Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow organizations to require 2fa #537

Open
Aaron1011 opened this issue Apr 25, 2018 · 2 comments
Open

Allow organizations to require 2fa #537

Aaron1011 opened this issue Apr 25, 2018 · 2 comments
Labels
status: accepted status: auth pending
Milestone
v2.x

Comments

@Aaron1011
Copy link
Contributor

GitHub has a feature where organizations can require that all members have 2fa enabled for their respective accounts. It would be nice if Ore provided a similar feature for interested organizations.
@phase phase added this to the v2.1.0 milestone Apr 26, 2018
@phase
Copy link
Contributor

phase commented Apr 26, 2018

We can implement this in two ways:

  1. Don't allow the user to join the organization if it requires 2FA and they don't have 2FA.
  2. Let them join but don't allow them to do anything.

The second option would be harder to implement, and not checking every error could lead to a security issue, so I think the first option is the route we should go.

I'm scheduling this for v2.1 as I believe it won't be needed until then. Shout any objections.

@Aaron1011
Copy link
Contributor Author

SpongePowered/SpongeAuth#183 will complicate this somewhat.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: accepted status: auth pending
Projects
None yet
Milestone
v2.x
Development

No branches or pull requests
4 participants
@Aaron1011 @progwml6 @phase @Katrix