Skip to content
This repository has been archived by the owner on Apr 3, 2019. It is now read-only.

feat(totp): allow reliers to request totp on login #2627

Merged
merged 1 commit into from Sep 12, 2018
Merged

feat(totp): allow reliers to request totp on login #2627

merged 1 commit into from Sep 12, 2018

Conversation

vbudhram
Copy link
Contributor

@vbudhram vbudhram commented Sep 11, 2018
edited

Connects to mozilla/fxa-oauth-server#520

This PR allow's client to request their login be verified via TOTP. If a user does not have TOTP enabled, it throws an error.

@vbudhram vbudhram added the WIP label Sep 11, 2018
@vbudhram vbudhram self-assigned this Sep 11, 2018
@ghost ghost added the waffle:active label Sep 11, 2018
@vbudhram vbudhram added this to the FxA-155: signin papercuts milestone Sep 11, 2018
@vbudhram
Copy link
Contributor Author

@mozilla/fxa-devs r?

@vbudhram vbudhram requested a review from a team September 12, 2018 13:26
philbooth
philbooth approved these changes Sep 12, 2018
View reviewed changes
Copy link
Contributor

@philbooth philbooth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

lib/routes/session.js Outdated
@@ -142,6 +142,11 @@ module.exports = function (log, db, Password, config, signinUtils) {
if (result) {
verificationMethod = 'totp-2fa'
}

// Error if requesting TOTP verification with TOTP not setup
if (! result && verificationMethod === 'totp-2fa') {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably six of one and half a dozen of the other, but I'm looking at this wondering if the flow would be clearer if it was an else if (verificationMethod === 'totp-2fa') instead of a fresh if (! result && ...). (and above too)

@vbudhram vbudhram merged commit e1dbf18 into master Sep 12, 2018
@vbudhram
Copy link
Contributor Author

@philbooth Thanks!

@shane-tomlinson shane-tomlinson deleted the relier-request-2fa branch October 2, 2018 10:14
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@philbooth philbooth philbooth approved these changes

Assignees

@vbudhram vbudhram

Labels
None yet
Projects
None yet
Milestone
FxA-155: signin papercuts
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@vbudhram @philbooth