Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[RTM] 2FA for frontend scope #363

Merged
merged 90 commits into from Jul 9, 2019

Conversation

Projects
None yet
4 participants
@bytehead
Copy link
Member

commented Feb 20, 2019

Ready to be tested with the following changes to your security configuration:

#security.yml
contao_frontend:
    two_factor:
        auth_form_path: contao_frontend_two_factor
        check_path: contao_frontend_two_factor
        auth_code_parameter_name: verify
        success_handler: contao.security.two_factor.frontend_success_handler
        failure_handler: contao.security.two_factor.frontend_failure_handler

access_control:
        - { path: ^/_contao/two-factor, roles: [IS_AUTHENTICATED_2FA_IN_PROGRESS, ROLE_MEMBER] }
        - { path: ^, roles: [IS_AUTHENTICATED_2FA_IN_PROGRESS, IS_AUTHENTICATED_ANONYMOUSLY] }

Additional to this, you'll need to create at least a two factor frontend module on a specific page, where the user can set up his two factor authentication.
Bildschirmfoto 2019-05-07 um 08 46 03

Furthermore you can enforce two factor authentication for all members on the root page, but you'll have to choose a redirect target which contains the mentioned two factor frontend module (the location, where the member will be redirected to proceed with the setup).
Bildschirmfoto 2019-05-07 um 08 45 28

ToDo:

  • Replace member icons with correct ones
  • Tests
  • Translations

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch from 90a42ca to 4677de0 Feb 22, 2019

@leofeyer leofeyer added the feature label Feb 23, 2019

@leofeyer leofeyer added this to the 4.8.0 milestone Feb 23, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch from 4677de0 to 5dca073 Mar 17, 2019

@leofeyer leofeyer force-pushed the contao:master branch from 804d2ed to c0fc631 Mar 27, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch from 5dca073 to 9f98dd2 Mar 29, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch from 9f98dd2 to 7ec5765 Apr 17, 2019

@bytehead bytehead marked this pull request as ready for review Apr 18, 2019

@bytehead bytehead changed the title 2FA for frontend scope [RFC] 2FA for frontend scope Apr 18, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch 3 times, most recently from 7625797 to 46c67cd Apr 30, 2019

@leofeyer leofeyer force-pushed the contao:master branch 2 times, most recently from 6c52109 to 03f6899 Jun 5, 2019

@leofeyer leofeyer force-pushed the contao:master branch from 67bdc5c to d42ccf4 Jun 13, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch 2 times, most recently from 7cdcb66 to 6544c9a Jun 14, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch 2 times, most recently from 5f7de11 to f85b5ba Jun 21, 2019

@aschempp
Copy link
Contributor

left a comment

Looks promising! Can you please also update the security.yml in manager-bundle to reflect the necessary changes, as well as the README.md

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch from 5763372 to 3282a55 Jun 28, 2019

@aschempp

This comment has been minimized.

Copy link
Contributor

commented Jul 1, 2019

This should be ready for review again 😊

aschempp and others added some commits Jul 1, 2019

@bytehead bytehead force-pushed the bytehead:feature/2fa-frontend branch from 72f0219 to ede4625 Jul 8, 2019

$redirectPage = $model->jumpTo > 0 ? $adapter->findByPk($model->jumpTo) : null;
$return = $redirectPage instanceof PageModel ? $redirectPage->getAbsoluteUrl() : $this->page->getAbsoluteUrl();
$template->error = false;

This comment has been minimized.

Copy link
@leofeyer

leofeyer Jul 9, 2019

Member

Where exactly are we using this?

@Toflar

Toflar approved these changes Jul 9, 2019

@leofeyer leofeyer merged commit 01ca3e1 into contao:master Jul 9, 2019

3 checks passed

Travis CI - Pull Request Build Passed
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
coverage/coveralls Coverage increased (+0.4%) to 87.485%
Details
@leofeyer

This comment has been minimized.

Copy link
Member

commented Jul 9, 2019

Thank you @bytehead.

@bytehead bytehead deleted the bytehead:feature/2fa-frontend branch Jul 9, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.