@autional/plugin-mfa 0.2.0

package/README.md

@@ -0,0 +1,43 @@
+# @authms/plugin-mfa
+
+AuthMS MFA Plugin — Multi-Factor Authentication UI components and flows for `@authms/react`.
+
+## Components
+
+- **`MfaSetup`** — guided TOTP setup with QR code display and verification
+- **`MfaGuard`** — wrapper that requires MFA challenge before rendering children
+- **`BackupCodes`** — display and regenerate one-time backup codes
+- **`mfaPlugin`** — plugin factory to register with `AuthMS.use()`
+
+## Install
+
+```bash
+npm install @authms/core @authms/react @authms/plugin-mfa
+```
+
+## Quick Start
+
+```tsx
+import { AuthmsProvider, useAuthms } from '@authms/react';
+import { MfaSetup, MfaGuard, BackupCodes } from '@authms/plugin-mfa';
+
+function SecurityPage() {
+  return (
+    <div>
+      <h2>Two-Factor Authentication</h2>
+      <MfaSetup />
+      <BackupCodes />
+    </div>
+  );
+}
+
+function Dashboard() {
+  return (
+    <MfaGuard>
+      <h1>Sensitive Content</h1>
+    </MfaGuard>
+  );
+}
+```
+
+See the [root SDK README](../../README.md) for full documentation.

package/dist/index.d.mts

@@ -0,0 +1,17 @@
+import * as react from 'react';
+import { ReactNode } from 'react';
+import { AuthmsPlugin } from '@authms/core';
+
+declare function MfaSetup(): react.JSX.Element;
+
+declare function MfaGuard({ children }: {
+    children: ReactNode;
+}): react.JSX.Element;
+
+declare function BackupCodes({ codes }: {
+    codes: string[];
+}): react.JSX.Element;
+
+declare function mfaPlugin(): AuthmsPlugin;
+
+export { BackupCodes, MfaGuard, MfaSetup, mfaPlugin };

package/dist/index.d.ts

@@ -0,0 +1,17 @@
+import * as react from 'react';
+import { ReactNode } from 'react';
+import { AuthmsPlugin } from '@authms/core';
+
+declare function MfaSetup(): react.JSX.Element;
+
+declare function MfaGuard({ children }: {
+    children: ReactNode;
+}): react.JSX.Element;
+
+declare function BackupCodes({ codes }: {
+    codes: string[];
+}): react.JSX.Element;
+
+declare function mfaPlugin(): AuthmsPlugin;
+
+export { BackupCodes, MfaGuard, MfaSetup, mfaPlugin };

package/dist/index.js

@@ -0,0 +1,417 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  BackupCodes: () => BackupCodes,
+  MfaGuard: () => MfaGuard,
+  MfaSetup: () => MfaSetup,
+  mfaPlugin: () => mfaPlugin
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/MfaSetup.tsx
+var import_react2 = require("react");
+var import_react3 = require("@authms/react");
+
+// src/BackupCodes.tsx
+var import_react = require("react");
+var import_jsx_runtime = require("react/jsx-runtime");
+var styles = {
+  wrapper: { marginTop: 20 },
+  warning: {
+    background: "#fef3c7",
+    border: "1px solid #f59e0b",
+    borderRadius: 6,
+    padding: "10px 14px",
+    marginBottom: 14,
+    fontSize: 13,
+    color: "#92400e"
+  },
+  codeList: {
+    background: "#1f2937",
+    color: "#e5e7eb",
+    borderRadius: 8,
+    padding: "14px 18px",
+    fontFamily: "monospace",
+    fontSize: 14,
+    lineHeight: 2,
+    display: "grid",
+    gridTemplateColumns: "1fr 1fr",
+    gap: "0 16px",
+    marginBottom: 14
+  },
+  button: {
+    width: "100%",
+    padding: "8px 0",
+    background: "#fff",
+    color: "#374151",
+    border: "1px solid #d1d5db",
+    borderRadius: 6,
+    fontSize: 13,
+    fontWeight: 500,
+    cursor: "pointer"
+  },
+  copied: {
+    width: "100%",
+    padding: "8px 0",
+    background: "#ecfdf5",
+    color: "#065f46",
+    border: "1px solid #6ee7b7",
+    borderRadius: 6,
+    fontSize: 13,
+    fontWeight: 500
+  }
+};
+function BackupCodes({ codes }) {
+  const [copied, setCopied] = (0, import_react.useState)(false);
+  async function handleCopy() {
+    await navigator.clipboard.writeText(codes.join("\n"));
+    setCopied(true);
+    setTimeout(() => setCopied(false), 2e3);
+  }
+  return /* @__PURE__ */ (0, import_jsx_runtime.jsxs)("div", { style: styles.wrapper, children: [
+    /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { style: styles.warning, children: "\u26A0 Store these recovery codes in a safe place. Each code can only be used once. If you lose access to your authenticator app, these codes are the only way to recover your account." }),
+    /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { style: styles.codeList, children: codes.map((c, i) => /* @__PURE__ */ (0, import_jsx_runtime.jsx)("span", { children: c }, i)) }),
+    /* @__PURE__ */ (0, import_jsx_runtime.jsx)(
+      "button",
+      {
+        style: copied ? styles.copied : styles.button,
+        onClick: handleCopy,
+        children: copied ? "Copied!" : "Copy All Codes"
+      }
+    )
+  ] });
+}
+
+// src/MfaSetup.tsx
+var import_jsx_runtime2 = require("react/jsx-runtime");
+var styles2 = {
+  container: { maxWidth: 420, margin: "0 auto", padding: 24 },
+  title: { fontSize: 20, fontWeight: 600, marginBottom: 8 },
+  subtitle: { fontSize: 14, color: "#6b7280", marginBottom: 20 },
+  qrPlaceholder: {
+    width: 200,
+    height: 200,
+    margin: "0 auto 16px",
+    background: "#f3f4f6",
+    borderRadius: 8,
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    fontSize: 13,
+    color: "#9ca3af",
+    textAlign: "center"
+  },
+  secretBox: {
+    background: "#f9fafb",
+    border: "1px solid #e5e7eb",
+    borderRadius: 6,
+    padding: "10px 14px",
+    marginBottom: 20,
+    fontFamily: "monospace",
+    fontSize: 14,
+    wordBreak: "break-all"
+  },
+  input: {
+    width: "100%",
+    padding: "10px 12px",
+    fontSize: 16,
+    border: "1px solid #d1d5db",
+    borderRadius: 6,
+    outline: "none",
+    boxSizing: "border-box"
+  },
+  button: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#4f46e5",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "pointer"
+  },
+  buttonDisabled: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#9ca3af",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "not-allowed"
+  },
+  error: { color: "#ef4444", fontSize: 13, marginTop: 8 },
+  doneIcon: { fontSize: 48, marginBottom: 12, textAlign: "center" }
+};
+function MfaSetup() {
+  const { authms } = (0, import_react3.useAuthmsContext)();
+  const [flow, setFlow] = (0, import_react2.useState)("setup");
+  const [data, setData] = (0, import_react2.useState)(null);
+  const [code, setCode] = (0, import_react2.useState)("");
+  const [loading, setLoading] = (0, import_react2.useState)(false);
+  const [error, setError] = (0, import_react2.useState)("");
+  async function handleGenerate() {
+    setLoading(true);
+    setError("");
+    try {
+      const result = await authms.api.post(
+        "/identity/api/v1/mfa/totp/generate"
+      );
+      setData(result);
+      setFlow("verify");
+    } catch (e) {
+      setError(e instanceof Error ? e.message : "Failed to generate MFA setup");
+    } finally {
+      setLoading(false);
+    }
+  }
+  async function handleVerify() {
+    if (!code || !data) return;
+    setLoading(true);
+    setError("");
+    try {
+      await authms.api.post("/identity/api/v1/mfa/totp/verify", { code });
+      setFlow("done");
+    } catch (e) {
+      setError(e instanceof Error ? e.message : "Verification failed");
+    } finally {
+      setLoading(false);
+    }
+  }
+  if (flow === "done") {
+    return /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { style: styles2.container, children: [
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.doneIcon, children: "\u2713" }),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.title, children: "MFA Enabled" }),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.subtitle, children: "Two-factor authentication has been set up successfully." }),
+      data?.backupCodes && data.backupCodes.length > 0 && /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(BackupCodes, { codes: data.backupCodes })
+    ] });
+  }
+  if (flow === "verify" && data) {
+    return /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { style: styles2.container, children: [
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.title, children: "Verify Setup" }),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.subtitle, children: "Scan the QR code with your authenticator app, then enter the 6-digit code." }),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.qrPlaceholder, children: /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { children: [
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: { marginBottom: 8 }, children: "\u{1F50C}" }),
+        "QR Code",
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("br", {}),
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("span", { style: { fontSize: 11 }, children: "Use a qrcode library to render:" }),
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("br", {}),
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("span", { style: { fontSize: 11, fontFamily: "monospace" }, children: [
+          data.qrCodeUri.substring(0, 60),
+          "..."
+        ] })
+      ] }) }),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { style: styles2.secretBox, children: [
+        "Or enter manually: ",
+        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("strong", { children: data.secret })
+      ] }),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(
+        "input",
+        {
+          style: styles2.input,
+          type: "text",
+          inputMode: "numeric",
+          maxLength: 6,
+          placeholder: "000000",
+          value: code,
+          onChange: (e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6)),
+          onKeyDown: (e) => {
+            if (e.key === "Enter") handleVerify();
+          },
+          autoFocus: true
+        }
+      ),
+      /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(
+        "button",
+        {
+          style: loading || code.length !== 6 ? styles2.buttonDisabled : styles2.button,
+          onClick: handleVerify,
+          disabled: loading || code.length !== 6,
+          children: loading ? "Verifying..." : "Confirm"
+        }
+      ),
+      error && /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.error, children: error })
+    ] });
+  }
+  return /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("div", { style: styles2.container, children: [
+    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.title, children: "Set Up Two-Factor Authentication" }),
+    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.subtitle, children: "Add an extra layer of security to your account by enabling time-based one-time passwords (TOTP)." }),
+    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(
+      "button",
+      {
+        style: loading ? styles2.buttonDisabled : styles2.button,
+        onClick: handleGenerate,
+        disabled: loading,
+        children: loading ? "Generating..." : "Enable Authenticator App"
+      }
+    ),
+    error && /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("div", { style: styles2.error, children: error })
+  ] });
+}
+
+// src/MfaGuard.tsx
+var import_react4 = require("react");
+var import_react5 = require("@authms/react");
+var import_jsx_runtime3 = require("react/jsx-runtime");
+var styles3 = {
+  overlay: {
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    minHeight: 300,
+    padding: 24
+  },
+  card: { maxWidth: 380, width: "100%", textAlign: "center" },
+  title: { fontSize: 18, fontWeight: 600, marginBottom: 8 },
+  subtitle: { fontSize: 14, color: "#6b7280", marginBottom: 20 },
+  input: {
+    width: "100%",
+    padding: "10px 12px",
+    fontSize: 20,
+    textAlign: "center",
+    letterSpacing: 8,
+    border: "1px solid #d1d5db",
+    borderRadius: 6,
+    outline: "none",
+    boxSizing: "border-box"
+  },
+  button: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#4f46e5",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "pointer"
+  },
+  buttonDisabled: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#9ca3af",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "not-allowed"
+  },
+  error: { color: "#ef4444", fontSize: 13, marginTop: 8 },
+  loading: { fontSize: 14, color: "#9ca3af" }
+};
+function MfaGuard({ children }) {
+  const { authms } = (0, import_react5.useAuthmsContext)();
+  const [status, setStatus] = (0, import_react4.useState)(null);
+  const [busy, setBusy] = (0, import_react4.useState)(true);
+  const [code, setCode] = (0, import_react4.useState)("");
+  const [loading, setLoading] = (0, import_react4.useState)(false);
+  const [error, setError] = (0, import_react4.useState)("");
+  (0, import_react4.useEffect)(() => {
+    let cancelled = false;
+    authms.api.get("/identity/api/v1/mfa/status").then((s) => {
+      if (!cancelled) setStatus(s);
+    }).catch(() => {
+      if (!cancelled) setStatus({ enrolled: false, challenged: false });
+    }).finally(() => {
+      if (!cancelled) setBusy(false);
+    });
+    return () => {
+      cancelled = true;
+    };
+  }, [authms]);
+  if (busy) {
+    return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { style: styles3.overlay, children: /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { style: styles3.loading, children: "Loading..." }) });
+  }
+  if (!status?.enrolled) {
+    return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(import_jsx_runtime3.Fragment, { children });
+  }
+  if (status.challenged) {
+    return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(import_jsx_runtime3.Fragment, { children });
+  }
+  async function handleChallenge() {
+    if (!code) return;
+    setLoading(true);
+    setError("");
+    try {
+      await authms.api.post("/identity/api/v1/mfa/challenge/verify", { code });
+      setStatus((prev) => prev ? { ...prev, challenged: true } : prev);
+    } catch (e) {
+      setError(e instanceof Error ? e.message : "Challenge failed");
+    } finally {
+      setLoading(false);
+    }
+  }
+  return /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { style: styles3.overlay, children: /* @__PURE__ */ (0, import_jsx_runtime3.jsxs)("div", { style: styles3.card, children: [
+    /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { style: styles3.title, children: "Two-Factor Authentication" }),
+    /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { style: styles3.subtitle, children: "Enter the 6-digit code from your authenticator app to continue." }),
+    /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(
+      "input",
+      {
+        style: styles3.input,
+        type: "text",
+        inputMode: "numeric",
+        maxLength: 6,
+        placeholder: "000000",
+        value: code,
+        onChange: (e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6)),
+        onKeyDown: (e) => {
+          if (e.key === "Enter") handleChallenge();
+        },
+        autoFocus: true
+      }
+    ),
+    /* @__PURE__ */ (0, import_jsx_runtime3.jsx)(
+      "button",
+      {
+        style: loading || code.length !== 6 ? styles3.buttonDisabled : styles3.button,
+        onClick: handleChallenge,
+        disabled: loading || code.length !== 6,
+        children: loading ? "Verifying..." : "Verify"
+      }
+    ),
+    error && /* @__PURE__ */ (0, import_jsx_runtime3.jsx)("div", { style: styles3.error, children: error })
+  ] }) });
+}
+
+// src/mfa.ts
+function mfaPlugin() {
+  return {
+    name: "@authms/plugin-mfa",
+    version: "0.1.0",
+    install(_core) {
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  BackupCodes,
+  MfaGuard,
+  MfaSetup,
+  mfaPlugin
+});

package/dist/index.mjs

@@ -0,0 +1,387 @@
+// src/MfaSetup.tsx
+import { useState as useState2 } from "react";
+import { useAuthmsContext } from "@authms/react";
+
+// src/BackupCodes.tsx
+import { useState } from "react";
+import { jsx, jsxs } from "react/jsx-runtime";
+var styles = {
+  wrapper: { marginTop: 20 },
+  warning: {
+    background: "#fef3c7",
+    border: "1px solid #f59e0b",
+    borderRadius: 6,
+    padding: "10px 14px",
+    marginBottom: 14,
+    fontSize: 13,
+    color: "#92400e"
+  },
+  codeList: {
+    background: "#1f2937",
+    color: "#e5e7eb",
+    borderRadius: 8,
+    padding: "14px 18px",
+    fontFamily: "monospace",
+    fontSize: 14,
+    lineHeight: 2,
+    display: "grid",
+    gridTemplateColumns: "1fr 1fr",
+    gap: "0 16px",
+    marginBottom: 14
+  },
+  button: {
+    width: "100%",
+    padding: "8px 0",
+    background: "#fff",
+    color: "#374151",
+    border: "1px solid #d1d5db",
+    borderRadius: 6,
+    fontSize: 13,
+    fontWeight: 500,
+    cursor: "pointer"
+  },
+  copied: {
+    width: "100%",
+    padding: "8px 0",
+    background: "#ecfdf5",
+    color: "#065f46",
+    border: "1px solid #6ee7b7",
+    borderRadius: 6,
+    fontSize: 13,
+    fontWeight: 500
+  }
+};
+function BackupCodes({ codes }) {
+  const [copied, setCopied] = useState(false);
+  async function handleCopy() {
+    await navigator.clipboard.writeText(codes.join("\n"));
+    setCopied(true);
+    setTimeout(() => setCopied(false), 2e3);
+  }
+  return /* @__PURE__ */ jsxs("div", { style: styles.wrapper, children: [
+    /* @__PURE__ */ jsx("div", { style: styles.warning, children: "\u26A0 Store these recovery codes in a safe place. Each code can only be used once. If you lose access to your authenticator app, these codes are the only way to recover your account." }),
+    /* @__PURE__ */ jsx("div", { style: styles.codeList, children: codes.map((c, i) => /* @__PURE__ */ jsx("span", { children: c }, i)) }),
+    /* @__PURE__ */ jsx(
+      "button",
+      {
+        style: copied ? styles.copied : styles.button,
+        onClick: handleCopy,
+        children: copied ? "Copied!" : "Copy All Codes"
+      }
+    )
+  ] });
+}
+
+// src/MfaSetup.tsx
+import { jsx as jsx2, jsxs as jsxs2 } from "react/jsx-runtime";
+var styles2 = {
+  container: { maxWidth: 420, margin: "0 auto", padding: 24 },
+  title: { fontSize: 20, fontWeight: 600, marginBottom: 8 },
+  subtitle: { fontSize: 14, color: "#6b7280", marginBottom: 20 },
+  qrPlaceholder: {
+    width: 200,
+    height: 200,
+    margin: "0 auto 16px",
+    background: "#f3f4f6",
+    borderRadius: 8,
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    fontSize: 13,
+    color: "#9ca3af",
+    textAlign: "center"
+  },
+  secretBox: {
+    background: "#f9fafb",
+    border: "1px solid #e5e7eb",
+    borderRadius: 6,
+    padding: "10px 14px",
+    marginBottom: 20,
+    fontFamily: "monospace",
+    fontSize: 14,
+    wordBreak: "break-all"
+  },
+  input: {
+    width: "100%",
+    padding: "10px 12px",
+    fontSize: 16,
+    border: "1px solid #d1d5db",
+    borderRadius: 6,
+    outline: "none",
+    boxSizing: "border-box"
+  },
+  button: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#4f46e5",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "pointer"
+  },
+  buttonDisabled: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#9ca3af",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "not-allowed"
+  },
+  error: { color: "#ef4444", fontSize: 13, marginTop: 8 },
+  doneIcon: { fontSize: 48, marginBottom: 12, textAlign: "center" }
+};
+function MfaSetup() {
+  const { authms } = useAuthmsContext();
+  const [flow, setFlow] = useState2("setup");
+  const [data, setData] = useState2(null);
+  const [code, setCode] = useState2("");
+  const [loading, setLoading] = useState2(false);
+  const [error, setError] = useState2("");
+  async function handleGenerate() {
+    setLoading(true);
+    setError("");
+    try {
+      const result = await authms.api.post(
+        "/identity/api/v1/mfa/totp/generate"
+      );
+      setData(result);
+      setFlow("verify");
+    } catch (e) {
+      setError(e instanceof Error ? e.message : "Failed to generate MFA setup");
+    } finally {
+      setLoading(false);
+    }
+  }
+  async function handleVerify() {
+    if (!code || !data) return;
+    setLoading(true);
+    setError("");
+    try {
+      await authms.api.post("/identity/api/v1/mfa/totp/verify", { code });
+      setFlow("done");
+    } catch (e) {
+      setError(e instanceof Error ? e.message : "Verification failed");
+    } finally {
+      setLoading(false);
+    }
+  }
+  if (flow === "done") {
+    return /* @__PURE__ */ jsxs2("div", { style: styles2.container, children: [
+      /* @__PURE__ */ jsx2("div", { style: styles2.doneIcon, children: "\u2713" }),
+      /* @__PURE__ */ jsx2("div", { style: styles2.title, children: "MFA Enabled" }),
+      /* @__PURE__ */ jsx2("div", { style: styles2.subtitle, children: "Two-factor authentication has been set up successfully." }),
+      data?.backupCodes && data.backupCodes.length > 0 && /* @__PURE__ */ jsx2(BackupCodes, { codes: data.backupCodes })
+    ] });
+  }
+  if (flow === "verify" && data) {
+    return /* @__PURE__ */ jsxs2("div", { style: styles2.container, children: [
+      /* @__PURE__ */ jsx2("div", { style: styles2.title, children: "Verify Setup" }),
+      /* @__PURE__ */ jsx2("div", { style: styles2.subtitle, children: "Scan the QR code with your authenticator app, then enter the 6-digit code." }),
+      /* @__PURE__ */ jsx2("div", { style: styles2.qrPlaceholder, children: /* @__PURE__ */ jsxs2("div", { children: [
+        /* @__PURE__ */ jsx2("div", { style: { marginBottom: 8 }, children: "\u{1F50C}" }),
+        "QR Code",
+        /* @__PURE__ */ jsx2("br", {}),
+        /* @__PURE__ */ jsx2("span", { style: { fontSize: 11 }, children: "Use a qrcode library to render:" }),
+        /* @__PURE__ */ jsx2("br", {}),
+        /* @__PURE__ */ jsxs2("span", { style: { fontSize: 11, fontFamily: "monospace" }, children: [
+          data.qrCodeUri.substring(0, 60),
+          "..."
+        ] })
+      ] }) }),
+      /* @__PURE__ */ jsxs2("div", { style: styles2.secretBox, children: [
+        "Or enter manually: ",
+        /* @__PURE__ */ jsx2("strong", { children: data.secret })
+      ] }),
+      /* @__PURE__ */ jsx2(
+        "input",
+        {
+          style: styles2.input,
+          type: "text",
+          inputMode: "numeric",
+          maxLength: 6,
+          placeholder: "000000",
+          value: code,
+          onChange: (e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6)),
+          onKeyDown: (e) => {
+            if (e.key === "Enter") handleVerify();
+          },
+          autoFocus: true
+        }
+      ),
+      /* @__PURE__ */ jsx2(
+        "button",
+        {
+          style: loading || code.length !== 6 ? styles2.buttonDisabled : styles2.button,
+          onClick: handleVerify,
+          disabled: loading || code.length !== 6,
+          children: loading ? "Verifying..." : "Confirm"
+        }
+      ),
+      error && /* @__PURE__ */ jsx2("div", { style: styles2.error, children: error })
+    ] });
+  }
+  return /* @__PURE__ */ jsxs2("div", { style: styles2.container, children: [
+    /* @__PURE__ */ jsx2("div", { style: styles2.title, children: "Set Up Two-Factor Authentication" }),
+    /* @__PURE__ */ jsx2("div", { style: styles2.subtitle, children: "Add an extra layer of security to your account by enabling time-based one-time passwords (TOTP)." }),
+    /* @__PURE__ */ jsx2(
+      "button",
+      {
+        style: loading ? styles2.buttonDisabled : styles2.button,
+        onClick: handleGenerate,
+        disabled: loading,
+        children: loading ? "Generating..." : "Enable Authenticator App"
+      }
+    ),
+    error && /* @__PURE__ */ jsx2("div", { style: styles2.error, children: error })
+  ] });
+}
+
+// src/MfaGuard.tsx
+import { useState as useState3, useEffect } from "react";
+import { useAuthmsContext as useAuthmsContext2 } from "@authms/react";
+import { Fragment, jsx as jsx3, jsxs as jsxs3 } from "react/jsx-runtime";
+var styles3 = {
+  overlay: {
+    display: "flex",
+    alignItems: "center",
+    justifyContent: "center",
+    minHeight: 300,
+    padding: 24
+  },
+  card: { maxWidth: 380, width: "100%", textAlign: "center" },
+  title: { fontSize: 18, fontWeight: 600, marginBottom: 8 },
+  subtitle: { fontSize: 14, color: "#6b7280", marginBottom: 20 },
+  input: {
+    width: "100%",
+    padding: "10px 12px",
+    fontSize: 20,
+    textAlign: "center",
+    letterSpacing: 8,
+    border: "1px solid #d1d5db",
+    borderRadius: 6,
+    outline: "none",
+    boxSizing: "border-box"
+  },
+  button: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#4f46e5",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "pointer"
+  },
+  buttonDisabled: {
+    width: "100%",
+    padding: "10px 0",
+    marginTop: 12,
+    background: "#9ca3af",
+    color: "#fff",
+    border: "none",
+    borderRadius: 6,
+    fontSize: 14,
+    fontWeight: 500,
+    cursor: "not-allowed"
+  },
+  error: { color: "#ef4444", fontSize: 13, marginTop: 8 },
+  loading: { fontSize: 14, color: "#9ca3af" }
+};
+function MfaGuard({ children }) {
+  const { authms } = useAuthmsContext2();
+  const [status, setStatus] = useState3(null);
+  const [busy, setBusy] = useState3(true);
+  const [code, setCode] = useState3("");
+  const [loading, setLoading] = useState3(false);
+  const [error, setError] = useState3("");
+  useEffect(() => {
+    let cancelled = false;
+    authms.api.get("/identity/api/v1/mfa/status").then((s) => {
+      if (!cancelled) setStatus(s);
+    }).catch(() => {
+      if (!cancelled) setStatus({ enrolled: false, challenged: false });
+    }).finally(() => {
+      if (!cancelled) setBusy(false);
+    });
+    return () => {
+      cancelled = true;
+    };
+  }, [authms]);
+  if (busy) {
+    return /* @__PURE__ */ jsx3("div", { style: styles3.overlay, children: /* @__PURE__ */ jsx3("div", { style: styles3.loading, children: "Loading..." }) });
+  }
+  if (!status?.enrolled) {
+    return /* @__PURE__ */ jsx3(Fragment, { children });
+  }
+  if (status.challenged) {
+    return /* @__PURE__ */ jsx3(Fragment, { children });
+  }
+  async function handleChallenge() {
+    if (!code) return;
+    setLoading(true);
+    setError("");
+    try {
+      await authms.api.post("/identity/api/v1/mfa/challenge/verify", { code });
+      setStatus((prev) => prev ? { ...prev, challenged: true } : prev);
+    } catch (e) {
+      setError(e instanceof Error ? e.message : "Challenge failed");
+    } finally {
+      setLoading(false);
+    }
+  }
+  return /* @__PURE__ */ jsx3("div", { style: styles3.overlay, children: /* @__PURE__ */ jsxs3("div", { style: styles3.card, children: [
+    /* @__PURE__ */ jsx3("div", { style: styles3.title, children: "Two-Factor Authentication" }),
+    /* @__PURE__ */ jsx3("div", { style: styles3.subtitle, children: "Enter the 6-digit code from your authenticator app to continue." }),
+    /* @__PURE__ */ jsx3(
+      "input",
+      {
+        style: styles3.input,
+        type: "text",
+        inputMode: "numeric",
+        maxLength: 6,
+        placeholder: "000000",
+        value: code,
+        onChange: (e) => setCode(e.target.value.replace(/\D/g, "").slice(0, 6)),
+        onKeyDown: (e) => {
+          if (e.key === "Enter") handleChallenge();
+        },
+        autoFocus: true
+      }
+    ),
+    /* @__PURE__ */ jsx3(
+      "button",
+      {
+        style: loading || code.length !== 6 ? styles3.buttonDisabled : styles3.button,
+        onClick: handleChallenge,
+        disabled: loading || code.length !== 6,
+        children: loading ? "Verifying..." : "Verify"
+      }
+    ),
+    error && /* @__PURE__ */ jsx3("div", { style: styles3.error, children: error })
+  ] }) });
+}
+
+// src/mfa.ts
+function mfaPlugin() {
+  return {
+    name: "@authms/plugin-mfa",
+    version: "0.1.0",
+    install(_core) {
+    }
+  };
+}
+export {
+  BackupCodes,
+  MfaGuard,
+  MfaSetup,
+  mfaPlugin
+};

package/package.json

@@ -0,0 +1,57 @@
+{
+  "name": "@autional/plugin-mfa",
+  "version": "0.2.0",
+  "description": "AuthMS MFA Plugin — Multi-Factor Authentication UI components and flows for @autional/react",
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    }
+  },
+  "sideEffects": false,
+  "scripts": {
+    "build": "tsup src/index.ts --format cjs,esm --dts --clean --external react --external react-dom --external @autional/core --external @autional/react",
+    "dev": "tsup src/index.ts --format cjs,esm --dts --watch --external react --external react-dom --external @autional/core --external @autional/react",
+    "typecheck": "tsc --noEmit",
+    "clean": "rimraf dist"
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "keywords": [
+    "auth",
+    "authentication",
+    "mfa",
+    "totp",
+    "2fa",
+    "authms",
+    "plugin"
+  ],
+  "license": "MIT",
+  "peerDependencies": {
+    "@autional/core": ">=0.1.0",
+    "@autional/react": ">=0.1.0",
+    "react": ">=18.0.0",
+    "react-dom": ">=18.0.0"
+  },
+  "dependencies": {
+    "@autional/core": ">=0.1.0",
+    "@autional/react": ">=0.1.0"
+  },
+  "devDependencies": {
+    "@autional/tsconfig": ">=0.1.0",
+    "@types/react": "^19.0.0",
+    "@types/react-dom": "^19.0.0",
+    "react": ">=18.0.0",
+    "react-dom": "^19.0.0",
+    "rimraf": "^5.0.0",
+    "tsup": "^8.4.0",
+    "typescript": "^5.8.0",
+    "vitest": "^3.0.0"
+  }
+}

package/src/BackupCodes.tsx

@@ -0,0 +1,60 @@
+import { useState } from 'react';
+
+const styles = {
+  wrapper: { marginTop: 20 } as React.CSSProperties,
+  warning: {
+    background: '#fef3c7', border: '1px solid #f59e0b',
+    borderRadius: 6, padding: '10px 14px', marginBottom: 14,
+    fontSize: 13, color: '#92400e',
+  } as React.CSSProperties,
+  codeList: {
+    background: '#1f2937', color: '#e5e7eb',
+    borderRadius: 8, padding: '14px 18px',
+    fontFamily: 'monospace', fontSize: 14, lineHeight: 2,
+    display: 'grid', gridTemplateColumns: '1fr 1fr', gap: '0 16px',
+    marginBottom: 14,
+  } as React.CSSProperties,
+  button: {
+    width: '100%', padding: '8px 0',
+    background: '#fff', color: '#374151', border: '1px solid #d1d5db',
+    borderRadius: 6, fontSize: 13, fontWeight: 500, cursor: 'pointer',
+  } as React.CSSProperties,
+  copied: {
+    width: '100%', padding: '8px 0',
+    background: '#ecfdf5', color: '#065f46', border: '1px solid #6ee7b7',
+    borderRadius: 6, fontSize: 13, fontWeight: 500,
+  } as React.CSSProperties,
+};
+
+export function BackupCodes({ codes }: { codes: string[] }) {
+  const [copied, setCopied] = useState(false);
+
+  async function handleCopy() {
+    await navigator.clipboard.writeText(codes.join('\n'));
+    setCopied(true);
+    setTimeout(() => setCopied(false), 2000);
+  }
+
+  return (
+    <div style={styles.wrapper}>
+      <div style={styles.warning}>
+        &#9888; Store these recovery codes in a safe place. Each code can only be
+        used once. If you lose access to your authenticator app, these codes are
+        the only way to recover your account.
+      </div>
+
+      <div style={styles.codeList}>
+        {codes.map((c, i) => (
+          <span key={i}>{c}</span>
+        ))}
+      </div>
+
+      <button
+        style={copied ? styles.copied : styles.button}
+        onClick={handleCopy}
+      >
+        {copied ? 'Copied!' : 'Copy All Codes'}
+      </button>
+    </div>
+  );
+}

package/src/MfaGuard.tsx

@@ -0,0 +1,111 @@
+import { useState, useEffect, type ReactNode } from 'react';
+import { useAuthmsContext } from '@authms/react';
+
+interface MfaStatus {
+  enrolled: boolean;
+  challenged: boolean;
+}
+
+const styles = {
+  overlay: {
+    display: 'flex', alignItems: 'center', justifyContent: 'center',
+    minHeight: 300, padding: 24,
+  } as React.CSSProperties,
+  card: { maxWidth: 380, width: '100%', textAlign: 'center' } as React.CSSProperties,
+  title: { fontSize: 18, fontWeight: 600, marginBottom: 8 } as React.CSSProperties,
+  subtitle: { fontSize: 14, color: '#6b7280', marginBottom: 20 } as React.CSSProperties,
+  input: {
+    width: '100%', padding: '10px 12px', fontSize: 20, textAlign: 'center',
+    letterSpacing: 8, border: '1px solid #d1d5db', borderRadius: 6, outline: 'none',
+    boxSizing: 'border-box',
+  } as React.CSSProperties,
+  button: {
+    width: '100%', padding: '10px 0', marginTop: 12,
+    background: '#4f46e5', color: '#fff', border: 'none',
+    borderRadius: 6, fontSize: 14, fontWeight: 500, cursor: 'pointer',
+  } as React.CSSProperties,
+  buttonDisabled: {
+    width: '100%', padding: '10px 0', marginTop: 12,
+    background: '#9ca3af', color: '#fff', border: 'none',
+    borderRadius: 6, fontSize: 14, fontWeight: 500, cursor: 'not-allowed',
+  } as React.CSSProperties,
+  error: { color: '#ef4444', fontSize: 13, marginTop: 8 } as React.CSSProperties,
+  loading: { fontSize: 14, color: '#9ca3af' } as React.CSSProperties,
+};
+
+export function MfaGuard({ children }: { children: ReactNode }) {
+  const { authms } = useAuthmsContext();
+  const [status, setStatus] = useState<MfaStatus | null>(null);
+  const [busy, setBusy] = useState(true);
+  const [code, setCode] = useState('');
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState('');
+
+  useEffect(() => {
+    let cancelled = false;
+    authms.api.get<MfaStatus>('/identity/api/v1/mfa/status')
+      .then((s) => { if (!cancelled) setStatus(s); })
+      .catch(() => { if (!cancelled) setStatus({ enrolled: false, challenged: false }); })
+      .finally(() => { if (!cancelled) setBusy(false); });
+    return () => { cancelled = true; };
+  }, [authms]);
+
+  if (busy) {
+    return <div style={styles.overlay}><div style={styles.loading}>Loading...</div></div>;
+  }
+
+  if (!status?.enrolled) {
+    return <>{children}</>;
+  }
+
+  if (status.challenged) {
+    return <>{children}</>;
+  }
+
+  async function handleChallenge() {
+    if (!code) return;
+    setLoading(true);
+    setError('');
+    try {
+      await authms.api.post('/identity/api/v1/mfa/challenge/verify', { code });
+      setStatus((prev) => prev ? { ...prev, challenged: true } : prev);
+    } catch (e) {
+      setError(e instanceof Error ? e.message : 'Challenge failed');
+    } finally {
+      setLoading(false);
+    }
+  }
+
+  return (
+    <div style={styles.overlay}>
+      <div style={styles.card}>
+        <div style={styles.title}>Two-Factor Authentication</div>
+        <div style={styles.subtitle}>
+          Enter the 6-digit code from your authenticator app to continue.
+        </div>
+
+        <input
+          style={styles.input}
+          type="text"
+          inputMode="numeric"
+          maxLength={6}
+          placeholder="000000"
+          value={code}
+          onChange={(e) => setCode(e.target.value.replace(/\D/g, '').slice(0, 6))}
+          onKeyDown={(e) => { if (e.key === 'Enter') handleChallenge(); }}
+          autoFocus
+        />
+
+        <button
+          style={loading || code.length !== 6 ? styles.buttonDisabled : styles.button}
+          onClick={handleChallenge}
+          disabled={loading || code.length !== 6}
+        >
+          {loading ? 'Verifying...' : 'Verify'}
+        </button>
+
+        {error && <div style={styles.error}>{error}</div>}
+      </div>
+    </div>
+  );
+}

package/src/MfaSetup.tsx

@@ -0,0 +1,170 @@
+import { useState } from 'react';
+import { useAuthmsContext } from '@authms/react';
+import { BackupCodes } from './BackupCodes';
+
+type FlowState = 'setup' | 'verify' | 'done';
+
+interface TotpSetupData {
+  secret: string;
+  qrCodeUri: string;
+  backupCodes: string[];
+}
+
+const styles = {
+  container: { maxWidth: 420, margin: '0 auto', padding: 24 } as React.CSSProperties,
+  title: { fontSize: 20, fontWeight: 600, marginBottom: 8 } as React.CSSProperties,
+  subtitle: { fontSize: 14, color: '#6b7280', marginBottom: 20 } as React.CSSProperties,
+  qrPlaceholder: {
+    width: 200, height: 200, margin: '0 auto 16px',
+    background: '#f3f4f6', borderRadius: 8,
+    display: 'flex', alignItems: 'center', justifyContent: 'center',
+    fontSize: 13, color: '#9ca3af', textAlign: 'center',
+  } as React.CSSProperties,
+  secretBox: {
+    background: '#f9fafb', border: '1px solid #e5e7eb',
+    borderRadius: 6, padding: '10px 14px', marginBottom: 20,
+    fontFamily: 'monospace', fontSize: 14, wordBreak: 'break-all',
+  } as React.CSSProperties,
+  input: {
+    width: '100%', padding: '10px 12px', fontSize: 16,
+    border: '1px solid #d1d5db', borderRadius: 6, outline: 'none',
+    boxSizing: 'border-box',
+  } as React.CSSProperties,
+  button: {
+    width: '100%', padding: '10px 0', marginTop: 12,
+    background: '#4f46e5', color: '#fff', border: 'none',
+    borderRadius: 6, fontSize: 14, fontWeight: 500, cursor: 'pointer',
+  } as React.CSSProperties,
+  buttonDisabled: {
+    width: '100%', padding: '10px 0', marginTop: 12,
+    background: '#9ca3af', color: '#fff', border: 'none',
+    borderRadius: 6, fontSize: 14, fontWeight: 500, cursor: 'not-allowed',
+  } as React.CSSProperties,
+  error: { color: '#ef4444', fontSize: 13, marginTop: 8 } as React.CSSProperties,
+  doneIcon: { fontSize: 48, marginBottom: 12, textAlign: 'center' } as React.CSSProperties,
+};
+
+export function MfaSetup() {
+  const { authms } = useAuthmsContext();
+  const [flow, setFlow] = useState<FlowState>('setup');
+  const [data, setData] = useState<TotpSetupData | null>(null);
+  const [code, setCode] = useState('');
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState('');
+
+  async function handleGenerate() {
+    setLoading(true);
+    setError('');
+    try {
+      const result = await authms.api.post<TotpSetupData>(
+        '/identity/api/v1/mfa/totp/generate',
+      );
+      setData(result);
+      setFlow('verify');
+    } catch (e) {
+      setError(e instanceof Error ? e.message : 'Failed to generate MFA setup');
+    } finally {
+      setLoading(false);
+    }
+  }
+
+  async function handleVerify() {
+    if (!code || !data) return;
+    setLoading(true);
+    setError('');
+    try {
+      await authms.api.post('/identity/api/v1/mfa/totp/verify', { code });
+      setFlow('done');
+    } catch (e) {
+      setError(e instanceof Error ? e.message : 'Verification failed');
+    } finally {
+      setLoading(false);
+    }
+  }
+
+  if (flow === 'done') {
+    return (
+      <div style={styles.container}>
+        <div style={styles.doneIcon}>&#10003;</div>
+        <div style={styles.title}>MFA Enabled</div>
+        <div style={styles.subtitle}>
+          Two-factor authentication has been set up successfully.
+        </div>
+        {data?.backupCodes && data.backupCodes.length > 0 && (
+          <BackupCodes codes={data.backupCodes} />
+        )}
+      </div>
+    );
+  }
+
+  if (flow === 'verify' && data) {
+    return (
+      <div style={styles.container}>
+        <div style={styles.title}>Verify Setup</div>
+        <div style={styles.subtitle}>
+          Scan the QR code with your authenticator app, then enter the 6-digit code.
+        </div>
+
+        {/* QR Code placeholder — replace with actual qrcode generation in your app */}
+        <div style={styles.qrPlaceholder}>
+          <div>
+            <div style={{ marginBottom: 8 }}>&#128268;</div>
+            QR Code
+            <br />
+            <span style={{ fontSize: 11 }}>Use a qrcode library to render:</span>
+            <br />
+            <span style={{ fontSize: 11, fontFamily: 'monospace' }}>
+              {data.qrCodeUri.substring(0, 60)}...
+            </span>
+          </div>
+        </div>
+
+        <div style={styles.secretBox}>
+          Or enter manually: <strong>{data.secret}</strong>
+        </div>
+
+        <input
+          style={styles.input}
+          type="text"
+          inputMode="numeric"
+          maxLength={6}
+          placeholder="000000"
+          value={code}
+          onChange={(e) => setCode(e.target.value.replace(/\D/g, '').slice(0, 6))}
+          onKeyDown={(e) => { if (e.key === 'Enter') handleVerify(); }}
+          autoFocus
+        />
+
+        <button
+          style={loading || code.length !== 6 ? styles.buttonDisabled : styles.button}
+          onClick={handleVerify}
+          disabled={loading || code.length !== 6}
+        >
+          {loading ? 'Verifying...' : 'Confirm'}
+        </button>
+
+        {error && <div style={styles.error}>{error}</div>}
+      </div>
+    );
+  }
+
+  return (
+    <div style={styles.container}>
+      <div style={styles.title}>Set Up Two-Factor Authentication</div>
+      <div style={styles.subtitle}>
+        Add an extra layer of security to your account by enabling
+        time-based one-time passwords (TOTP).
+      </div>
+
+      <button
+        style={loading ? styles.buttonDisabled : styles.button}
+        onClick={handleGenerate}
+        disabled={loading}
+      >
+        {loading ? 'Generating...' : 'Enable Authenticator App'}
+      </button>
+
+      {error && <div style={styles.error}>{error}</div>}
+    </div>
+  );
+}

package/src/__tests__/index.test.tsx

@@ -0,0 +1,27 @@
+// @ts-nocheck — vitest mock types
+import { describe, it, expect } from 'vitest';
+import { mfaPlugin } from '../index';
+
+describe('plugin-mfa', () => {
+  describe('mfaPlugin', () => {
+    it('returns an object with name and version', () => {
+      const plugin = mfaPlugin();
+      expect(plugin.name).toBeDefined();
+      expect(typeof plugin.name).toBe('string');
+      expect(plugin.version).toBeDefined();
+      expect(typeof plugin.version).toBe('string');
+    });
+
+    it('has install method', () => {
+      const plugin = mfaPlugin();
+      expect(plugin.install).toBeDefined();
+      expect(typeof plugin.install).toBe('function');
+    });
+
+    it('install calls core registration', () => {
+      const plugin = mfaPlugin();
+      const mockCore: any = { use: () => {} };
+      expect(() => plugin.install(mockCore)).not.toThrow();
+    });
+  });
+});

package/src/index.ts

@@ -0,0 +1,4 @@
+export { MfaSetup } from './MfaSetup';
+export { MfaGuard } from './MfaGuard';
+export { BackupCodes } from './BackupCodes';
+export { mfaPlugin } from './mfa';

package/src/mfa.ts

@@ -0,0 +1,10 @@
+import type { AuthmsPlugin } from '@authms/core';
+import type { AuthMS } from '@authms/core';
+
+export function mfaPlugin(): AuthmsPlugin {
+  return {
+    name: '@authms/plugin-mfa',
+    version: '0.1.0',
+    install(_core: AuthMS) {},
+  };
+}