Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhancement: TOTP Reset After Recovery Code Validation #442

Open
scaletech-milan opened this issue Jan 11, 2024 · 0 comments · May be fixed by #445
Open

Enhancement: TOTP Reset After Recovery Code Validation #442

scaletech-milan opened this issue Jan 11, 2024 · 0 comments · May be fixed by #445
Labels
enhancement New feature or request

Comments

@scaletech-milan
Copy link
Contributor

scaletech-milan commented Jan 11, 2024

Feature Description
Whenever TOTP is used as an MFA feature :

  • The user will be redirected to the redirect_uri screen when they use the recovery code to log in, but they will first need to be redirected to the TOTP scanner image screen.

So after recovery codes are successfully validated, the same process repeats itself, with the user coming and logging in using TOTP as MFA.

Describe the solution you'd like
Reset the totp secret key and update recovery codes inside the database after the recovery codes have been properly validated will cause the user to be redirected to the totp scanner image screen the next time, when the updated recovery code and new secret will be displayed.

Describe alternatives you've considered
Additional context

@scaletech-milan scaletech-milan added the enhancement New feature or request label Jan 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant