Initialise Lock in "second step" for MFA

[glena]

We (CS) are building some rules for using Passwordless as MFA.

Right now, we are going to hack Lock in order to initialise it in the second step (the view which asks for code in SMS) forcing the state of it as if the first step was already completed.

It would be nice to have the ability to set the phone number when we show it, so lock takes care of sending the SMS and asking for the code. Something like this:

var lock = new Auth0LockPasswordless(cid, domain);
lock.sms({phone_number:’….’});

[gnandretta]

The screen that asks the verification code will need some changes though:

• It doesn't have to show the back button.
• It needs a way to resend the verification code, see Make it easier to resend the verification code  #73.
• More importantly, it needs to let the user now that the SMS is being sent and/or allow to recover when something goes wrong.

Instead of having a new option in the sms method I would add a new one like mfa to keep things easy to use (and to implement/maintain).

[glena]

Something to have in mind, it shouldn't start a login process. We don't care about authentication in this case, we need a way to verify the code.

So in this particular implementation, we just need to call the callback with the result of the request to /passwordless/verify and this is particularly because we can't start a new authentication process if we stopped the rules pipeline with a redirect (used for the MFA rule).