move totp's secret.temp into session storage

NEW
Unassigned

Status

()

3 years ago
3 years ago

People

(Reporter: glob, Unassigned)

Tracking

(Depends on: 1 bug)

Production
Dependency tree / graph

Details

(Reporter)

Description

3 years ago
the totp 2fa provider stores a temporary secret in the profile_mfa table.
they should be stored in session attached storage to ensure they are transient.
(Reporter)

Updated

3 years ago
Priority: -- → P3
(Reporter)

Updated

3 years ago
No longer depends on: 1199088
(Reporter)

Updated

3 years ago
Assignee: glob → nobody
Depends on: 1199088
(Reporter)

Updated

3 years ago
Priority: P3 → --
You need to log in before you can comment on or make changes to this bug.