plugin:twofactor
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
plugin:twofactor [2018-07-16 04:43] – Pushed update 18-07-16 wilminator | plugin:twofactor [2024-03-27 23:51] (current) – version upped andi | ||
---|---|---|---|
Line 3: | Line 3: | ||
---- plugin ---- | ---- plugin ---- | ||
description: | description: | ||
- | author | + | author |
- | email : michael.wilmes@gmail.com | + | email : dokuwiki@cosmocode.de |
- | type : | + | type : |
- | lastupdate : 2018-07-16 | + | lastupdate : 2024-03-27 |
- | compatible : 2015-08-10a " | + | compatible : Hogfather, Igor, Jack Jackrum, Kaos |
depends | depends | ||
conflicts | conflicts | ||
Line 13: | Line 13: | ||
tags : 2fa, two-factor, security, authentication | tags : 2fa, two-factor, security, authentication | ||
- | downloadurl: | + | downloadurl: |
- | bugtracker : https:// | + | bugtracker : https:// |
- | sourcerepo : https:// | + | sourcerepo : https:// |
donationurl: | donationurl: | ||
- | screenshot_img : http:// | + | screenshot_img : |
---- | ---- | ||
- | ===== Summary ===== | ||
This module provides a two factor authentication framework to a wiki. It is designed to work with any wiki-based authentication mechanism that supports the ' | This module provides a two factor authentication framework to a wiki. It is designed to work with any wiki-based authentication mechanism that supports the ' | ||
- | ===== ANOTHER MAJOR REVISION | + | ===== Installation |
- | As of 2018-06-28, I have changed one of the methods in this module that breaks | + | :!: **READ BEFORE UPGRADING** The twofactor plugin was rewritten in 2022. When upgrading from any release before 2022-04-07 you also need to upgrade |
- | ===== Installation ===== | + | :!: Note the order in which the two factor plugins are installed and deinstalled are important! Use the following order to install, reverse the order on deinstall: |
- | Install the plugin | + | - Install the [[plugin: |
+ | - Install the Two Factor Core plugin (this one) | ||
+ | - Install | ||
+ | * [[plugin: | ||
+ | * [[plugin:twofactoraltemail|Alternate Email]] -- Send a one-time password to a user using an email address that is not registered with DokuWiki. | ||
+ | * [[plugin: | ||
+ | * [[plugin:twofactortelegram|Telegram]] -- Send a one-time password | ||
+ | Search and install the plugin using the [[plugin: | ||
This plugin requires configuration prior to being functional. However, it will not interfere with any existing authentication plugin. This plugin " | This plugin requires configuration prior to being functional. However, it will not interfere with any existing authentication plugin. This plugin " | ||
Line 38: | Line 44: | ||
Depending on how the Two Factor module is configured, users will be able to continue to use the wiki without using two factor authentication. | Depending on how the Two Factor module is configured, users will be able to continue to use the wiki without using two factor authentication. | ||
- | ===== Two Factor Modules ===== | + | ==== Change Log ==== |
+ | |||
+ | {{rss> | ||
- | * [[plugin: | ||
- | * [[plugin: | ||
- | * [[plugin: | ||
- | * [[plugin: | ||
- | * [[plugin: | ||
===== How It Works ===== | ===== How It Works ===== | ||
- | **This is NOT an authentication plugin.** Instead, it is a display barrier between your users and the wiki. When a user logs in but has not completed two factor authentication, | + | **This is NOT an authentication plugin.** Instead, it is a display barrier between your users and the wiki. When a user logs in but has not completed two factor authentication, |
===== User Setup ===== | ===== User Setup ===== | ||
- | |||
- | {{ http:// | ||
In order to use two factor authentication, | In order to use two factor authentication, | ||
- | Unless the wiki uses mandatory two factor authentication, | + | Unless the wiki uses mandatory two factor authentication, |
+ | |||
+ | Users are presented with a list of available Two Factor providers | ||
+ | Adding | ||
- | The user may use any one of the modules they have configured to two factor authenticate, | + | Users can configure |
===== User Login ===== | ===== User Login ===== | ||
- | If a module supports token-based authentication, | + | Once the user set up at least one two factor provider, the wiki will ask for the second factor |
+ | |||
+ | The user may use any one of the providers they have configured to authenticate, so configuring both Google Authenticator and an alternate email one-time password | ||
Any user that has not configured two factor authentication can login without supplying a token or one-time password, and will be redirected to the Two Factor configuration page if two factor authentication is required by the wiki admin. | Any user that has not configured two factor authentication can login without supplying a token or one-time password, and will be redirected to the Two Factor configuration page if two factor authentication is required by the wiki admin. | ||
Line 68: | Line 74: | ||
===== Admin Page ===== | ===== Admin Page ===== | ||
- | There is an admin page to enable the reset of two factor settings for users that manage to get locked out. Face it, cellphones get lost and people mistype data in fields, so it's gonna happen... | + | There is an admin page to enable the reset of two factor settings for users that manage to get locked out. |
- | Once in the admin page, check the box next to the user whose account you want to reset, then click the Reset selected button. This removes all user settings, and they will have to completely reconfigure their two factor setup from the beginning. There is no option to individually manage their settings to prevent tampering. | + | Once in the admin page, click the reset button |
===== Configuration and Settings ===== | ===== Configuration and Settings ===== | ||
- | * '' | ||
* '' | * '' | ||
- | * '' | + | * '' |
- | * '' | + | * '' |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | * '' | + | |
- | ===== Development ===== | + | |
- | + | ||
- | Additional work will be based on my free time in the future. I was allowed to put this together for my work and release it, but future development will be on my personal time. | + | |
- | + | ||
- | ==== API ==== | + | |
- | + | ||
- | The [[https:// | + | |
- | + | ||
- | ==== Change Log ==== | + | |
- | + | ||
- | {{rss> | + | |
- | + | ||
- | ==== Known Bugs and Issues ==== | + | |
- | + | ||
- | * None that I'm aware of. Visit the GitHub page for each of the modules for more information (or to let me know that something is broken). | + | |
- | + | ||
- | ==== ToDo/Wish List ==== | + | |
- | + | ||
- | * I've had a request to add Twilio and Plivo as supported two factor | + | |
- | * Possibly supply a configuration setting enabling the admin to designate which characters | + | |
- | + | ||
- | ===== YOUR Help ===== | + | |
- | I originally wrote this because we needed 2FA for our wiki at work. Our use of DokuWiki has come to a close, but I will continue to maintain this code for the foreseeable future on my own time. That said, I will post fixes that are brought to my attention and test it our in my development environment as best as possible, but now I need ** your ** help to confirm that it is working. | + | |
- | + | ||
- | ===== FAQ ===== | + | |
- | WIP. I will pull discussion questions and post them here as blatant questions come up. | + | More configuration is available for the individual providers. |
- | ===== Big Thanks / Acknowledgement | + | ===== Implementing new Providers |
- | First, I want to thank my employer, Antelope Valley College, for allowing me to release this code to the open source community. | + | Providers are action plugins that inherit from '' |
- | A big thanks goes out to Dan Popp for the work on his [[plugin: | + | The following old providers have not been updated |
- | Another big thanks to Christopher Smith and the developers that worked on the [[plugin:usermanager|User Manager Plugin]]. I used their admin code as the basis for my plugin | + | * [[plugin:twofactorsmsappliance|SMS Appliance]] |
+ | * [[plugin: | ||
+ | * [[plugin: | ||
- | ===== Discussion ===== | + | Please [[https:// |
- | Feel free to write anything constructive. My hope is that this plugin will provide many admins with useful functionality. |
plugin/twofactor.1531708988.txt.gz · Last modified: 2018-07-16 04:43 by wilminator