Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[spike] how to implement SMS-based auth on webapp #129

Open
pfortuna opened this issue Mar 28, 2020 · 1 comment
Open

[spike] how to implement SMS-based auth on webapp #129

pfortuna opened this issue Mar 28, 2020 · 1 comment

Comments

@pfortuna
Copy link
Contributor

Find the most user-friendly way of implementing SMS-based authentication.

The method must be trustable. SIM hijacking is out of scope as it isn't something we can easily fix.

Explore at least Amazon SMS services and Twilio offerings.

Write down a summary of the implementation steps, split between things we need to do in the DB, things we need to do in the backend and things we need to do in the frontend.
@gpirescampos
Copy link

This ticket was created 25 days ago, so I'm not sure if this is still something you're looking to implement. I'll leave my comment with what could be done, and I'm happy to detail the implementation afterwards if I get a response :)

Anyway, I saw that you're already using AWS Lambda in the backend, so maybe an idea could be to use AWS Cognito for user authentication. With AWS Amplify, it's fairly easy to implement a registration/authentication workflow ( they have specific libraries for Angular), that can also do MFA and Social Sign In. Given that, some research needs to be done to understand how we would migrate the current implementation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pfortuna @gpirescampos