Skip to content

Add TOTP-based Multi-Factor Authentication UI #5864

Description

@tomascohen

This adds the Angular frontend for TOTP Multi-Factor Authentication.

Companion to DSpace/DSpace#12703 which implements the backend REST API
and JWT-based two-phase authentication flow.

Implementation overview

  • NgRx actions/effects/reducer extensions for MFA state (mfaRequired, mfaVerifying, mfaError)
  • MfaService for HTTP calls to backend MFA endpoints
  • Login flow modification: authenticateSuccess$ effect detects mfa_verified=false in JWT claims
  • LogInMfaComponent: TOTP code and recovery code input during login
  • ProfilePageMfaFormComponent: Full MFA lifecycle management (setup with QR provisioning URI, verify, disable, regenerate recovery codes)
  • i18n keys for all MFA-related strings

User-facing changes

  1. Login page shows TOTP verification input after successful password authentication (when MFA enabled)
  2. Profile page gains a 'Two-Factor Authentication' card for setup/management
  3. Recovery code input available as fallback during login

Dependencies

Metadata

Metadata

Assignees

Fields

No fields configured for Feature.

Projects

Status
🏗 In Progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions