Actions for the TOTP strategy.
Provides the code interface for TOTP setup, sign-in, and verification.
Summary
Functions
Confirm TOTP setup by verifying a code and activating the secret.
Set up TOTP for a user by generating a new secret.
Sign in using a TOTP code.
Verify a TOTP code for a user.
Functions
@spec confirm_setup(AshAuthentication.Strategy.Totp.t(), map(), keyword()) :: {:ok, Ash.Resource.record()} | {:error, any()}
Confirm TOTP setup by verifying a code and activating the secret.
Used when confirm_setup_enabled? is true. Takes a user, setup_token, and
TOTP code. If the code is valid, the secret is stored on the user and the
setup token is revoked.
Options
:domain- The domain to use for the action. Defaults to the domain configured on the user resource.
@spec setup(AshAuthentication.Strategy.Totp.t(), map(), keyword()) :: {:ok, Ash.Resource.record()} | {:error, any()}
Set up TOTP for a user by generating a new secret.
Takes a user record and runs the setup action which generates a new TOTP
secret. The user can then retrieve the totp_url calculation to display
a QR code for scanning with an authenticator app.
Options
:domain- The domain to use for the action. Defaults to the domain configured on the user resource. This allows the strategy to work when invoked from a different domain context (e.g., an admin domain managing users from an accounts domain).
@spec sign_in(AshAuthentication.Strategy.Totp.t(), map(), keyword()) :: {:ok, Ash.Resource.record()} | {:error, any()}
Sign in using a TOTP code.
Takes an identity (e.g., email) and a TOTP code, and returns the user if the code is valid.
Options
:domain- The domain to use for the action. Defaults to the domain configured on the user resource.
@spec verify(AshAuthentication.Strategy.Totp.t(), map(), keyword()) :: {:ok, boolean()} | {:error, any()}
Verify a TOTP code for a user.
Takes a user and a TOTP code, and returns {:ok, true} if the code is valid
or {:ok, false} if it is not.
Options
:domain- The domain to use for the action. Defaults to the domain configured on the user resource.