I’m looking at adding support for authenticator-app based OTP (TOTP) and I’m wondering what the best practice is in the Ash ecosystem. Is there a standard approach, an existing extension/library, or any recommended patterns for integrating 2FA into Ash Authentication? I’d be interested to hear how others have implemented it and whether there are any pitfalls to be aware of. I can’t be a first person trying to do factor auth for Ash. Appreciate any pointers.
ash_authentication / v5.0.0 will support it:
Also WebAuthn:
