Two Factor Authentication - 2FA: Difference between revisions
Jump to navigation
Jump to search
Created page with "== Activate 2FA == This is done in the '''nuconfig.php''' file using these setting parameters (true) whose default values when disabled are: <pre> $nuConfig2FAAdmin = false; ..." |
|||
| Line 2: | Line 2: | ||
This is done in the '''nuconfig.php''' file using these setting parameters (true) whose default values when disabled are: | This is done in the '''nuconfig.php''' file using these setting parameters (true) whose default values when disabled are: | ||
<pre> | <pre> | ||
$nuConfig2FAAdmin | $nuConfig2FAAdmin = false; //-- Use 2FA authentication for administrator | ||
$nuConfig2FAUser | $nuConfig2FAUser = false; //-- Use 2FA authentication for users | ||
$nuConfig2FAFormID = "nuauthentication"; //-- 2FA form ID. Default | $nuConfig2FAFormID = "nuauthentication"; //-- 2FA form ID. Default form ID: nuauthentication | ||
$nuConfig2FATokenValidityTime = 168; | $nuConfig2FATokenValidityTime = 168; //-- 2FA Token Validity Time in hours. Default: 7 days (7 * 24 hours) | ||
$nuConfig2FAShowRememberMe = false; | $nuConfig2FAShowRememberMe = false; //-- Show a checkbox "Remember me for X days" in the authentication form (not implemented yet) | ||
</pre> | </pre> | ||
| Line 12: | Line 12: | ||
* If the 2FA authentication is active, a user is redirected to an authentication form after logging in. | * If the 2FA authentication is active, a user is redirected to an authentication form after logging in. | ||
* On that form, a two-factor authentication token can be requested, which will be sent by email (or SMS). | * On that form, a two-factor authentication token can be requested, which will be sent by email (or SMS). | ||
* If a valid token is entered, | * If a valid token is entered, redirection to the actual form will occur. | ||
* One cannot open any other form until authenticated. | * One cannot open any other form until authenticated. | ||
* No need to authenticate again after a successful login during the "Token Validity Time" (same machine, browser) | * No need to authenticate again after a successful login during the "Token Validity Time" (same machine, browser) | ||
Revision as of 08:26, 1 April 2021
Activate 2FA
This is done in the nuconfig.php file using these setting parameters (true) whose default values when disabled are:
$nuConfig2FAAdmin = false; //-- Use 2FA authentication for administrator $nuConfig2FAUser = false; //-- Use 2FA authentication for users $nuConfig2FAFormID = "nuauthentication"; //-- 2FA form ID. Default form ID: nuauthentication $nuConfig2FATokenValidityTime = 168; //-- 2FA Token Validity Time in hours. Default: 7 days (7 * 24 hours) $nuConfig2FAShowRememberMe = false; //-- Show a checkbox "Remember me for X days" in the authentication form (not implemented yet)
Functionality
- If the 2FA authentication is active, a user is redirected to an authentication form after logging in.
- On that form, a two-factor authentication token can be requested, which will be sent by email (or SMS).
- If a valid token is entered, redirection to the actual form will occur.
- One cannot open any other form until authenticated.
- No need to authenticate again after a successful login during the "Token Validity Time" (same machine, browser)
Setting up 2FA
- Setup the nuconfig.php variables above as appropriate like:
$nuConfig2FAAdmin = true; $nuConfig2FAUser = true; $nuConfig2FAShowRememberMe = false;
- Navigate to Home -> Builders -> PHP Procedure "nuAuthentication2FA_Template"
- Clone it
- Adapt the code to your needs and save it.