diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 52bc1f7..489f4f1 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -1,8 +1,10 @@ Changelog ========= -0.0.1 - Unreleased ----------------------- +1.0.0 (February 9, 2021) +------------------------ +- Enh: Initial release - Init: Default driver to send code by e-mail - Enh: Driver "Google Authenticator" -- Enh: Require pin code before enabling Google Authenticator \ No newline at end of file +- Enh: Require pin code before enabling Google Authenticator + diff --git a/docs/DEVELOPER.md b/docs/DEVELOPER.md index 38dbe13..a19f54b 100644 --- a/docs/DEVELOPER.md +++ b/docs/DEVELOPER.md @@ -1,5 +1,7 @@ # Developer +## Individual Drivers + New driver should be extended from `humhub\modules\twofa\drivers\BaseDriver` in the folder `drivers`. Also new created driver should be added into array `humhub\modules\twofa\Module->drivers`: diff --git a/docs/MANUAL.md b/docs/MANUAL.md deleted file mode 100644 index 459d95d..0000000 --- a/docs/MANUAL.md +++ /dev/null @@ -1,26 +0,0 @@ -# Manual - -## Getting Started - -Administrators can configure the module in `Administration -> Modules -> 2fa -> Configure`: - -#### Enabled drivers -Users of the selected groups are enforced to E-mail driver by default. -- [x] E-mail -- [x] Google Authenticator - - Note: to start using of this driver please run `composer install` from root folder of this module, otherwise this driver is disabled. - -#### Enforced groups to use 2FA -- [x] Administrator -- [ ] Users - -(_Default driver is "E-mail" for users from the selected enforced groups_) - -#### Length of verifying code -- 6 by default - -(_Currently is used only for driver "E-mail". The driver "Google Authenticator" cannot be configured because codes are generated by external app._) - -## Account settings - -User can select what driver to use for 2FA in `Account settings -> Settings -> Two-Factor Authentication` \ No newline at end of file diff --git a/docs/README.md b/docs/README.md index 866987c..fd97ba6 100644 --- a/docs/README.md +++ b/docs/README.md @@ -1,14 +1,12 @@ -# Two-Factor Authentication +# Two-Factor Authentication (2FA) -The two-factor authentication modules allows users to select additional checking on log in by random generated code that may be sent by selected driver like E-mail. +Increase security within your network by adding an additional authentication method besides username and password. -** Available drivers:** +**Available methods:** -- E-mail -- Google Authenticator +- Email +- Time-based one-time passwords (e.g. Google Authenticator) -Some user groups may be enforced to always use 2FA. +Administrators can individually define which user groups are required to use an additional authentication method. +For administrators themselves, a second authentication method will be enabled by default. -Group "Administrator" is enforced by default. - -Length of verifying code can be defined in the module configuration. Default is 6. diff --git a/drivers/EmailDriver.php b/drivers/EmailDriver.php index 6e7871c..c591082 100644 --- a/drivers/EmailDriver.php +++ b/drivers/EmailDriver.php @@ -20,8 +20,8 @@ class EmailDriver extends BaseDriver public function init() { parent::init(); - $this->name = Yii::t('TwofaModule.base', 'E-mail'); - $this->info = Yii::t('TwofaModule.base', 'A confirmation code for this login has just been sent to your email address. Please enter the code from the e-mail in the field below.'); + $this->name = Yii::t('TwofaModule.base', 'Email'); + $this->info = Yii::t('TwofaModule.base', 'A confirmation code hast just been sent to your email address. Please enter the code from the email in order to proceed.'); } /** diff --git a/drivers/GoogleAuthenticatorDriver.php b/drivers/GoogleAuthenticatorDriver.php index 72bba22..1d625b2 100644 --- a/drivers/GoogleAuthenticatorDriver.php +++ b/drivers/GoogleAuthenticatorDriver.php @@ -72,9 +72,9 @@ public function renderUserSettings($params) Yii::$app->getView()->registerJsConfig('twofa', [ 'text' => [ 'confirm.action.header' => Yii::t('TwofaModule.config', 'Request new code'), - 'confirm.action.question' => Yii::t('TwofaModule.config', 'Do you really want to request new code?') . '
' - . Yii::t('TwofaModule.config', 'Please don\'t forget to update new code in your Google Authenticator app, otherwise you will cannot log in!'), - 'confirm.action.button' => Yii::t('TwofaModule.config', 'Request'), + 'confirm.action.question' => Yii::t('TwofaModule.config', 'Do you really want to request a new code?') . '

' + . Yii::t('TwofaModule.config', 'Please do not forget to update the code in your authenticator app! If you do not do so, you will not be able to login.'), + 'confirm.action.button' => Yii::t('TwofaModule.config', 'Request new code'), ] ]); diff --git a/models/Config.php b/models/Config.php index 5a71116..f4e54f1 100644 --- a/models/Config.php +++ b/models/Config.php @@ -64,9 +64,9 @@ public function rules() public function attributeLabels() { return [ - 'enabledDrivers' => Yii::t('TwofaModule.config', 'Enabled drivers'), + 'enabledDrivers' => Yii::t('TwofaModule.config', 'Enabled methods'), 'codeLength' => Yii::t('TwofaModule.config', 'Length of verifying code'), - 'enforcedGroups' => Yii::t('TwofaModule.config', 'Enforced groups to use 2FA'), + 'enforcedGroups' => Yii::t('TwofaModule.config', 'Mandatory for the following groups'), ]; } diff --git a/models/GoogleAuthenticatorUserSettings.php b/models/GoogleAuthenticatorUserSettings.php index 0f05c03..4730c70 100644 --- a/models/GoogleAuthenticatorUserSettings.php +++ b/models/GoogleAuthenticatorUserSettings.php @@ -65,7 +65,7 @@ public function verifyPinCode($attribute, $params) { $driver = new GoogleAuthenticatorDriver(); if (!$driver->checkCode($this->pinCode, TwofaHelper::getSetting($driver::SECRET_TEMP_SETTING))) { - $this->addError($attribute, Yii::t('TwofaModule.base', 'Pin code is not valid!')); + $this->addError($attribute, Yii::t('TwofaModule.base', 'Code is not valid!')); } } diff --git a/module.json b/module.json index f2e50d7..e7c7a29 100644 --- a/module.json +++ b/module.json @@ -1,12 +1,18 @@ { "id": "twofa", - "name": "2-Factor Authentication", - "description": "Increase access security by using various 2FA methods like e-mail or TOPT.", + "name": "Two-Factor Authentication (2FA)", + "description": "Increase security by using 2FA methods like e-mail or TOPT.", "keywords": [ "2fa", "two-factor authentication" ], - "version": "0.9.0", + "homepage": "https://github.com/humhub/humhub-modules-twofa", + "screenshots": [ + "resources/screen1.png", + "resources/screen2.png", + "resources/screen3.png" + ], + "version": "1.0.0", "humhub": { "minVersion": "1.8" } diff --git a/resources/screen1.png b/resources/screen1.png new file mode 100644 index 0000000..d85203a Binary files /dev/null and b/resources/screen1.png differ diff --git a/resources/screen2.png b/resources/screen2.png new file mode 100644 index 0000000..3e45081 Binary files /dev/null and b/resources/screen2.png differ diff --git a/resources/screen3.png b/resources/screen3.png new file mode 100644 index 0000000..87a220c Binary files /dev/null and b/resources/screen3.png differ diff --git a/views/check/index.php b/views/check/index.php index 8a2cbaf..83a8eeb 100644 --- a/views/check/index.php +++ b/views/check/index.php @@ -29,21 +29,20 @@
Two-factor authentication'); ?>
- + false]); ?> beforeCheckCodeFormInput($form, $model); ?> -
+
field($model, 'code')->textInput(); ?> -
- - link(Url::toRoute('/user/auth/logout'))->right()->pjax(false) ?> +
'btn btn-primary', 'data-ui-loader' => ""]); ?> + 'pull-right', 'data-pjax' => false]) ?>
diff --git a/views/config/module.php b/views/config/module.php index ccea467..7f1a0cd 100644 --- a/views/config/module.php +++ b/views/config/module.php @@ -16,24 +16,28 @@
'configure-form']); ?> -
enabledDrivers) ? '' : ' style="display:none"' ?>> - $defaultDriverName - ]) ?> -
+
enabledDrivers) ? '' : ' style="display:none"' ?>> + $defaultDriverName + ]) ?> +
- field($model, 'enabledDrivers')->checkboxList($model->module->getDriversOptions(), [ - 'item' => array($model->module, 'renderDriverCheckboxItem') - ]); ?> + field($model, 'enabledDrivers')->checkboxList($model->module->getDriversOptions(), [ + 'item' => array($model->module, 'renderDriverCheckboxItem') + ]); ?> - field($model, 'enforcedGroups')->checkboxList($model->module->getGroupsOptions()); ?> -
$defaultDriverName - ]) ?>
+
- field($model, 'codeLength'); ?> + field($model, 'enforcedGroups')->checkboxList($model->module->getGroupsOptions()); ?> +
$defaultDriverName + ]) ?>
- submit() ?> +
+ field($model, 'codeLength'); ?> + + submit() ?>
diff --git a/views/config/user.php b/views/config/user.php index 837e038..79e39a7 100644 --- a/views/config/user.php +++ b/views/config/user.php @@ -23,7 +23,7 @@
- +

diff --git a/views/config/userGoogleAuthenticatorCode.php b/views/config/userGoogleAuthenticatorCode.php index 75f5be0..7a6420a 100644 --- a/views/config/userGoogleAuthenticatorCode.php +++ b/views/config/userGoogleAuthenticatorCode.php @@ -28,7 +28,7 @@


-

+



diff --git a/views/mails/VerifyingCode.php b/views/mails/VerifyingCode.php index ac6da28..36254ce 100644 --- a/views/mails/VerifyingCode.php +++ b/views/mails/VerifyingCode.php @@ -93,15 +93,15 @@ - Html::encode($user->displayName)]) ?>

- +


formatter->asDatetime(time()); ?>

+

diff --git a/views/mails/plaintext/VerifyingCode.php b/views/mails/plaintext/VerifyingCode.php index 379a78e..b3101af 100644 --- a/views/mails/plaintext/VerifyingCode.php +++ b/views/mails/plaintext/VerifyingCode.php @@ -10,7 +10,7 @@ Html::encode($user->displayName)]) ?> - + formatter->asDatetime(time()); ?>