Phoenix 2FA what are you using/can recommend?

Phoenix Forum Questions / Help
, ,
21

Out of interest, do you just have a plug checking if the user has passed a 2fa check, if not redirect? Or is there something in Ueberauth I missed where you can chain “challenges” together?

22

After password verification for internal accounts, we check 2FA in a new callback function.

router

  scope "/identity" do
    post "/callback", Auth.UeberauthController, :identity_callback
    scope "/token" do
      get "/", Auth.UeberauthController, :token
      post "/callback", Auth.UeberauthController, :token_callback
    end
  end

UeberauthController

  def identity_callback(conn, params) do
    ...
    case user.data["authenticator"] do
      "true" ->
        conn
        |> put_session(:current_user, user)
        |> render(:token, callback_url: Helpers.callback_url(conn),
          user: user)
      _ ->
        ...
    end
  end

  def token_callback(conn, params) do
    ...
    case AuthToken.validate_user_token(email, subdomain, token) do
          {:ok, _pass} ->
            conn
            |> sign_in(user, attrs, locale)
            ...
          {:error, _reason} ->
            ...
        end
    end
  end
1 Like