spryker-ufirst/second-factor-auth

There is no license information available for the latest version (v2.1.0) of this package.

Second Factor Authentication for Spryker ZED

Maintainers

Details

github.com/ufirstgroup/spryker-second-factor-auth

Source

Issues

Installs: 42 645

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 5

Forks: 6

Open Issues: 1

v2.1.0 2023-04-04 09:26 UTC

Requires

Requires (Dev)

Unknown License 89df77f922d7c4bd66378d2d05906bfa88763865

This package is auto-updated.

Last update: 2024-12-10 12:35:24 UTC

README

Installation

composer require spryker-ufirst/second-factor-auth

Once the module is installed, add the SecondFactorAuthorizationEventDispatcherPlugin to the EventDispatcherDependencyProvider::getEventDispatcherPlugins at the end of the array:

class EventDispatcherDependencyProvider extends SprykerEventDispatcherDependencyProvider
{
    /**
     * @return \Spryker\Shared\EventDispatcherExtension\Dependency\Plugin\EventDispatcherPluginInterface[]
     */
    protected function getEventDispatcherPlugins(): array
    {
        return [
            # ...other plugins
            new SecondFactorAuthorizationEventDispatcherPlugin(),
        ];
    }
}

And add the SprykerUFirst namespace to the config_default.php

$config[KernelConstants::CORE_NAMESPACES] = [
    ...
    'SprykerUFirst',
];

Enforcing 2FA

You can enforce second factor authentication for all admin users per environment. Add the following line to your config_default.php:

use SprykerUFirst\Shared\SecondFactorAuth\SecondFactorAuthConstants;
...
$config[SecondFactorAuthConstants::SECOND_FACTOR_AUTH_REQUIRED] = true;

Add 2FA Status to the User Table

In order to see the 2FA status (enabled/disabled) on each user in the administration GUI, add the two table expander plugins to the UserDependencyProvider in your project space:

<?php

namespace Pyz\Zed\User;

use Spryker\Zed\User\UserDependencyProvider as SprykerUserDependencyProvider;
use SprykerUFirst\Zed\SecondFactorAuth\Communication\Plugin\Table\SecondFactorAuthUserTableConfigExpanderPlugin;
use SprykerUFirst\Zed\SecondFactorAuth\Communication\Plugin\Table\SecondFactorAuthUserTableDataExpanderPlugin;

class UserDependencyProvider extends SprykerUserDependencyProvider
{

    /**
     * @return \Spryker\Zed\UserExtension\Dependency\Plugin\UserTableDataExpanderPluginInterface[]
     */
    protected function getUserTableDataExpanderPlugins(): array
    {
        return [
            new SecondFactorAuthUserTableDataExpanderPlugin(),
        ];
    }

    /**
     * @return \Spryker\Zed\UserExtension\Dependency\Plugin\UserTableConfigExpanderPluginInterface[]
     */
    protected function getUserTableConfigExpanderPlugins(): array
    {
        return [
            new SecondFactorAuthUserTableConfigExpanderPlugin(),
        ];
    }
}

Add Reset 2FA column to the User Table

In order to see the Reset 2FA column with buttons to reset second factor authentification for each user in the administration GUI add the following line to your config_default.php:

use SprykerUFirst\Shared\SecondFactorAuth\SecondFactorAuthConstants;
...
$config[SecondFactorAuthConstants::SHOW_SECOND_FACTOR_AUTH_RESET] = true;

If this column is enabled, we recomended allowing it to the highest permissions having roles by adding a rule:

Or if the entire second-factor-auth bundle allowed add this rule to the roles that should not be able to unregister other users.