search

codeFareith / cf_google_authenticator

TYPO3 CMS extension | provide Google 2FA for backend and frontend users
GNU General Public License v3.0
7 stars 14 forks source link

After login with standard FE Login there already is access to protected pages #170

Open OrangeLeinad opened 4 years ago

OrangeLeinad commented 4 years ago

Detected with TYPO3 V9.5.18 and Ext:cf_google_authenticator V1.2.2

I did the installation for frontend login purpose according to your manual description. After installation I got this frontend view, see picture 1:

grafik

Afterwards if I logged in successfully I already see the protected area, even though I didn't login through 2 factor authentication! See picture 2:

grafik

My expectation was, that only after succesfull login with 2 factor authentication I can see the protected area. Have I forgot something in the configuration?

Thanks in advance for your support.

codeFareith commented 4 years ago

Is 2FA already enabled by the desired FE user?

OrangeLeinad commented 4 years ago

Are you referring to the backend according to following image?

grafik

codeFareith commented 4 years ago

Hi @OrangeLeinad,

yes. Actually there are two ways to enable two-factor authentication for a specific FE-User:

  1. edit the specific frontend user record, via Backend (your screenshot)
  2. create a page - only visible to logged-in users - and add the frontend plugin to that page. This way, every frontend user can set up two-factor authentication by himself.