Comments (3)
I recently implemented 2FA and had to make it pretty flexible, so figured I'd share some feedback:
- I needed it to be configurable per guard because I've got both Admin and Member models, and each has different security requirements
- The option to enforce it for all users was also configurable per guard
- All the options (enable/disable/enforce) were implemented as settings in a landlord panel, so it'd be great to make everything dynamically configurable rather than hardcoded in the config file
- I used the session to store the 2FA auth status so I could programmatically mark it as completed when using my custom SSO (SSO logins normally skip 2FA since the SSO provider handles it).
from filament.
I know it can be tempting to just implement fortify or go the fortify route of just directly integrating something simple like TOTP and calling it good. I for one am annoyed by how locked into that one method fortify is. IMO please build it yourself and make it modular using a driver based approach so the community can come in and make plugins for other forms of 2FA as we want.
This is a 2fa package that supports multiple drivers (might be useful for inspiration): https://github.com/worksome/laravel-mfa. I agree it'd be great to be able to support multiple methods. I've implemented both email codes and TOTP in my app and they're dynamically configurable, so each of my tenant owners can choose the 2fa method they want their users to use.
Fortify is a very thin wrapper around https://github.com/antonioribeiro/google2fa and https://github.com/Bacon/BaconQrCode. IMHO it's better to implement them directly rather than trying to use Fortify and be constrained by its limitations.
from filament.
I know it can be tempting to just implement fortify or go the fortify route of just directly integrating something simple like TOTP and calling it good. I for one am annoyed by how locked into that one method fortify is. IMO please build it yourself and make it modular using a driver based approach so the community can come in and make plugins for other forms of 2FA as we want.
from filament.
Related Issues (20)
- Tree reorderable on tables HOT 1
- Fix checkbox label description
- Description max width HOT 1
- Description alignment of text column with icon
- Move to Alpine.js Anchor plugin HOT 5
- Tooltip alignment HOT 3
- Improved colors
- Wizard form with same relationship in multiple steps doesn't work
- Number::useLocale not working
- Custom user menu item not being translated HOT 1
- TextColumn does not resize when other column has `grow()` enabled HOT 1
- ToolTip "bubble" does not conform to its contents HOT 1
- `ImageColumn` clashes with methods on `HasWidth` trait HOT 1
- Unable to install HOT 5
- Modal select field
- Infinite redirect loop HOT 3
- ExportBulkAction Ignoring All But Last Export Type HOT 1
- Markdown editor sometimes not save the data
- Navigation Loaded Twice, Causing Badge SQL Query to Run Twice
- Page expired (419) on user registration using the FileUpload component HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from filament.