-
Notifications
You must be signed in to change notification settings - Fork 788
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[POTENTIAL FEATURE] Two-factor authentication (2FA) #732
Comments
Hey, but this is a duplicate of ticekt #528, so I think it's okay to close this one. |
Hi Amgtm and @panique i personally would not consider this a duplicate of #528 , so im going to reply non the less with a couple of options. First, i would take a look at https://github.com/sonata-project/GoogleAuthenticator a nice package for working with google authenticator second i personally would not use SMS and don't have experience using it. what i would do is send the user an email with the code. much like how steam does when accessing your account on a new device. How to do it? well that's up to you however it should not be too hard. User login attempt -> partial login until second authentication (e.g pin enter screen) -> code entered -> login if correct then you need to check the code is still valid, either with time stamps, or what ever you like. Just make sure the code done not hang around when the user is done. set a new one after logout or after X time has passed. I hope this helps its not much but i'm at work. |
Okay :) re-opened! |
Thank you @panique , I'm glad that this 'feature' presents interest. @oisian it doesn't matter what 'system' is in use. I',m interested how and where to messup with the Auth class 👍 :-) |
I would have a Session variable like "isAuthenticated" Then after all the normal login that's in place by default check if (isAuthenticated != true){ and keep doing that untill they have entered it, at which point you can change isAuthenticated to true |
Hey, I'm currently "cleaning" the project a little bit and moving feature-requests like this to an own list inside the readme file (find it under the "future features" point). I hope you are okay with it, as most tickets here are new features and not really bugs or so. My idea is just to avoid this project from getting oversized by too many features, so I'm closing the ticket, but for sure linking it from the readme in case somebody wants to implement this. I hope you are all okay with this. :) |
@panique Any thoughts of adding this as a feature could come very handy to this framework. |
Hi, I would like to know how can I implement a Two-factor authentication.
How can I do this, where can I start from?
Than you!
The text was updated successfully, but these errors were encountered: