Download the PHP package yeebase/twofactorauthentication without Composer

On this page you can find all versions of the php package yeebase/twofactorauthentication. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of yeebase/twofactorauthentication

Informations about the package twofactorauthentication

Yeebase.TwoFactorAuthentication

The Yeebase.TwoFactorAuthentication Flow package contains extensions to the Flow authentication mechanism that let you implement Two-Factor-Authentication (2FA) easily.

It provides a new Authentication Provider that can be used in addition to existing providers in order to enable 2FA via One-time Passwords (OTP).

Installation

This package can be installed via composer:

composer require yeebase/twofactorauthentication

This package requires a new database table yeebase_twofactorauthentication_secret that can be added via:

./flow doctrine:migrate

Configuration

The following part describes the integration of the Two-Factor-Authentication package into an existing Flow Application. After installation Two-Factor-Authentication is considered to be disabled for all accounts in the system.

Authentication Provider

This package provides a TwoFactorAuthenticationProvider that has to be configured in addition to already existing providers. Furthermore the authenticationStrategy has to be set to allTokens in order to make sure that both providers are taken into account.

Example:

Settings.yaml:

Application name and Routes

If a TwoFactorAuthenticationProvider

Settings.yaml:

Login/TwoFacor.html

Instead of using the default UsernamePasswordProvider, adapt your settings to use the following provider instead: Yeebase\TwoFactorAuthentication\Security\Authentication\Provider\TwoFactorAuthenticationProvider

Force Two-Factor Authentication

By default 2FA can be enabled per account and it is not required if it is not enabled for the account that is authenticated. In order to require users to log in with Two-Factor Authentication the Yeebase.TwoFactorAuthentication.requireTwoFactorAuthentication flag can be set. With that in place the One-time Password has to be specified whenever an account is authenticated. To avoid this to leading to an exception when 2FA is not yet enabled for the given account, a setup can be configured that allows the user to initialize the 2FA.

Settings.yaml:

And the corresponding Setup Controller (example):

TwoFactorAuthenticationSetupController.php

And the corresponding Template (example):

TwoFactorAuthenticationSetup/Index.html:

In order to allow the user to setup 2FA initially, the corresponding actions have to be allowed to be called even if no 2FA is enabled for the account yet. This can be achieved with the provided ExcludeTwoFactorAuthenticationSetup Request Pattern that disables the 2FA authentication provider for the setup route configured above:

Settings.yaml:

Note: The ExcludeTwoFactorAuthenticationSetup will disable 2FA for all actions of the configured controller, so the controller should not do any critical tasks without further checks.

License

This package is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

This package depends on the google2fa package for generating and validating secrets/OTP and the BaconQrCode for QR Code rendering

All versions of twofactorauthentication with dependencies

PHP Build Version
Package Version
Requires neos/flow Version ^6.0
pragmarx/google2fa Version ^4.0
bacon/bacon-qr-code Version ^2.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package yeebase/twofactorauthentication contains the following files

Loading the files please wait ....