tranquil.farm / tranquil-pds
Our Personal Data Server from scratch! tranquil.farm
oauth atproto pds rust postgresql objectstorage fun
fork atom

2FA feature request #12

closed opened by launchpadx.top

I discovered that because the Bluesky App still uses legacy authentication, this bypasses the 2FA settings.

Bluesky has an email 2FA verification feature, and I think we can develop a compatibility shim based on this. That is, when the account has 2FA enabled and attempting to login via legacy API, the system will send an email containing a verification link to the user's mailbox. The user can click the link and complete the TOTP verification to obtain the email 2FA verification code to be entered into the Bluesky App.

erlend.sh

Prior art: https://tangled.org/baileytownsend.dev/pds-gatekeeper

launchpadx.top (author)

I know it and I'm using it currently on my production PDS

lewis.moe

I actually think the whole legacy 2fa shebang would be nice, not just something to be compatible. so i made this https://tangled.org/tranquil.farm/tranquil-pds/pulls/8

lewis.moe

Merged!

sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 3
AT URI
at://did:plc:gcktt4t6eocohmc2f4rozxly/sh.tangled.repo.issue/3mdb3vy7dsn22