Plugs for the TOTP strategy.
Handles setup and sign-in for TOTP authentication.
Summary
Functions
Handle a TOTP confirm setup request
Handle a TOTP setup request
Handle a TOTP sign-in request
Handle a TOTP verification request for step-up authentication.
Functions
@spec confirm_setup(Plug.Conn.t(), AshAuthentication.Strategy.Totp.t()) :: Plug.Conn.t()
Handle a TOTP confirm setup request
@spec setup(Plug.Conn.t(), AshAuthentication.Strategy.Totp.t()) :: Plug.Conn.t()
Handle a TOTP setup request
@spec sign_in(Plug.Conn.t(), AshAuthentication.Strategy.Totp.t()) :: Plug.Conn.t()
Handle a TOTP sign-in request
@spec verify(Plug.Conn.t(), AshAuthentication.Strategy.Totp.t()) :: Plug.Conn.t()
Handle a TOTP verification request for step-up authentication.
This is used when an already-authenticated user needs to verify their TOTP code to access protected resources. The user is obtained from the connection's actor (set by authentication middleware).
On success, stores the verification result and marks TOTP as verified in the user's metadata.