Skip to content

Phase 4 — MFA + Permissions

Pre-release
Pre-release

Choose a tag to compare

@timihack timihack released this 16 Jun 08:44
087b64f

What's included

  • TOTP MFA: setup, confirm, disable (pyotp)
  • 8 argon2-hashed single-use backup codes
  • Role hierarchy + scope guards
  • Login brute force lockout (configurable)
  • OTP attempt limiting with auto-invalidation
  • Username and phone uniqueness on registration

Test Coverage

54 tests — 54 passing
Cumulative: 237 tests across Phases 1–4