Hmm, I tried it for the first time in a blank app and it works (mostly) as expected.
- I created a blank app (with a
login_with_form()check in the client) - I set the Users service to “email and password”, enabled 2FA and “reset 2FA by email”
- I set up a test user (myself) and set up a password
- I ran the app, seeing “no authentication methods available”, which I belive is to be expected at this stage.
- I clicked “reset 2FA by email”
- I clicked that link in my email, scanned the QR code, entered in the password and 6 digit pin, and was allowed into the app.
Now, one thing that was weird was that, when I clicked “force 2FA authentication on next login” (in the Users service), to try all of this again, the pins generated by my authenticator app would not work. I had to add another account in my authenticator app which allowed me to scan the QR code again. Then the generated pin was accepted.
If you use this app, and follow those steps above (but add your email and set up a password of course), can you make any progress?
https://anvil.works/build#clone:F5MHDBM6BIFETLZG=CT67TZEGRXOF7Q4Q7XZTXZHN