Hi Ed, I am working on the feature to add support for 2FA using Google Authenticator. I got to know about the previous implementations of similar feature regarding this. Here are some of the links:
1. https://mifosforge.jira.com/wiki/spaces/projects/pages/185277689/GSoC+2017+-+Two-Factor+Authentication#GSoC2017-Two-FactorAuthentication-api_delivery 2. https://github.com/apache/fineract/pull/374 3. https://github.com/openMF/android-client/pull/727 These include the implementation of 2FA using SMS/email. Fineract has this merged already. I don't see any way how can I use the existing implementation to implement Time based OTP 2FA. Using Google Authenticator is an option. To implement it on Android, this library <https://github.com/wstrange/GoogleAuth> does the job easily. Now, for this whole system to work, I need to save one more parameter, 'google_authenticator_key' to the server associated with the user. So, I would be needing two changes to the API: 1. A new API endpoint to save/update the 'google_authenticator_key' against the user. 2. To update the authentication API endpoint to also return the 'google_authenticator_key'. It would be really helpful if someone can help me with this or connect me to the right person. -- Regards, *Prashant Khandelwal* M.Sc.(Hons.) Mathematics and B.E.(Hons.) Computer Science Mobile: +91 8077653023 | +91 8267851475 Email: Personal <[email protected]> | BITS Mail <[email protected]> *Birla Institute of Technology and Science Pilani* *Vidya Vihar, Pilani* *Rajasthan - 333031, India*
