Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/born05/craft-twofactorauthentication
Craft plugin for two-factor or two-step login using Time Based OTP.
https://github.com/born05/craft-twofactorauthentication
authentication craftcms craftcms-plugin login two-factor two-step
Last synced: 2 days ago
JSON representation
Craft plugin for two-factor or two-step login using Time Based OTP.
- Host: GitHub
- URL: https://github.com/born05/craft-twofactorauthentication
- Owner: born05
- License: mit
- Created: 2017-05-05T08:31:26.000Z (over 7 years ago)
- Default Branch: craft-4
- Last Pushed: 2024-06-27T07:48:25.000Z (6 months ago)
- Last Synced: 2024-12-13T16:49:37.977Z (9 days ago)
- Topics: authentication, craftcms, craftcms-plugin, login, two-factor, two-step
- Language: PHP
- Homepage:
- Size: 671 KB
- Stars: 36
- Watchers: 7
- Forks: 26
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.md
Awesome Lists containing this project
README
# Two-Factor Authentication
Craft 4 plugin for two-factor or two-step login using Time Based OTP (TOTP, like Google Authenticator).
Every user can setup TOTP themselves, the plugin does not force users. Admins can list usage in user tables.
## Inner working
Login works as usual for users without 2-factor auth.
When enabled, the user is redirected to the 2-factor verification page after login.
This means the user is already logged in. When the user tries to visit an other Control Panel page than the public ones before verification, the logout is triggered. This blocks the user from visiting the CP unverified.
## Requirements
- Craft 4.0.0 and up
- PHP 8.1 and up
## Setting up back end 2FA
- Set `verifyBackEnd` to `true` in the config file (this is the default).
- Set `forceBackEnd` to `true` if you want to prevent users from accessing the control panel without first enabling 2FA.
## Setting up front end 2FA
When using a login for front end users, the following steps add 2FA support.
- Copy the [two-factor-authentication.php](https://github.com/born05/craft-twofactorauthentication/blob/craft-3.1/examples/two-factor-authentication.php) file to your `config/` folder.
- Set `verifyFrontEnd` to `true` in the config file.
- Define what urls should be protected with 2FA verification. Choose between using the `frontEndPathAllow` or `frontEndPathExclude`! Using both will block everything! See config for additional info.
- Build a 2FA login-verify form accessible by url like the [example twig](https://github.com/born05/craft-twofactorauthentication/blob/craft-3.1/examples/login-verify.twig).
- Set the `verifyPath`. For our `login-verify.twig` example the path would be `login-verify`.
- Allow users setting up 2FA in front end by building a template like the [example twig](https://github.com/born05/craft-twofactorauthentication/blob/craft-3.1/examples/two-factor-settings.twig).
- Set the `settingsPath`. For our `two-factor-settings.twig` example the path would be `two-factor-settings`.
## Setting up config
Copy the [two-factor-authentication.php](https://github.com/born05/craft-twofactorauthentication/blob/craft-3.1/examples/two-factor-authentication.php) file to your `config/` folder.
## Resetting a user's 2FA
Simply remove the user's `twofactorauthentication_user` record. This disables 2FA for that user.
## Screens
#### Setting screen when turning 2FA on
#### Setting screen when turning 2FA off
#### Login verification screen
## License
Copyright © [Born05](https://www.born05.com/)
See [license](https://github.com/born05/craft-twofactorauthentication/blob/craft-3.1/LICENSE.md)