Add support for 2FA (OTP, U2F) #418
Comments
|
I assume this is for Invidious login, could you provide any more details on implementing them or what apps/devices they should be tested with? |
|
Well OTP is always probably the same. You can use a Nitrokey, Yubikey or also command line tools. |
|
+1 This will increase account security. I always like services that support OTP for accounts. If invidious gets hacked the passwords get leaked accounts are still secure due to 2FA. |
|
i want to ask if there is any news on this feature ? |
|
on the who, there is a library (MIT Licence) : https://github.com/lelag/otphp in php for doing OTP on login |
|
Unfortunately Invidious is programmed in Crystal so a php library won't be compatible. Fortunately there are libraries for this and I'll be working on implementing it very soon! |
There is a library for crystal here: https://github.com/philnash/crotp |
|
I'm aware. I'm currently just waiting for the maintainer to officially support Crystal 1.0 but I'll go ahead and fork it if needed. |
|
any news on this ? |
|
No, a PR #2254 is pending but we still don't have the time yet for finishing it. But if you want to contribute to the pull request you are free to do so :)! |
|
The PR is mostly done, but we first need a database migration framework. |
i'm open to help but i do not know anything on crystal, so i can't help for that, will simply wait just wanted to know if we can hope to see it soon for up to date instance or if i must continue without it for now).
Thanks for the answer ;) |
any news ? |
This comment was marked as off-topic.
This comment was marked as off-topic.
Please add support for OTP (HOTP) and/or U2F. I am sure there are some librarys for this.
I personally prefer U2F as second factor more than OTP.
The text was updated successfully, but these errors were encountered: