-
Notifications
You must be signed in to change notification settings - Fork 243
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(auth): TOTP MFA #1770
feat(auth): TOTP MFA #1770
Conversation
Adds support for the `USER_PASSWORD_AUTH` flow commit-id:993bd927
Small fixes around attribute handing commit-id:d418754d
All error types should be handled by the state machine. If `resolveError` cannot handle it, add it to the state stream. commit-id:59c9c765
Introduces TOTP MFA with registration and verification flows. There are no new APIs for this approach. Instead, confirmSignIn is leveraged with two new sign in step types: `mfaSetup` and `confirmSignInWithTotpMfaCode`. commit-id:887d4a4d
Codecov Report
@@ Coverage Diff @@
## pr/dnys1/missing-flows/59c9c765 #1770 +/- ##
================================================================
Coverage 44.49% 44.49%
================================================================
Files 121 121
Lines 7493 7493
================================================================
Hits 3334 3334
Misses 4159 4159
Flags with carried forward coverage won't be shown. Click here to find out more. |
@dnys1 Thanks for tackling this! When do you estimate this feature will be released? |
@schreyerpeter no firm timelines at the moment unfortunately. We are looking to how best to release this and will add an update to the TOTP tracking ticket (#574) when we have a good estimate. |
Thank you very much! I'll keep an eye on that thread. |
Any news? |
@dnys1 / @abdallahshaban557 Just checking to see if there's an update on getting this change merged and released? Note: There is one other API that's missing |
Hi @chrisdadej - we are getting really close to shipping this feature. We are just finalizing some interface changes to align our implementation to the other Amplify libraries. How soon do you need this? |
@abdallahshaban557 In development... yesterday :) In production we are targeting July 1 hence thinking of what a Plan B looks like if this functionality isn't ready. If you need extra testers, or help in building out for example the |
Understood - thank you for pushing us to get this out sooner. We are trying our best to get it out ASAP, and we will keep your offer in mind to help us get this out sooner if possible. Thank you so much! Helping us test sounds amazing actually! |
Closing in favor of #3146 |
Introduces TOTP MFA with registration and verification flows. There are no new APIs for this approach. Instead, confirmSignIn is leveraged with two new sign in step types:
mfaSetup
andconfirmSignInWithTotpMfaCode
.Stack: