Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(core): initial implementation of user set mfa secrets / codes #6654

Merged
merged 4 commits into from
Oct 29, 2024
Merged

feat(core): initial implementation of user set mfa secrets / codes #6654

merged 4 commits into from
Oct 29, 2024

Conversation

atarbalouti
Copy link
Contributor

Summary

This adds the possibility to add user set mfa secrets (TOTP / backup codes). This is necessary for the creation of such secrets directly in the application, because the user has first to confirm the answer or that he printed the backup codes before really creating them in Logto.

Testing

Manually by creating a TOTP secret.

Checklist

  • .changeset
  • unit tests
  • integration tests
  • necessary TSDoc comments

@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 6, 2024
edited
Loading

COMPARE TO master

Total Size Diff 📈 +5.09 KB

Diff by File
Name Diff
packages/core/src/routes/admin-user/mfa-verification.openapi.json 📈 +1.14 KB
packages/core/src/routes/admin-user/mfa-verifications.test.ts 📈 +2.33 KB
packages/core/src/routes/admin-user/mfa-verifications.ts 📈 +784 Bytes
packages/core/src/routes/interaction/utils/backup-code-validation.ts 📈 +198 Bytes
packages/core/src/routes/interaction/utils/totp-validation.test.ts 📈 +306 Bytes
packages/core/src/routes/interaction/utils/totp-validation.ts 📈 +255 Bytes
packages/phrases/src/locales/en/errors/user.ts 📈 +118 Bytes

@github-actions github-actions bot added feature Cool stuff size/m labels Oct 6, 2024
@xiaoyijun
Copy link
Contributor

Hi @atarbalouti , the secrets and backup codes are randomly generated, so it doesn’t seem necessary for the user to confirm them beforehand. The process could be streamlined by directly creating the codes, and then giving users the option to view or print them once they’re generated.

@xiaoyijun
Copy link
Contributor

xiaoyijun commented Oct 9, 2024
edited
Loading

Hi @atarbalouti , after discussion, this is indeed an secenario that can be optimized, and we are taking a look. cc @wangsijie

@github-actions GitHub Actions
Copy link

This PR is stale because it has been open 10 for days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the stale label Oct 24, 2024
@wangsijie wangsijie removed the stale label Oct 24, 2024
@wangsijie
Copy link
Contributor

I'll handle this next week.

@wangsijie wangsijie merged commit 60a6d67 into logto-io:master Oct 29, 2024
34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wangsijie wangsijie wangsijie approved these changes

@simeng-li simeng-li Awaiting requested review from simeng-li simeng-li is a code owner

@gao-sun gao-sun Awaiting requested review from gao-sun gao-sun is a code owner

Assignees

@wangsijie wangsijie

@atarbalouti atarbalouti

Labels
feature Cool stuff size/m
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@atarbalouti @xiaoyijun @wangsijie