filament-breezy icon indicating copy to clipboard operation
filament-breezy copied to clipboard

Published 20 hours ago verified publisher icon jeffgreco13

Force 2FA

Open dejury opened this issue 3 years ago • 10 comments

Hi there,

I am starting to use the filament breezy implementation in a new project. I need the users to force setting up an 2FA, so no opt-in.

I found out in your Login component how to do this, except I am not sure how to then force the user to generate the code. I don't see the possibility to generate the QR code. This is only possible on the profile page?

How to do this right after login?

dejury avatar Jun 27 '22 12:06 dejury

I've made some changes to the Login component, this is one. This way i try to render the view. But I get some errors about missing property $form.

public function render(): View
    {
        if ($this->showCodeForm) {
            if ($this->user->has_confirmed_two_factor) {
                $view = view("filament-breezy::two-factor");
            } else {
                $view = view('livewire.auth.setup-2fa');
            }
        } else {
            $view = view('filament-breezy::login');
        }

        $view->layout("filament::components.layouts.base", [
            "title" => __("filament::login.title"),
        ]);

        return $view;
    }

dejury avatar Jun 27 '22 12:06 dejury

@dejury I would like to implement this as an option in the next release. The way I see this working is, immediately after login, if config option force_2fa = true then redirect the user to the QR code for scanning otherwise they cannot access. Once they've scanned and setup their authenticator app then a button could direct them to enter/confirm their code.

What do you think?

jeffgreco13 avatar Jul 07 '22 19:07 jeffgreco13

I think it would be even better to confirm their code on the same page as QR scanning, to prevent locking themselves out (for example: incorrect scan, or manually made a typo).

Sounds great!

dejury avatar Jul 08 '22 07:07 dejury

@jeffgreco13 Do you have any idea when to implement this? Or maybe I could help you with it?

dejury avatar Aug 17 '22 08:08 dejury

Hi @jeffgreco13 Thanks for your awesome package, in fact I've installed and configured it (enabled in config file and I can enable if via profile) but when I login it doesn't ask me to type the code, am I missing something ?

aeq-dev avatar Aug 23 '22 05:08 aeq-dev

Hey everyone. I am rolling out some new features to breezy very soon which includes a way to force 2fa. I expect to release in about 8 days

jeffgreco13 avatar Aug 23 '22 13:08 jeffgreco13

@aeq-dev did you enable the config option and then enable 2fa from My Profile?

jeffgreco13 avatar Aug 23 '22 13:08 jeffgreco13

@jeffgreco13 Thanks for reply, and yes I enabled the config option and my profile, I'm on Laravel 9.25.1 Thanks

aeq-dev avatar Aug 23 '22 17:08 aeq-dev

I'm really sorry about this issue, it's my mistake, I forgot to set 'login' => in filament config auth Sorry again... but I've just found a small issue in translation here : filament-breezy::default.password_confirm.heading (not translated) on password confirmation to enable it, I'm using Arabic language. Thanks

aeq-dev avatar Aug 27 '22 11:08 aeq-dev

Would love to see this update and test it :)

dejury avatar Sep 07 '22 15:09 dejury

@jeffgreco13 is there any news when there will be an update with a forced 2fa?

ankkk avatar Feb 15 '23 14:02 ankkk

This will be implemented in Breezy v2 which is coming for Filament v3 beta release. Thank you.

jeffgreco13 avatar Jul 07 '23 00:07 jeffgreco13