Question

Custom login widget with MFA

0

Hi everyone, Im looking for some advise. I have a custom login widget for my login page and would like it to direct to a pop up presenting the MFA code and thereafter move onto the specific user role’s homepage. I am currently using the Multi-factor authentication module. Currently I am unable to display the pop up upon clicking sign in. Would I need custom js for this or can it be done with a pop window and microflow? Any examples or advise would be appreciated. Thank you.

asked 2021-06-29

Wes Pre

1 answers

Erwin 't Hoen · Answer 1 · 2021-06-30

After pressing the signin button the user is direted via the navigation to the homepage of the app.

The homepage can be a function (read; Microflow) this would allow you to open the MFA dialog and build some check in the microflow for the validity of the entered MFA as otherwise the user would be confronted with the dialog all the time after the login and MFA was successful.

Do be aware that after pressing the sign in button the user has a session and can potentially access data, for example via the browser console, so to make it completely secure you need to implement this in a way that the session is only created after the login and MFA are successful.

Hope this helps in finding a solution.