简体繁体 English

在GraphQL实现2FA

[英]Implement 2FA in GraphQL

原文 2023-01-19 17:15:52 3 1 api/ graphql/ graphql-java/ two-factor-authentication/ psd2

Hello I would like to implement a 2FA with GraphQL. In my case, I want my API to be compliant with PSD2 .您好，我想使用 GraphQL 实施 2FA。就我而言，我希望我的 API 符合PSD2 。

Is this possible and how can I implement this, when I want to send a OTP to a user?当我想向用户发送 OTP 时，这可能吗？我该如何实现？

Here is an extract from PSD2 to the two factor authentication:以下是 PSD2 对双因素身份验证的摘录：

an authentication based on the use of two or more elements categorized as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data.基于两个或多个元素的使用的身份验证，这些元素被归类为独立的知识（只有用户知道的东西）、拥有（只有用户拥有的东西）和继承性（用户的东西），因为违反一个不会损害其他人的可靠性，并以保护身份验证数据的机密性的方式设计。

1 个解决方案

You'll need one mutation for the credentials (typically username and password) and a second one for the 2nd factor.您需要对凭据（通常是用户名和密码）进行一次更改，对第二个因素进行第二次更改。 Otherwise GraphQL doesn't know anything about 2FA, it's all up to you to decide what the factors are and how to implement the exchanges.否则GraphQL对2FA一无所知，具体是什么因素，如何实现交换，全由你来决定。 You can use 3rd party tools like Auth0 or Okta, doesn't really matter.您可以使用 Auth0 或 Okta 等第三方工具，这并不重要。