This plugin extends RainLab.User with possibility to add 2-factor google authentication for user account.
Feel free to contact me for support during plugin setup.
Features:
- v1.0.3 - Ability to restrict chosen pages for authenticated user if he hasn't activated 2-factor protection
You may like my other plugins
- Translate Tabs - Edit translatable backend form fields and theme options grouped into tabs by locales
- Roles Access Hierarchy - Allows to manage access rights based on roles hierarchy
- Excel - excel import-export tools
- JWT Auth API - Token Authentication for API integrated with RainLab.User
- Blog Views - Enables blog posts views tracking and displaying popular articles.
The following plugin is required
In case pragmarx/google2fa-laravel package was not installed during plugin installation, add "pragmarx/google2fa-laravel": "^0.1.4" to composer.json in your project root directory and run
composer update
To set up 2-factor authentication there are 3 main steps with 3 corresponding components.
TwoFactorActivate
Screenshots 1, 2. This component displays QR-code and input to enter the one-time password. User will need to scan QR-code by 2-factor password generator app (Google Authenticator) wich will generate a 6-digit code. After entering it and activating user will get message about successful activation and set of recovery passwords that he needs to save to be able to access his account in case he losts his auth device.
OneTimePasswordForm
Screenshot 3, 4. This form needs to be shown after user signed up if he got 2-factor authentication active. Here he will enter 6-digit code from 2-factor password generator app to access his account.
TwoFactorProtector
Screenshot 5. This component checks if user got 2-factor authentication activated and if yes - restricts access to the pages. The component is convenient to place in layout to protect all layout pages at once. Component will work only with RainLab.User Session component. There is option to select wich pages don't need to be protected: if your login page and page with OneTimePasswordForm use the same layout you need to add them to the 'except' componet field so they will be not protected and available for not logged in users. Also any pages for not logged users from current layout need to be added here.
-
This plugin has not been reviewed yet.
-
1.0.3 |
Forced 2fa restricted pages option. Missing translations added. Apr 07, 2019 |
---|---|
1.0.2 |
Add table to users table Dec 20, 2017 |
1.0.1 |
Initialize plugin. Dec 20, 2017 |