Oh great! I completely overlooked that extra credit chapter. I’ll follow that tutorial and then try to set up Google afterward. I’ll be sure to send over my steps if I’m successful in getting it to work!
Has anyone figured out a way to incorporate MFA into this signup flow?
I have got the sign up and verify working, but looking at adding MFA to both the sign up and login, but have not been able to work it out yet. Would appreciate any guidance.
Have you tried the MFA portion in the Amplify docs - https://aws-amplify.github.io/docs/js/authentication#enabling-mfa. We’ve used it internally and it works.
We might add this to the guide at some point.
Thanks, I couldn’t get amplify to do everything for MFA enforced registration. In the end I ended up using Amplify and qrcode.react to generate the QR, then a lambda function to validate the submitted TOTP code. This validation function is reused for login. That way the MFA validation is handled ‘server’(less)-side in the Lambda, rather than by the front-end.
For the purposes of the registration I was also hoping that I would be able to use the code quick enough to both confirm MFA and log the user in. But the TOTP is single use, so there is no way around that.
Yeah that makes sense. We did something similar but did the validation on the frontend.