HackingIT
AEAsh Elixir
•Created by HackingIT on 9/7/2023 in #support
Ash Authentication TOTP
Just exploring some of the features of Ash as I am considering it for a new service I am implementing.
I went through the tutorial of setting up Ash authentication for a Phoenix app which worked just fine.
However I was unable to determine how I could extend it to implement 2FA / TOTP using say Nimble TOTP at https://github.com/dashbitco/nimble_totp
Even doing a custom layout with or without TOTP didn't seem immediately obvious, but I may have missed something. I did discover the override approach to customise the view but still very limited vs an actual heex template I can customise at will and add additional elements to.
Is the way forward here to just implement my own liveview?
How would I approach the TOTP aspect in the resource layer? Given TOTP can be opt in, or enforced by an org/tenant policy it's a kind of strategy wrapper.
Is a custom strategy the answer here? Bearing in mind I want TOTP to be an optional extension of the password strategy, or in fact any strategy actually, such as adding another factor on OAuth2.
Any tips or other insights on how I can solve TOTP within the framework of Ash authentication are greatly appreciated.
Thanks for all your hard work on Ash!
1 replies