Ore
Ore copied to clipboard
Allow organizations to require 2fa
GitHub has a feature where organizations can require that all members have 2fa enabled for their respective accounts. It would be nice if Ore provided a similar feature for interested organizations.
We can implement this in two ways:
- Don't allow the user to join the organization if it requires 2FA and they don't have 2FA.
- Let them join but don't allow them to do anything.
The second option would be harder to implement, and not checking every error could lead to a security issue, so I think the first option is the route we should go.
I'm scheduling this for v2.1 as I believe it won't be needed until then. Shout any objections.
https://github.com/SpongePowered/SpongeAuth/issues/183 will complicate this somewhat.