Feature addition: Multi-Factor Authentication

.gitignore

@@ -38,8 +38,9 @@ images/app-icons/mac/*.png
 /playwright/.cache/
 /playwright/.auth/
 
+.env
 data-docs/backup
 data-docs/log
 data-docs/session
 data-docs/session_secret.txt
-data-docs/document.*
+data-docs/document.*

README.md

@@ -37,6 +37,7 @@ Feel free to join our official conversations. We would love to hear what feature
 * Fast and easy [navigation between notes](https://triliumnext.github.io/Docs/Wiki/note-navigation), full text search and [note hoisting](https://triliumnext.github.io/Docs/Wiki/note-hoisting)
 * Seamless [note versioning](https://triliumnext.github.io/Docs/Wiki/note-revisions)
 * Note [attributes](https://triliumnext.github.io/Docs/Wiki/attributes) can be used for note organization, querying and advanced [scripting](https://triliumnext.github.io/Docs/Wiki/scripts)
+* Direct OpenID and TOTP integration for more secure login
 * [Synchronization](https://triliumnext.github.io/Docs/Wiki/synchronization) with self-hosted sync server
   * there's a [3rd party service for hosting synchronisation server](https://trilium.cc/paid-hosting)
 * [Sharing](https://triliumnext.github.io/Docs/Wiki/sharing) (publishing) notes to public internet

db/schema.sql

@@ -126,6 +126,19 @@ CREATE TABLE IF NOT EXISTS "attachments"
     utcDateScheduledForErasureSince TEXT DEFAULT NULL,
     isDeleted    INT  not null,
     deleteId    TEXT DEFAULT NULL);
+CREATE TABLE IF NOT EXISTS "user_data"
+(
+    tmpID INT,
+    username TEXT,
+    email TEXT,
+    userIDEcnryptedDataKey TEXT,
+    userIDVerificationHash TEXT,
+    salt TEXT,
+    derivedKey TEXT,
+    isSetup TEXT DEFAULT "false",
+    UNIQUE (tmpID),
+    PRIMARY KEY (tmpID)
+);
 CREATE INDEX IDX_attachments_ownerId_role
     on attachments (ownerId, role);
 

example.env

@@ -0,0 +1,7 @@
+SSO_ENABLED="false"
+BASE_URL="http://localhost:8080"
+CLIENT_ID="1234"
+SECRET="I-Like-Trilium-Notes"
+
+TOTP_ENABLED="false"
+TOTP_SECRET="Trilium-Notes-is-the-best"