gatekeeper icon indicating copy to clipboard operation
gatekeeper copied to clipboard
verified publisher icon psecio

Finish auth token handling

Open enygma opened this issue 10 years ago • 1 comments

There's a bit of functionality already in the system to support two-factor authentication tokens, but it needs to be finished out. This includes:

  • Updating the create_auth_token_table migration to add the verifier column
  • Creating the interface/abstract class to define the Verifier structure
  • Creating verifiers for GAuth and Yubikey (using enygma/gauth and enygma/yubikey)
  • Adding calls from someplace, maybe just the main Gatekeeper class for verifying the provided token information.

This could be in multiple places too...maybe a method on the UserModel that takes in an abstract token instance and runs the matching verifier based on the current configuration. This will need some way to get values from the current configuration (like Gatekeeper::getConfig) for things like secret keys or API credentials.

enygma avatar May 10 '15 13:05 enygma

I want to make sure: does what you say mean that in the auth_tokens table, the verifier column isn't used? What is the purpose of that column? added security?

racknoris avatar Mar 26 '16 07:03 racknoris