Skip to content

Home

Jump to bottom
Mina Gerges edited this page May 4, 2018 · 7 revisions

Welcome to the MODX-GoogleAuthenticatorX wiki!

Instructions:

+After installing the GoogleAuthenticatorX:

  1. Install "Google Authenticator" & QR-code reader on your mobile phone. (for android I prefer "barcode scanner")

  2. On MODX manager: Manage > Users, write click your own account then update.

    You will notice a new tab "GoogleAuthenticatorX" open it.

    Click show secret (NB. you must be a ModX sudo user)

  3. Open "Google Authenticator" on your mobile device, choose "Set up account", then choose "Scan a barcode"

  4. Scan the onscreen barcode provided by "GoogleAuthenticatoX"

  5. You will notice a 6 digits code on "Google Authenticator" mobile application changing every 30 seconds. (This is the code to be used while logging into MODX manager)

  6. On MODX manager, go to System settings, "GoogleAuthenticatorX" namespace, and change "Disable 2-step verification" to "No".

  7. If you have courtesy login enabled (Best way to provide the secret) if you refresh the page you will be provided with the same QR-code and will be logged out instantly, if you did not perform steps 1 to 5 earlier, you will have only 60 seconds to scan that qr-code

  8. On your next attempt to login to MODX manager you will notice and extra field "Autentication key", after entering your credentials, enter the code provided by "Google Authenticator" mobile application (the one mentioned in step 5) and log in.

To disable Google Authenticator functionality for a specific user, do so from "GoogleAuthenticatorX" tab in users tab.

Similarly for user-Groups by creating setting "gax_disabled" with value 1 (YES) as below:

  • Key: gax_disabled
  • Name: setting_gax_disabled
  • Field Type: YES/NO
  • Namespace: GoogleAuthenticatorX
  • Area Lexicon Entry: Default

System Settings:

Allow Courtesy login: Enables users to have 1 time successful log-in to be provided with their QR-code. (NB. Users are will not be able to perform any actions in the manager)

Disable 2-factor authentication: Returns MODX manager login back to the status before GoogleAuthenticatorX

Show secret in users profile: Enables users to see their QR-code in their manager profile.

QR-code issuer value: Set the QR-code issuer value, default to site_name.

Encryption Key: The encryption key used for 2FA secret encryption. Must match cipher method (AES-256-CBC) requirements, currently 64 characters hex value. subject to change in future updates

IMPORTANT NOTES:

  • If you run to any issues and can not login to MODX manager, apply one of below solutions:
    • [Option 1]: Modify "System Settings" table in MODX database, set gax_disabled value to 1, then delete cache file "core/cache/system_settings/config.cache.php".
    • [Option 2]: Edit "core/cache/system_settings/config.cache.php", search for "gax_disabled" and change its value to 1
Clone this wiki locally