Download the PHP package markshust/magento2-module-disabletwofactorauth without Composer

On this page you can find all versions of the php package markshust/magento2-module-disabletwofactorauth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package magento2-module-disabletwofactorauth

MarkShust_DisableTwoFactorAuth

Provides the ability to disable two-factor authentication.

Supported Magento Versions Latest Stable Version Composer Downloads Maintained - Yes

Table of contents

Summary

With the release of Magento 2.4, two-factor authentication (also known as 2FA) became enabled by default, with no ability to disable it in either the admin or console. However, there are situations which may require 2FA to be disabled or temporarily turned off, such as within development or testing environments.

This module automatically disables 2FA while in developer mode (since version 2.0.0), and adds the missing toggle to turn 2FA on or off from the admin for other environments. It does this by hooking into the core code in a very seamless manner, just as would be done if this toggle existed in the core code. Installing this module should not open any security holes, as it just works off of a simple config toggle which, if not present, falls back to the default functionality.

You can also toggle 2FA back on while in developer mode, if you need to test your code functionality while 2FA is enabled.

Demo

Why

Why should you use this module? I hear all of the time that you can just disable Magento's 2FA module. There is a large inherent issue with doing this though.

When you disable a module, it updates the app/etc/config.php file with the removed module, which will eventually make its way upstream (accidentally committed to version control or unintendedly leaving your development environment). This will disable 2FA on staging/production, which is a big security concern. This module resolves this because you can keep it installed & enabled on dev/stage/prod, but control whether or not 2FA is enabled or disabled with configuration settings or environment variables. This means you can have it permanently disabled on dev, but have it permanently enabled in all other environments, all while keeping this module installed in all environments.

Installation

Usage

This module automatically disables 2FA in developer mode (since version 2.0.0). In any other deployment mode, 2FA is kept enabled by default. This is to prevent any unexpected side effects or security loopholes from being introduced during automated installation processes.

Disable 2FA

It may still be desirable to disable 2FA in non-production environments, such as within testing or internal staging environments. For these cases, 2FA is not automatically disabled. However, there are toggles to override the default Magento settings to disable 2FA within these environments.

You can also bypass 2FA for API token generation. This can be useful for third-party vendors during module development.

NOTE: Always keep 2FA enabled within production environments for security purposes.

2FA

To disable 2FA, visit Admin > Stores > Settings > Configuration > Security > 2FA and set Enable 2FA to No.

CLI: bin/magento config:set twofactorauth/general/enable 0

2FA for API Token Generation

To disable 2FA for API Token Generation, visit Admin > Stores > Settings > Configuration > Security > 2FA and set Enable 2FA for API Token Generation to No.

CLI: bin/magento config:set twofactorauth/general/enable_for_api_token_generation 0

Enable 2FA in developer mode

This module automatically disables 2FA while developer mode is enabled, but there may be situations when you need 2FA enabled during development. Rather than needing to disable this module, you can just disable this configuration setting in the admin.

To enable 2FA while in developer mode, visit Admin > Stores > Settings > Configuration > Security > 2FA and set Disable 2FA in Developer Mode to No.

CLI: bin/magento config:set twofactorauth/general/disable_in_developer_mode 0

License

MIT

All versions of magento2-module-disabletwofactorauth with dependencies

PHP Build Version
Package Version
Requires php Version ^7||^8
magento/framework Version ^103
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package markshust/magento2-module-disabletwofactorauth contains the following files

Loading the files please wait ....