Open ntimo opened 8 years ago
chuushi
commented
8 years ago I can do the Multiuser support, but I don't know about the 2 factor authorization. What'll be the second factor?
Storing all things in a database seems like a cool idea. I'll see what I can come up with. Maybe I can make a server-side plugin and allow people to make a user account through it based on some permission node.
JoeNorth
commented
8 years ago @SimonOrJ I would use something like Authy for the 2fa. It's easy to integrate and has great (and free) browser and phone apps.
ntimo
commented
8 years ago @JoeNorth Okay but is authey compatible with the normal 2Fa codes that lets say the google authentificator generates? Because if not it would be useless. Because no one would like to be forced to use this one app for only this one site. When they have all their other 2FA tokens some where else.
ntimo
commented
8 years ago You could maybe use something like this: https://github.com/antonioribeiro/google2fa
JoeNorth
commented
8 years ago @ntimo Generally you'd use Authy to also manage all your google 2fa tokens by scanning in the QR codes. I'd assume you can also use Authy QR codes in the google auth app.
ntimo
commented
8 years ago Do you have any news about the Milestone for version 1.0?
chuushi
commented
8 years ago It'll probably take a long time until it gets started or made.
Also, I don't think I can code the 2 factor authentication into the project. It took me long enough to try to research how to make a more secure way to log people in.
All the login code stuff is stored in this file. It would really help if anyone interested can code 2FA into the file.
That aside, I am considering using a database to store player login data so both Minecraft server (with a future CoLWI plugin) and the webserver can have access to them and to make it possible for moderators to create an account through MC.
JoeNorth
commented
8 years ago There are plenty of PHP libraries out there for 2fa and for user authentication. I'd be more apt to use one of those than to use something rolled on your own simply for security's sake. I'll see if I can't give it a go and get 2fa working.
chuushi
commented
7 years ago How did it go (if you got it working in a way)?
chuushi
commented
4 years ago 2FA is definitely on my to-do list now. I don't think I understood what 2FA meant 4 years ago, lol. Sorry for the troubles back then!
Hi there, I just thought wouldn't it be nice. to have 2 Factor authentication. Maybe you could store the database login data in a mysql database with the users, so you can have multi users with passwords and different login data to log into the web interface and have an option to add 2 Factor authentication too them.
Requests:
Thx Timo