Allow setup of mobile client through Web Page using QR Code and One-Time Password

[ZLoth]

Is your feature request related to a problem? Please describe.

I share my audiobook library with a few close family members. Some of these members are technologically challenged and have difficulty with entering in a server name and login information to the mobile client.

Describe the solution you'd like

One possible solution is to have that relative scan a QR code from the AudioBookShelf server page to the AudioBookShelf app to configure their device. That QR code would contain a token which would pull in the following:

• Server information
• Login credentials

For security reasons, and to prevent the circulating of the QR code, the following should be implemented:

• Limited validation time of the QR code (e.g. Server set 1-99 minutes with a default of 30 minutes)
• A One-Time Password (e.g. 6 digit code) from the web page.

Additional context

My server is utilizing a free dynamic DNS service which consists of subdomain.dnsserver.com, and the name has a reference to a character from a movie which is a tad long. This can pose a accessibility challenge when setting up a mobile device for a older user especially with a mobile keyboard.

[Sapd]

Just for thought: Could be in theory fulfilled with Oauth2/OpenID as it supports a flow with a QR code "Device Code Flow". We would need this kind of flow for example for TVs (maybe also cars) etc in the future anyway. Problem is however with this flow, that either the serverurl has to be first typed/copied and then the QR code scanned. Or two QR codes scanned, one with the information of the serverurl, and then one with the token.