graphicmarket/kirby-2fa

Multifactor Authenctication for kirby panel

Maintainers

Details

github.com/graphicmarket/kirby-2fa

Source

Issues

Installs: 216

Dependents: 0

Suggesters: 0

Security: 0

Stars: 15

Watchers: 5

Forks: 6

Open Issues: 6

Type:kirby-plugin

1.1.0 2020-04-18 19:06 UTC

Requires

MIT fd6dba0401412997950bf8b310a866766f3dcf15

  • Graphic Market, Inc. <developers.woop@graphic.market>

tfa2fakirby3kirby3-cmskirby3-pluginkirby3-panel

This package is auto-updated.

Last update: 2024-05-06 20:00:32 UTC

README

Two factor authentication for Kirby 3 panel.

cover

Installation

Before install, have in mind that the only way to implement this is by replacing the default panel login view. Hence if you have your implementation, installing this plugin can be conflictive.

Download

Download and copy the content of this repository to /site/plugins/kirby-2fa directory.

Composer

composer require graphicmarket/kirby-2fa

Setup

  1. Add a field in your user blueprint
  auth:
    type: 2fa
  1. A button will appear on the panel. When you click on it the next modal will be displayed, just follow the steps to configure.

panel-setup

You can add to your config file where you want the auth data will be stored, which must be a SQL lite file. Don't worry about creating the file you only need to specify the path with the filename. the file will be auto-created and configured if it doesn't exist.

⚠️ This option is strongly recommended, save the file in a secure directory, don't push it to a repository.

  'graphicmarket.kirby-2fa.database' => 'full/path/to/kirby-2fa/db.sqlite'

Too, you can use a function that returns a string, if you wish to use the kirby() helper.

  'graphicmarket.kirby-2fa.database' => function () {
      return kirby()->root('storage') . '/kirby-2fa/db.sqlite';
  },

Change the issuer sounds like something that may you want to make. The issuer is the identifier that will be displayed on the authenticator app. By default is kirby-2fa panel.

issuer_example

  'graphicmarket.kirby-2fa.issuer' => 'Your company/website name',

Recommendation

Set in your auth options a lower number of trials by following the Kirby panel security options. five its ok for me.

Improvements and future features

  1. Passwordless login (Email/SMS).
  2. Implements own QRProvider.
  3. Save data in the user's DB.
  4. Choose the caching driver storge.
  5. Translation files.

License

MIT

Disclaimer

This plugin is provided "as is" with no guarantee. Use it at your own risk and always test it yourself before using it in a production environment. If you find any issues, please create a new issue.

Credits