Support Backup Codes for Multi-Factor Authentication

[amberrignell]

User story

As a user, I want to have the option to use backup codes for multi-factor authentication (MFA) so that I can securely access my account even when my primary authentication factors are unavailable.

User acceptance criteria

• Users should be able to generate and access backup codes during the initial setup process.
• Users should be able to enter backup codes as a valid authentication factor during the login process.
• Backup codes should be unique for each user and should not be reused.
• Backup codes should be one-time use and become invalid once used for authentication.
• Backup codes should be encrypted and stored securely to prevent unauthorized access.

[taylordowns2000]

@midigofrank - for next week https://openfn.slack.com/archives/C05F0D92BC1/p1690442356500769?thread_ts=1688672403.028319&cid=C05F0D92BC1

[taylordowns2000]

hey @midigofrank , i'd love EOD updates on this one given how tricky it got before. can you push & comment when you wrap up each day please?

super curious to see how you implement the feedback from @stuartc around adding the sudo token to the session itself.

[midigofrank]

Hey @taylordowns2000 , got it. We will send the updates before EOD

[sigu]

Update

• Removed the cookies and used session to keep track of the sudo mode

Next

• Write tests
• maybe rename two_factor_session to sudo_mode_session