How to turn off two-factor for non password logins i.e. token? #173
Description
In the docs, there's a method:
def need_two_factor_authentication?(request)
request.ip != '127.0.0.1'
end
However, currently, the only user request is passed to the method and there is no way to access auth winning strategy to make a decision?
def need_two_factor_authentication?(auth)
if auth.winning_strategy.instance_of? Devise::Strategies::DatabaseAuthenticatable
return true
end
false # skip 2-factor authentication for token based logins
end
I think need_two_factor_authentication? method should accept auth as a parameter.
Thanks for your time!