How to control MFA with Gatsby.js and auth0-react?

NeilShang · June 23, 2021, 5:53am

1.I refer to this document to protect routes

2.I enable MFA with always

3. I refresh the protected page after login ,I saw this request everytime.

4. And I will be redirect to MFA page when I refresh page after login
and this is my question
1.If I enable MFA with always,I need enter OTP everytime ,when refresh protect page?
2,if I only want to ask MFA when login not for refresh protect page,what can I do?

NeilShang · June 29, 2021, 7:31am

1.switch config to never

2.use this rule

github.com

auth0/rules/blob/master/src/rules/require-mfa-once-per-session.js

/**
 *
 * This rule can be used to avoid prompting a user for multifactor authentication if they have successfully completed MFA in their current session.
 *
 * This is particularly useful when performing silent authentication (`prompt=none`) to renew short-lived access tokens in a SPA (Single Page Application) during the duration of a user's session without having to rely on setting `allowRememberBrowser` to `true`.
 *
 * @title Require MFA once per session
 * @overview Require multifactor authentication only once per session
 * @gallery true
 * @category multifactor
 */

function requireMfaOncePerSession(user, context, callback) {
  let authMethods = [];
  if (context.authentication && Array.isArray(context.authentication.methods)) {
    authMethods = context.authentication.methods;
  }

  const completedMfa = !!authMethods.find((method) => method.name === 'mfa');

This file has been truncated. show original

konrad.sopala · June 29, 2021, 9:38am

Thanks for sharing it with the rest of community!

Topic		Replies	Views
Problem with MFA error "login_required" Get Help mfa	3	4995	October 27, 2020
Users have to reaffirm MFA on refresh Get Help login	3	4016	November 20, 2019
Not able to refresh token if mfa is eanbled (Error: mfa_required) Get Help mfa , one-time-password-otp-factor	6	4881	April 7, 2023
In-App management of MFA with auth0-spa-js Get Help mfa , spa , react , otp , auth0-spa-js	0	3984	July 17, 2019
What is the correct way to require MFA for ONLY auth0 connections? Get Help mfa , mfa-api	3	2836	January 11, 2023

How to control MFA with Gatsby.js and auth0-react?

Related topics