think of running udata commands in test cleanup @ThibaudDauce?
There was a problem hiding this comment.
Don't mind :-) Could be nice to see it working if we want to do more complicated stuff like resetting the database (udata side I think) in the future
There was a problem hiding this comment.
I made it work by using udata working dir conf, we needed udata.cfg override in CI.
Requires opendatateam/udata#3620.
Adds hook to check if 2FA is required at login time.
Adds
tf-setupandtf-validatepages to set up and validate 2FA.TODO