1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-14 10:52:41 +01:00
phorge-phorge/src/applications/auth
epriestley 99c72a32d0 Allow installs to require multi-factor authentication for all users
Summary: Ref T5089. Adds a `security.require-multi-factor-auth` which forces all users to enroll in MFA before they can use their accounts.

Test Plan:
Config:

{F159750}

Roadblock:

{F159748}

After configuration:

{F159749}

  - Required MFA, got roadblocked, added MFA, got unblocked.
  - Removed MFA, got blocked again.
  - Used `bin/auth strip` to strip MFA, got blocked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5089

Differential Revision: https://secure.phabricator.com/D9285
2014-06-03 16:50:27 -07:00
..
action Rate limit multi-factor actions 2014-04-30 14:30:31 -07:00
application Allow installs to require multi-factor authentication for all users 2014-06-03 16:50:27 -07:00
constants Make password reset emails use one-time tokens 2014-05-22 10:41:00 -07:00
controller Allow installs to require multi-factor authentication for all users 2014-06-03 16:50:27 -07:00
data Add "High Security" mode to support multi-factor auth 2014-04-27 17:31:11 -07:00
editor can now tell phabricator you trust an auth provider's emails (useful for Google OAuth), which will mark emails as "verified" and will skip email verification. 2014-05-16 14:14:06 -07:00
engine Make password reset emails use one-time tokens 2014-05-22 10:41:00 -07:00
exception Make two-factor auth actually work 2014-04-28 10:20:54 -07:00
factor Add "temporary tokens" to auth, for SMS codes, TOTP codes, reset codes, etc 2014-05-20 11:43:45 -07:00
garbagecollector Add "temporary tokens" to auth, for SMS codes, TOTP codes, reset codes, etc 2014-05-20 11:43:45 -07:00
management Allow installs to require multi-factor authentication for all users 2014-06-03 16:50:27 -07:00
phid Add multi-factor auth and TOTP support 2014-04-28 09:27:11 -07:00
provider can now tell phabricator you trust an auth provider's emails (useful for Google OAuth), which will mark emails as "verified" and will skip email verification. 2014-05-16 14:14:06 -07:00
query Add "temporary tokens" to auth, for SMS codes, TOTP codes, reset codes, etc 2014-05-20 11:43:45 -07:00
storage Add "temporary tokens" to auth, for SMS codes, TOTP codes, reset codes, etc 2014-05-20 11:43:45 -07:00
view Send old login code to the bottom of the sea 2013-06-19 01:33:27 -07:00