Comments (3)
The only extension point that I can think off of the top of my head is in terms of transport mechanisms. So something like this would suffice:
navigator.credentials.get({otp: {transport: ["sms"]}}).then((credentials) => {
// ....
});
It also leaves the door open to other things in case we need. It is also consistent with the WebAuthn API, so kinda of nice. Open to other extensibility points too.
from web-otp.
Would you expect the user agent to do anything different based on the transport types provided to the user? I assume we'd be relying on an underlying platform-exposed API that handled some set of transports, but I can imagine the user agent might render different UX depending on the options available?
For the OTPCredentialRequestOptions
, I think I'd suggest erring on the side of something extensible to give yourself options in the future. Treating it as a dictionary with a single transport
member sounds fine to me.
(I'd note, though, that you'll likely want to expose in some way (perhaps a static transports
attribute on OTPCredential
?) whether or not a specific set of transports is available so that developers know how they can send an OTP. (And you'll need to think about the fingerprinting surface that exposes.))
from web-otp.
Would you expect the user agent to do anything different based on the transport types provided to the user? I assume we'd be relying on an underlying platform-exposed API that handled some set of transports, but I can imagine the user agent might render different UX depending on the options available?
Yes. Listening to SMS messages isn't free (e.g. it creates a Task<> on Android), so if we were expecting an "OTP by email" we wouldn't want to kick off the SMS retrieval process.
For the OTPCredentialRequestOptions, I think I'd suggest erring on the side of something extensible to give yourself options in the future. Treating it as a dictionary with a single transport member sounds fine to me.
SGTM.
from web-otp.
Related Issues (20)
- Typos and other editorial issues
- Ordering of transports in OTPCredentialRequestOptions not clear
- Editorial: [[DiscoverFromExternalSource]] uses same |options| name for two different variables
- Requirements for OTPCredentialRequestOptions.transport are incompatible with WebIDL HOT 2
- security checks in [[DiscoverFromExternalSource]] don't match those described in the security section
- Explanation for not using "trustworthy urls" is confusing
- Inaccuracies in framing of "comparable APIs" in explainer
- The specification draft link in the README is a dead link
- Repo got renamed HOT 2
- Repo is fork
- Why stop working if I add sender to my contacts? HOT 1
- Email OTP HOT 2
- Support WebOTP in cross-origin iframe
- Supported browser for WebOTP
- Support for web push notification as a transport mechanism
- web opt API not working in react.js HOT 1
- Software-based OTP Applications
- Add AbortSignal's abort reason to WebOTP
- Message access pop-up appears even after aborting. HOT 2
- Broken references in WebOTP API
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from web-otp.