Hi Guys,

I had a good look around and could find any complete packages. Maybe someone will upload something in the future.

For now I worked with what I mentioned above. It was quite easy to fix up and the bugs are not too challenging.

Here are the full steps....

Setup.

https://github.com/Dallas-msc/umbraco-2fa-with-google-authenticator

You can download the project and get the new umbraco site up and running very easily and then you will be able to see how 2FA is setup.

You will need to copy a load of stuff into your project. And also install GoogleAuthentication nuget package.

You should be copying...

1. The TwoFactorAuthentication forler

2. The service and composer cs files

3. The TwoFactorAuthentication package in the App_Plugins folder

This should pretty much be it. When you run the project there is a migrations folder which adds a table to the database. I would check that has been added ok.

This should all work and provide the functionality you need. Here is a list of the bugs....

Issue 1

When you login then authenticate there is no redirect to the Umbraco dashboard.

To fix this find the file.

\App_Plugins\2FactorAuthentication\2fa-login.js

And replace: $scope.submit(true); For: window.location.href = '/umbraco';

$scope.validate = function (provider, code) {
            provider = "GoogleAuthenticator"; //temp netser
            $scope.error2FA = "";
            $scope.code = code;
            authResource.verify2FACode(provider, code)
                .then(function (data) {
                    userService.setAuthenticationSuccessful(data);
                    window.location.href = '/umbraco';
                    //$scope.submit(true);
                }, function () { $scope.error2FA = "Invalid code entered." });
        };

Issue 2

When you enable 2FA for the first time it says invalid code. When you refresh you will see that it works.

To fix this look for the file

\App_Plugins\2FactorAuthentication\managementdashboard.controller.js

And replace: if (response.data === "true")

For: if (response.data === true)

Issue 3

When you disable the 2FA nothing happens. This is basically the same reason as Issue 2

To fix this look for the file

\App_Plugins\2FactorAuthentication\managementdashboard.controller.js

And replace: if (response.data === "true")

For: if (response.data === true)

There is one more step involved on this one. A double issue.

Find the file

\App_Plugins\2FactorAuthentication\managementdashboard.html

And replace: <button type="submit">Disable two step verification</button>

For: <button ng-click="disable()">Disable two step verification</button>

Be careful with caching. I find that opening the js and html files in the browser and then force refreshing first before testing will help.

There is one final issue.

There is nowhere for administrators to maintain standard users 2FA. I am going to build a custom dashboard for this since I just dont think this was every included into the plugin above.

Kind Regards

David

hi David - thanks for your summary write up here. Is this still the method you're using or have you since found another package?

Yes I am still using this method. I actually build a second app over the top of this to improve and add a few extra features.

I thought the management area was a bit weak so I built a separate management custom section just for the admins.

Can we use this in Umbraco 9 ?

Hi david

can we custom this function authResource.verify2FACode(provider, code) ?

looks like the authResource is auto generate by umbraco is it?

also wheres the route of function (PostVerify2FACode) ? i dont get it the routing

is working on a reply...