stages/authenticator_email: Email OTP

[melizeche]

Details

stages/authenticator_email: Add Email Authenticator Stage

Introduces a new authentication stage that enables email-based two-factor authentication. This stage:

• Allows users to set up and verify their email for 2FA
• Supports configurable email templates for OTP delivery
• Integrates with existing flow and challenge system

closes #3291

Documentation PR: #12853

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-docs canceled.

Name	Link
🔨 Latest commit	af5965a
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/67b005cf1f08e60008755b07

[netlify]

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	af5965a
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/67b005cf27c74300082624f8

[codecov]

Codecov Report

Attention: Patch coverage is 94.38878% with 28 lines in your changes missing coverage. Please review.

Project coverage is 92.79%. Comparing base (98f3b9a) to head (af5965a).
Report is 55 commits behind head on main.

Files with missing lines	Patch %	Lines
authentik/stages/authenticator_email/stage.py	86.66%	14 Missing ⚠️
authentik/lib/utils/email.py	71.87%	9 Missing ⚠️
authentik/stages/authenticator_email/models.py	96.34%	3 Missing ⚠️
authentik/stages/authenticator_validate/stage.py	84.61%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #12630      +/-   ##
==========================================
+ Coverage   92.75%   92.79%   +0.03%     
==========================================
  Files         785      792       +7     
  Lines       39623    40109     +486     
==========================================
+ Hits        36754    37218     +464     
- Misses       2869     2891      +22     

Flag	Coverage Δ
e2e	48.28% <31.66%> (-0.21%)	⬇️
integration	24.51% <22.04%> (-0.03%)	⬇️
unit	90.48% <94.38%> (+0.05%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[melizeche]

@rissson I pushed the generated schema.yml and blueprints/schema.json
Is this the correct procedure?

[rissson]

I pushed the generated schema.yml and blueprints/schema.json Is this the correct procedure?

Yes, that's the way to go about it

[melizeche]

Videos

Set up
https://github.com/user-attachments/assets/61f26b3e-eed5-4311-8662-5bf18d031766

Demo user without email on their profile
https://github.com/user-attachments/assets/72369ffe-d71a-4ec0-bb9a-cb8ca0f5f36f

Demo user with email on their profile
https://github.com/user-attachments/assets/6ef9893f-8d67-4480-b96b-47e513f3b1c5

[notion-workspace]

Email OTP

[BeryJu]

Some minor last changes, otherwise LGTM

[melizeche]

@BeryJu I had to undo your change, self.user_pk doesn't exists here, I changed to self.user_id