We implemented only 2FA (but Many_FA)
User must authorize for 2FA (second step) only after successful login with emal+password (first step)
We support a few kind of factors, but user have only 1 active factor at the same time
Now we implement only `SMS` factor type
We add blocking process (in case OTP error) for verifying step
We create additional blocking process (in case error password) for normal login process (login + password)
Logic 2FA process based on same token_types (access_token_type && 2fa_access_token_type)
2FA data store at separate entity `mithril.authentication_factors` (without status model, but with logical state for 2fa & user item)
OTP data store at existing separate entity `mithril.otp` (with status model)
At same time we have 1 active OTP for 1 factor

Authorize Flow

Change Factor Flow

Image Added

Child pages (Children Display)