I'm fairly sure you can set custom headers with the forward auth (although I have never used it), you just have to configure it in the reverse proxy as well.
I believe you could setup email login by using the email TOTP 2FA much like I use my yubikey for passwordless authentication. You can modify the flows quite extensively... if you know what you are doing
I believe you could setup email login by using the email TOTP 2FA much like I use my yubikey for passwordless authentication. You can modify the flows quite extensively... if you know what you are doing