I thinking about to throw in 2fa into my application using Google Authenticator API.
Has someone here integrated 2fa nicely with Guardian?
Im looking where to start, write my own plug of go with ueberauth?
The idea is to do regular authentication with Guardian and then kick the application to a 2FA authentication page. But im not sure where to start …
I’m interested in implementing 2FA myself. I see it only as an extra step during login, not something to integrate with Guardian to verify on every request. E.g. if the token verification succeeds, then use Guardian to sign-in user. If someone could share a tutorial it will be much appreciated!
From the Guardian repo:
An authentication library for use with Elixir applications.
Yep yep, and as I keep saying all over the place, it is not an authentication library, it is a JWT library (with some phoenix token support now I hear). You can of course pass authentication data from another source around inside it, but you could do that via a variety of other methods too.
I am new to Elixir (using Phoenix specifically) but I’m going to try to implement https://github.com/yuce/pot which is an Erlang library for generating time based passwords.
I’ve used https://github.com/speakeasyjs/speakeasy for Node.js and am going to hopefully make it as easy to use. If there’s any interest I’ll modularize the Elixir/Phoenix components and throw it on Github.
Edit: I think forking @riverrun’s OTP library is the better strategy for now, so going to go down that path!