Skip to content

Latest commit

 

History

History
54 lines (51 loc) · 2.54 KB

google-authenticator.md

File metadata and controls

54 lines (51 loc) · 2.54 KB

Google Authenticator in AppGini

There may be various reasons why you'd like to enable multi factor authentcation. It protects your application with a little bit more protection when users may have poor password management skills.

Installation

  • Download the GoogleAuthenticatorClass.php file and save it to your hooks folder.
  • Download the setup_googleauth.php and save it to your hooks folder.
  • Edit the links-navmenu.php file in the hooks folder and add the following text to the file
	$navLinks[] = array(
		'url' => 'hooks/setup_googleauth.php', 
		'title' => 'Google Authenticator', 
		'groups' => array('*'),
		'table_group' => 0
	);
  • Edit the links-home.php file in the hooks folder and add the following text to the file
	$homeLinks[] = array(
		'url' => 'hooks/setup_googleauth.php', 
		'title' => 'Google Authenticator', 
		'description' => 'Setup multi-factor authentication through the Google Authenticator mobile app.',
		'groups' => array('*'),
		'grid_column_classes' => '',
		'panel_classes' => '',
		'link_classes' => '',
		'table_group' => ''
	);
  • Edit the login.php folder in the root. Around line 33, you'll notice the end of the "Password" field, and the start of the "Remember Me" code. Between the two fields, insert the follwing HTML code.
<div class="form-group">
	<label class="control-label" for="otp">Google Authenticator</label>
	<input class="form-control" name="otp" id="otp" type="text" placeholder="Google Authenticator">
</div>
  • Edit the incCommon.php script, and look for the logInMember function.
  • Add the following lines of code just after the function logInMember(){ statement
$curr_dir = dirname(__FILE__);
require_once "$curr_dir/hooks/GoogleAuthenticatorClass.php";
$ga = new framework_GoogleAuthenticator();
  • Continue editing incCommon.php by scrolling down, and look for this line of code.
if(sqlValue("select count(1) from membership_users where lcase(memberID)='$username' and passMD5='$password' and isApproved=1 and isBanned=0")==1){

Replace it with the following code

if(sqlValue("select count(1) from membership_users where lcase(memberID)='$username' and passMD5='$password' and isApproved=1 and isBanned=0")==1 && ($ga->TOTPauthenticate(db_link(),$username))){

Design notes

  • Multi factor authentication is not forced, meaning that if the user did not configure Google Authenticator, they will still be allowed to logon.