hex icon indicating copy to clipboard operation
hex copied to clipboard
verified publisher icon hexpm

Add 2FA option

Open supersimple opened this issue 5 years ago • 2 comments

2FA is offered on hexpm now. It would be nice to have the same auth option for the CLI This includes: [ ] modifying the auth API

If a user enables 2FA on hex.pm, should that also enable it on the CLI? or 2 separate settings? Should/Could there be a way to enable it from the CLI?

@ericmj @wojtekmach WDYT?

supersimple avatar May 10 '20 01:05 supersimple

If you enable 2FA it should be enabled on the CLI as well but probably only for authentication a new user (when we generate API keys) and when publishing. There should also be an option when generating API keys that do not require 2FA so that you can still publish etc. in automated environments such as CI.

ericmj avatar May 10 '20 15:05 ericmj

We need to inform users that when they enable 2FA they need to update their CLI clients to minimum X version.

There could be a use case for users that already enabled 2FA on the website to have an explicit opt-in for the CLI since we do not want their clients to suddenly break when we enable this feature and they haven't updated their clients yet.

ericmj avatar May 10 '20 15:05 ericmj