User/password with strategy = database

[KATT]

I previously posted #3729 and thought it was a bug since I didn't get any visible error.

I understand that you don't want too much around user/password login to the library, but for my application, I need it (and I'm sure others do too). User/password with 2FA is a very good combo.

Would you be able to guide me on the steps to get a good user flow on it?

• I've gotten my CredentialAdapter working with jwt, but I prefer database sessions.
• I am currently both creating and validating the account in authorize() - is this the right thing to do?
• How do I enforce force a 2FA after someone has signed in?

Thank you so much for building next-auth, you're solving a massive timesink! ❤️

[indifferentghost]

I can't believe this hasn't been answered.

[190km]

they just dont care about it