Magic Link with TOTP
Hi, for my app, I want to do the following workflow / what it's currently doing. This application will be deployed several times so here's what I've done.
1. The database is intially seeded with an Admin user and I have also disabled email / password authentication.
2. The first user is able to login with a magic link sent to their email (this works).
3. I want to enable TOTP as 2fa after logging in but I require the user's password to make the call (which doesn't exist) to enable it.
Is there any way to get this working?
I had an idea to reset the users password when they make the request to enable 2fa so that the call works but don't think that would be the best way to about it.
1 Reply
Magic link bypass 2fa. two factor plugin is intended to be used for email/password logins.