geoffry304 / yii2-authy
Yii2 authy 2FA
Installs: 77
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 2
Forks: 1
Open Issues: 1
Type:yii2-extension
Requires
- amnah/yii2-user: ^5.0
- authy/php: 3.0
- borales/yii2-phone-input: dev-master
- kartik-v/yii2-grid: @dev
- kartik-v/yii2-krajee-base: @dev
- mobiledetect/mobiledetectlib: ^2.8
README
Extension for using 2FA from Authy with Yii2 and amnah/yii2-user
Installation
The preferred way to install yii2-authy is through Composer. Either add the following to the require section of your composer.json
file:
"geoffry304/yii2-authy": "*"
Or run:
$ php composer.phar require geoffry304/yii2-authy "*"
You can manually install yii2-authy by downloading the source in ZIP-format.
Run the migration file
php yii migrate --migrationPath=@vendor/geoffry304/yii2-authy/migrations
Update the config file
// app/config/web.php return [ 'modules' => [ 'authy' => [ 'class' => 'geoffry304\authy\Module', 'api_key' => 'here your api key from authy', 'send_mail_from => 'demo@example.com' ], 'user' => [ 'class' => 'amnah\yii2\user\Module', 'modelClasses' => [ 'LoginForm' => 'geoffry304\authy\forms\LoginForm' ] ], ], ];
Using Authy
You need to add this piece of code before you try performLogin
$module2FA = Yii::$app->getModule('authy'); if ($module2FA) { Yii::$app->session->set('credentials', ['login' => $model->email, 'pwd' => $model->password, 'remember' => $rememberMe]); $returnUrl = $module2FA->validateLogin($model->getUser()); return $returnUrl; }
Options
Module Has the following options to modify it's behaviour:
- api_key: The key you get from authy website to make connection with it.
- api_url: If you want to use an other url standard to https://api.authy.com.
- default_expirytime: The expire time the user will need to insert a new token standard to 30 days.
- send_mail: Send mail when new device is added, standard to true.
- send_mail_from: Send mail from required when send_mail is on.
- logo: Path tho logo used in confirmation and registration form and also in sending mail.
If you need extra security, you can check on every action and controller if the current session still exist in db.
Update the config file
// app/config/web.php return [ 'bootstrap' => ['GlobalCheck'], 'components' => [ 'GlobalCheck'=> [ 'class'=>'geoffry304\authy\components\GlobalCheck' ], ], ];