Added TwoFactor Authentication (RFC4226)

Browse Source

Tested against Google-Authenticator app on Android 4.4.4

Made `verify_hotp` more efficient.

Added autofocus on twofactor input

Added GUI Unlock and Remove for TwoFactor credentials in /edituser/

Allow additional tries after elapsed time from last try exceeds configured parameter `$config['twofactor_lock']`.
If `$config['twofactor_lock']` is not defined or is set to `0`, administrators have to unlock accounts that exceed 3 failures via GUI.

Added Documentation

Moved TwoFactor form to logon.inc.php
Disabled autocomplete on twofactor input field
Updated Docs to include link to Google-Authenticator's install-guides

Moved authentication logic from authenticate.inc.php to twofactor.lib.php

typo in docblock for `twofactor_auth()`

Fixed scrutinizer bugs

To please scrutinizer

...

This commit is contained in:

f0o

2014-12-24 21:22:02 +00:00

parent 7dccc13a6c

commit d66cec7017

8 changed files with 472 additions and 5 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

2

html/js/jquery.qrcode.min.js vendored Normal file

File diff suppressed because one or more lines are too long