Open Alonel opened 3 years ago
I think it might be cool, but to be honest, I never worked with it and won\t be able to write this integration.
I could work on it if there would be enough votes/requests. Or if you or someone else would like to contribute here, I would be glad to help and consult on the existing code
I'll be happy to cooperate with you and help with the integration(which should be very simple and well documented by Duo). Probably I'll need some direction from you to relevant places in the code.
Hi @Alonel each authentication provider has its own implementation class, for example: https://github.com/bugy/script-server/blob/master/src/auth/auth_abstract_oauth.py (this is shared for GitLab and Google)
Every authenticator should implement the following method:
async def authenticate(self, request_handler):
The returned value of the method is fully authenticated username. With 2FA I think there is 1 additional step (and 1 additional request from client to server), i.e.:
signed_request
, redirect user to )
2. Confirm 2FA tokenTo implement this step, https://github.com/bugy/script-server/blob/master/src/auth/tornado_auth.py should be extended and expect redirect response from Authenticator.authenticate
Frontend side is defined here: https://github.com/bugy/script-server/blob/master/web-src/src/login/login.js https://github.com/bugy/script-server/blob/master/web-src/public/login.html
Thanks for the references. Can you also help me with the build process? I'm receiving many errors. Which modules needed and are any other prerequisites needed in order to build successfully?
Hi, i think i would need a bit more info from you:
tools/init.py --no-npm
?Alonel notifications@github.com schrieb am Di., 10. Nov. 2020, 21:24:
Thanks for the references. Can you also help me with the build process? I'm receiving many errors. Which modules needed and are any other prerequisites needed in order to build successfully?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/bugy/script-server/issues/360#issuecomment-724946046, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJXPJI5CTV7RIHJJPT6OA3SPGOQBANCNFSM4TGZIEFA .
Hey,
I think it will be cool security feature to add option for 2FA with Duo and Similar. What do you think?