Difference between revisions of "Two Factor Authentication - 2FA"

From nuBuilderForte
Jump to: navigation, search
(Created page with "== Activate 2FA == This is done in the '''nuconfig.php''' file using these setting parameters (true) whose default values when disabled are: <pre> $nuConfig2FAAdmin = false; ...")
 
m (Activate 2FA)
Line 2: Line 2:
 
This is done in the '''nuconfig.php''' file using these setting parameters (true) whose default values when disabled are:
 
This is done in the '''nuconfig.php''' file using these setting parameters (true) whose default values when disabled are:
 
<pre>
 
<pre>
$nuConfig2FAAdmin = false;              //-- Use 2FA authentication for administrator
+
$nuConfig2FAAdmin             = false;              //-- Use 2FA authentication for administrator
$nuConfig2FAUser   = false;              //-- Use 2FA authentication for users
+
$nuConfig2FAUser             = false;              //-- Use 2FA authentication for users
$nuConfig2FAFormID = "nuauthentication"; //-- 2FA form ID. Default id: nuauthentication
+
$nuConfig2FAFormID =         "nuauthentication";   //-- 2FA form ID. Default form ID: nuauthentication
$nuConfig2FATokenValidityTime = 168;     //-- 2FA Token Validity Time in Hours. Default: 7 days (7 * 24 hours)
+
$nuConfig2FATokenValidityTime = 168;               //-- 2FA Token Validity Time in hours. Default: 7 days (7 * 24 hours)
$nuConfig2FAShowRememberMe    = false;   //-- Show a checkbox "Remember me for X days" in the authentication form
+
$nuConfig2FAShowRememberMe    = false;             //-- Show a checkbox "Remember me for X days" in the authentication form (not implemented yet)
 
</pre>
 
</pre>
  
Line 12: Line 12:
 
* If the 2FA authentication is active, a user is redirected to an authentication form after logging in.
 
* If the 2FA authentication is active, a user is redirected to an authentication form after logging in.
 
* On that form, a two-factor authentication token can be requested, which will be sent by email (or SMS).
 
* On that form, a two-factor authentication token can be requested, which will be sent by email (or SMS).
* If a valid token is entered, redirected to the actual form will occur.
+
* If a valid token is entered, redirection to the actual form will occur.
 
* One cannot open any other form until authenticated.
 
* One cannot open any other form until authenticated.
 
* No need to authenticate again after a successful login during the "Token Validity Time" (same machine, browser)
 
* No need to authenticate again after a successful login during the "Token Validity Time" (same machine, browser)

Revision as of 16:56, 1 April 2021

Activate 2FA

This is done in the nuconfig.php file using these setting parameters (true) whose default values when disabled are:

$nuConfig2FAAdmin             = false;              //-- Use 2FA authentication for administrator
$nuConfig2FAUser              = false;              //-- Use 2FA authentication for users
$nuConfig2FAFormID =          "nuauthentication";   //-- 2FA form ID. Default form ID: nuauthentication
$nuConfig2FATokenValidityTime = 168;                //-- 2FA Token Validity Time in hours. Default: 7 days (7 * 24 hours)
$nuConfig2FAShowRememberMe    = false;              //-- Show a checkbox "Remember me for X days" in the authentication form (not implemented yet)

Functionality

  • If the 2FA authentication is active, a user is redirected to an authentication form after logging in.
  • On that form, a two-factor authentication token can be requested, which will be sent by email (or SMS).
  • If a valid token is entered, redirection to the actual form will occur.
  • One cannot open any other form until authenticated.
  • No need to authenticate again after a successful login during the "Token Validity Time" (same machine, browser)

2fa.png

Setting up 2FA

  • Setup the nuconfig.php variables above as appropriate like:
$nuConfig2FAAdmin = true;
$nuConfig2FAUser = true;
$nuConfig2FAShowRememberMe = false;
  • Navigate to Home -> Builders -> PHP Procedure "nuAuthentication2FA_Template"
  • Clone it
  • Adapt the code to your needs and save it.