-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #194 from creative-commoners/pulls/4.0/password-en…
…cryptor API Remove BackupCodeGeneratorInterface::hash() and allow generate() to handle its hashing internally
- Loading branch information
Showing
11 changed files
with
158 additions
and
137 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
# Backup codes | ||
|
||
Backup codes are random strings that are provided as recovery options in case a member loses their ability to | ||
verify with their registered multi-factor authentication methods, e.g. they lost their phone or security key. | ||
|
||
## Generating backup codes | ||
|
||
Backup codes are generated by the `BackupCodeGeneratorInterface` service, which has a default implementation of | ||
`SilverStripe\MFA\Service\BackupCodeGenerator`. This service will hash the generated backup codes using the | ||
default SilverStripe `PasswordEncryptor` service and algorithm, and returns an array of | ||
`SilverStripe\MFA\State\BackupCode` instances. | ||
|
||
You can use this service class to generate codes: | ||
|
||
```php | ||
$generator = Injector::inst()->get(BackupCodeGeneratorInterface::class); | ||
$codes = $generator->generate(); | ||
``` | ||
|
||
## Verifying backup codes | ||
|
||
To verify a backup code, you can reconstruct a `BackupCode` instance from stored data on the `RegisteredMethod` | ||
instance and use `BackupCode::isValid()` to verify the input. For example: | ||
|
||
```php | ||
$storedCodeData = json_decode($registeredMethod->Data, true); | ||
foreach ($storedCodeData as $codeCandidate) { | ||
// Expected structure: ['hash' => 'abc123', 'algorithm' => 'blowfish', 'salt' => 'bae'] | ||
$candidate = json_decode($codeCandidate, true); | ||
|
||
$backupCode = BackupCode::create($userInputCode, $candidate['hash'], $candidate['algorithm'], $candidate['salt']); | ||
if ($backupCode->isValid()) { | ||
// The user entered a valid backup code, do as you please now. | ||
} | ||
} | ||
``` | ||
|
||
The default implementation of this logic is in `VerifyHandler::verify()`. | ||
|
||
## BackupCodeGenerator | ||
|
||
This configuration documentation applies to the default `BackupCodeGenerator` implementation of | ||
`BackupCodeGeneratorInterface`. | ||
|
||
### Configuration | ||
|
||
You can adjust either the length of the backup code strings, or the number of them that are generated, by setting | ||
YAML configuration: | ||
|
||
```yaml | ||
SilverStripe\MFA\Service\BackupCodeGenerator: | ||
# Should be 12 characters long | ||
backup_code_length: 12 | ||
# I want 25 of them | ||
backup_code_count: 25 | ||
``` | ||
|
||
### Adjusting the character sets | ||
|
||
By default, backup codes will be generated using upper and lowercase letters and numbers. If you would like to increase | ||
the entropy of your backup codes by adding special characters, you can do so by adding an extension: | ||
|
||
```php | ||
class BackupCodeGeneratorExtension extends Extension | ||
{ | ||
/** | ||
* Add some special characters into the character set for generating backup codes | ||
*/ | ||
public function updateCharacterSet(&$characterSet) | ||
{ | ||
$characterSet = array_merge($characterSet, ['!', '@', '#', '$', '%', '^']); | ||
} | ||
} | ||
``` | ||
|
||
This extension should be applied to `SilverStripe\MFA\Service\BackupCodeGenerator` via YAML configuration. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.