Consolitation of 2FA messages #103
This commit is contained in:
Lorenzo Milesi
@ -1,18 +1,18 @@
|
|||||||
How to Implement Two-Factor Auth
|
How to Implement Two Factor Auth (2FA)
|
||||||
================================
|
======================================
|
||||||
|
|
||||||
Two-Factor Authentication products add an additional layer of security. Typically, users are asked to prove their
|
Two Factor Authentication products add an additional layer of security. Typically, users are asked to prove their
|
||||||
identity by providing simple credentials such as an email address and a password. A second factor (2F) adds an extra
|
identity by providing simple credentials such as an email address and a password. A second factor (2F) adds an extra
|
||||||
layer of unauthorized access protection by prompting the user to provide an additional means of authentication such as
|
layer of unauthorized access protection by prompting the user to provide an additional means of authentication such as
|
||||||
a physical token (e.g. a card) or an additional secret that only they know.
|
a physical token (e.g. a card) or an additional secret that only they know.
|
||||||
|
|
||||||
With this module is quite easy. It basically implements two-factor authentication using the following 2amigos libraries:
|
With this module is quite easy. It basically implements two factor authentication using the following 2amigos libraries:
|
||||||
|
|
||||||
- [2amigos/2fa-library](https://github.com/2amigos/2fa-library)
|
- [2amigos/2fa-library](https://github.com/2amigos/2fa-library)
|
||||||
- [2amigos/qrcode-library](https://github.com/2amigos/qrcode-library)
|
- [2amigos/qrcode-library](https://github.com/2amigos/qrcode-library)
|
||||||
|
|
||||||
|
|
||||||
Enable Two-Factor
|
Enable Two Factor
|
||||||
-----------------
|
-----------------
|
||||||
|
|
||||||
We simply need to enable two factor authentication:
|
We simply need to enable two factor authentication:
|
||||||
@ -26,7 +26,7 @@ We simply need to enable two factor authentication:
|
|||||||
]
|
]
|
||||||
```
|
```
|
||||||
|
|
||||||
Now, when the user go to its settings via `user/settings`, it will display the option to enable two-factor
|
Now, when the user go to its settings via `user/settings`, it will display the option to enable two factor
|
||||||
authentication or not.
|
authentication or not.
|
||||||
|
|
||||||
When enabled, the module will show a modal with a QrCode that has to be scanned by the Google Authenticator App
|
When enabled, the module will show a modal with a QrCode that has to be scanned by the Google Authenticator App
|
||||||
@ -35,15 +35,15 @@ When enabled, the module will show a modal with a QrCode that has to be scanned
|
|||||||
[iTunes](https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8)).
|
[iTunes](https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8)).
|
||||||
|
|
||||||
The application will display a code that needs to be inserted into the modal input box. If code verification goes well,
|
The application will display a code that needs to be inserted into the modal input box. If code verification goes well,
|
||||||
it will enable the two-factor for the user.
|
it will enable the two factor for the user.
|
||||||
|
|
||||||
If a user has enabled the two-factor, and after successfully login via username and email, it will render a new section
|
If a user has enabled the two factor, and after successfully login via username and email, it will render a new section
|
||||||
where user will have to enter the code displayed on its Google Authenticator App in order to complete with the login
|
where user will have to enter the code displayed on its Google Authenticator App in order to complete with the login
|
||||||
process.
|
process.
|
||||||
|
|
||||||
|
|
||||||
### Recommended Reading
|
### Recommended Reading
|
||||||
|
|
||||||
- [2amigos Two-Factor Library Docs]()http://2fa-library.readthedocs.io/en/latest/)
|
- [2amigos Two Factor Library Docs]()http://2fa-library.readthedocs.io/en/latest/)
|
||||||
|
|
||||||
© [2amigos](http://www.2amigos.us/) 2013-2017
|
© [2amigos](http://www.2amigos.us/) 2013-2017
|
||||||
|
|||||||
@ -280,7 +280,7 @@ class SettingsController extends Controller
|
|||||||
return [
|
return [
|
||||||
'success' => $success,
|
'success' => $success,
|
||||||
'message' => $success
|
'message' => $success
|
||||||
? Yii::t('usuario', 'Two factor successfully enabled.')
|
? Yii::t('usuario', '2FA successfully enabled.')
|
||||||
: Yii::t('usuario', 'Verification failed. Please, enter new code.')
|
: Yii::t('usuario', 'Verification failed. Please, enter new code.')
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
@ -297,11 +297,11 @@ class SettingsController extends Controller
|
|||||||
if ($user->updateAttributes(['auth_tf_enabled' => '0'])) {
|
if ($user->updateAttributes(['auth_tf_enabled' => '0'])) {
|
||||||
Yii::$app
|
Yii::$app
|
||||||
->getSession()
|
->getSession()
|
||||||
->setFlash('success', Yii::t('usuario', 'Two-factor authorization has been disabled.'));
|
->setFlash('success', Yii::t('usuario', '2FA has been disabled.'));
|
||||||
} else {
|
} else {
|
||||||
Yii::$app
|
Yii::$app
|
||||||
->getSession()
|
->getSession()
|
||||||
->setFlash('danger', Yii::t('usuario', 'Unable to disable two-factor authorization.'));
|
->setFlash('danger', Yii::t('usuario', 'Unable to disable 2FA.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->redirect(['account']);
|
$this->redirect(['account']);
|
||||||
|
|||||||
@ -73,7 +73,7 @@ class LoginForm extends Model
|
|||||||
'login' => Yii::t('usuario', 'Login'),
|
'login' => Yii::t('usuario', 'Login'),
|
||||||
'password' => Yii::t('usuario', 'Password'),
|
'password' => Yii::t('usuario', 'Password'),
|
||||||
'rememberMe' => Yii::t('usuario', 'Remember me next time'),
|
'rememberMe' => Yii::t('usuario', 'Remember me next time'),
|
||||||
'twoFactorAuthenticationCode' => Yii::t('usuario', 'Two-factor authentication code')
|
'twoFactorAuthenticationCode' => Yii::t('usuario', '2FA code')
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -111,7 +111,7 @@ class LoginForm extends Model
|
|||||||
$this->module->twoFactorAuthenticationCycles
|
$this->module->twoFactorAuthenticationCycles
|
||||||
))
|
))
|
||||||
->validate()) {
|
->validate()) {
|
||||||
$this->addError($attribute, Yii::t('usuario', 'Invalid two-factor code'));
|
$this->addError($attribute, Yii::t('usuario', 'Invalid 2FA code'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
|||||||
@ -81,7 +81,7 @@ $module = Yii::$app->getModule('user');
|
|||||||
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
|
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
|
||||||
aria-hidden="true">×</span></button>
|
aria-hidden="true">×</span></button>
|
||||||
<h4 class="modal-title" id="myModalLabel">
|
<h4 class="modal-title" id="myModalLabel">
|
||||||
<?= Yii::t('usuario', 'Two Factor Authentication') ?></h4>
|
<?= Yii::t('usuario', 'Two Factor Authentication (2FA)') ?></h4>
|
||||||
</div>
|
</div>
|
||||||
<div class="modal-body">
|
<div class="modal-body">
|
||||||
...
|
...
|
||||||
@ -96,25 +96,25 @@ $module = Yii::$app->getModule('user');
|
|||||||
</div>
|
</div>
|
||||||
<div class="panel panel-info">
|
<div class="panel panel-info">
|
||||||
<div class="panel-heading">
|
<div class="panel-heading">
|
||||||
<h3 class="panel-title"><?= Yii::t('usuario', 'Two-Factor Authentication') ?></h3>
|
<h3 class="panel-title"><?= Yii::t('usuario', 'Two Factor Authentication (2FA)') ?></h3>
|
||||||
</div>
|
</div>
|
||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<p>
|
<p>
|
||||||
<?= Yii::t('usuario', 'Two-factor auth protects you against stolen credentials') ?>.
|
<?= Yii::t('usuario', '2FA protects you against stolen credentials') ?>.
|
||||||
</p>
|
</p>
|
||||||
<div class="text-right">
|
<div class="text-right">
|
||||||
<?= Html::a(
|
<?= Html::a(
|
||||||
Yii::t('usuario', 'Disable Two-Factor Auth'),
|
Yii::t('usuario', 'Disable 2FA'),
|
||||||
['two-factor-disable', 'id' => $model->getUser()->id],
|
['two-factor-disable', 'id' => $model->getUser()->id],
|
||||||
[
|
[
|
||||||
'id' => 'disable_tf_btn',
|
'id' => 'disable_tf_btn',
|
||||||
'class' => 'btn btn-warning ' . ($model->getUser()->auth_tf_enabled ? '' : 'hide'),
|
'class' => 'btn btn-warning ' . ($model->getUser()->auth_tf_enabled ? '' : 'hide'),
|
||||||
'data-method' => 'post',
|
'data-method' => 'post',
|
||||||
'data-confirm' => Yii::t('usuario', 'This will disable two-factor auth. Are you sure?'),
|
'data-confirm' => Yii::t('usuario', 'This will disable 2FA. Are you sure?'),
|
||||||
]
|
]
|
||||||
) ?>
|
) ?>
|
||||||
<?= Html::a(
|
<?= Html::a(
|
||||||
Yii::t('usuario', 'Enable Two-factor auth'),
|
Yii::t('usuario', 'Enable 2FA'),
|
||||||
'#tfmodal',
|
'#tfmodal',
|
||||||
[
|
[
|
||||||
'id' => 'enable_tf_btn',
|
'id' => 'enable_tf_btn',
|
||||||
|
|||||||
@ -29,7 +29,7 @@
|
|||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-offset-3 col-md-6 text-center">
|
<div class="col-md-offset-3 col-md-6 text-center">
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<input type="text" class="form-control" id="tfcode" placeholder="<?= Yii::t('usuario', 'Two-factor code') ?>"/>
|
<input type="text" class="form-control" id="tfcode" placeholder="<?= Yii::t('usuario', '2FA code') ?>"/>
|
||||||
<span class="input-group-btn">
|
<span class="input-group-btn">
|
||||||
<button type="button" class="btn btn-primary btn-submit-code">
|
<button type="button" class="btn btn-primary btn-submit-code">
|
||||||
<?= Yii::t('usuario', 'Enable') ?>
|
<?= Yii::t('usuario', 'Enable') ?>
|
||||||
|
|||||||
Reference in New Issue
Block a user