Is there a WebCore demo that demonstrates using this? Or will TSphinxWebLogin just display the QR Code?
The existing Sphinx "Simple" demo shows it. In the demo, one of the users requires 2fa to login, and in the demo it shows the authenticator secret and the authenticator URL (which can be used to generate a QR Code).
1 Like
Are you using the very latest version? We have just released an update that fixed such issue.
Yes: 1.10.0
same issue : Problem with demo SphinxServer - BIZ / TMS Sphinx - TMS Support Center (tmssoftware.com)
Sorry, my mistake. Somehow the version was not released. Now it is, can you please update and check if all is ok now?
I was hoping that the TSphinxWebLogin process would display the QR Code, as you'd expect it to show on the Verify Your Identity form, above the once time code field. Is there a way to show it there as I'm not sure where else you'd expect it to show?
For now it's up to the application to gather the 2fa secret and provide it to the end-user, either via QR Code or simply showing the secret, the demo does that in the memo control in server app.
As we don't get to interact with the SphinxLogin process, and it is this that asks for the 2FA code, I am not sure where to start with that.
Certainly wouldn't show the secret on plain text anywhere - the idea is proof that they have access to a registered device.
Is it possible to have a TSphinxConfig.OnGenerate2FACode so we can at least send an email or SMS?
I suppose we could write our own and not have people registered as 2FA on the Sphinx user database and then do something in TSphinxWebLogin.OnUserLoggedIn, but that's not very slick.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.