geoffry304/yii2-authy

Yii2 authy 2FA

Maintainers

Details

github.com/Geoffry304/yii2-authy

Homepage

Source

Issues

Installs: 77

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 1

Open Issues: 1

Type:yii2-extension

2.0.8 2018-11-30 11:52 UTC

Requires

BSD-3-Clause d4d15a91b8dca7153014f2c173361e5784e4ad0c

Authenticationextensionauthyyii22fa2 factor

This package is auto-updated.

Last update: 2024-04-13 18:54:51 UTC

README

Latest Version Software License Total Downloads

Extension for using 2FA from Authy with Yii2 and amnah/yii2-user

Installation

The preferred way to install yii2-authy is through Composer. Either add the following to the require section of your composer.json file:

"geoffry304/yii2-authy": "*"

Or run:

$ php composer.phar require geoffry304/yii2-authy "*"

You can manually install yii2-authy by downloading the source in ZIP-format.

Run the migration file php yii migrate --migrationPath=@vendor/geoffry304/yii2-authy/migrations

Update the config file

// app/config/web.php
return [
    'modules' => [
        'authy' => [
            'class' => 'geoffry304\authy\Module',
            'api_key' => 'here your api key from authy',
            'send_mail_from => 'demo@example.com'
        ],
        'user' => [
            'class' => 'amnah\yii2\user\Module',
            'modelClasses' => [
                'LoginForm' => 'geoffry304\authy\forms\LoginForm'
            ]
        ],
    ],
];

Using Authy

You need to add this piece of code before you try performLogin

$module2FA = Yii::$app->getModule('authy');
if ($module2FA) {
    Yii::$app->session->set('credentials', ['login' => $model->email, 'pwd' => $model->password, 'remember' => $rememberMe]);
    $returnUrl = $module2FA->validateLogin($model->getUser());
    return $returnUrl;  
}

Options

Module Has the following options to modify it's behaviour:

  • api_key: The key you get from authy website to make connection with it.
  • api_url: If you want to use an other url standard to https://api.authy.com.
  • default_expirytime: The expire time the user will need to insert a new token standard to 30 days.
  • send_mail: Send mail when new device is added, standard to true.
  • send_mail_from: Send mail from required when send_mail is on.
  • logo: Path tho logo used in confirmation and registration form and also in sending mail.

If you need extra security, you can check on every action and controller if the current session still exist in db.

Update the config file

// app/config/web.php
return [
    'bootstrap' => ['GlobalCheck'],
    'components' => [
        'GlobalCheck'=> [
            'class'=>'geoffry304\authy\components\GlobalCheck'
         ],
     ],
];