====== authg2fa Plugin ======

---- plugin ----
description: Another Google 2 Factor Authentication Plugin
author     : Andreas Böhler
email      : dev@aboehler.at
type       : Auth Plugin
lastupdate : 2017-03-08
compatible : Hrun, Binky, Ponder Stibbons, Detritus, Elenor Of Tsort, Frusterick Manners
depends    : 
conflicts  : 
similar    : auth:mOTP, authgoogle2fa
tags       : 2FA, two-factor, Google, two-factor authentication, Google Authenticator, !discontinued

downloadurl: https://gitlab.aboehler.at/dokuwiki/authg2fa/-/archive/main/authg2fa-main.tar.gz
bugtracker : https://gitlab.aboehler.at/dokuwiki/authg2fa/-/issues
sourcerepo : https://gitlab.aboehler.at/dokuwiki/authg2fa/
donationurl: 

screenshot_img : 
----

:!: **This plugin is no longer maintained.**

===== Installation =====
Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually.

Copy the unzipped folder to your ''/lib/plugins'' directory and activate the plugin. Then, set your options in Admin -> Configuration Settings. Don't forget to change the authentication type to ''authg2fa'' instead of ''authplain''.

You can revert to authplain by editing your ''/conf/local.php'' file:

<code php>$conf['authtype'] = 'authplain';</code>

===== Caveats =====

Using the standard DokuWiki settings, users aren't able to change their DokuWiki passwords anymore. They will be always prompted with "Wrong Password". 

A DokuWiki setting can disable password verification on profile update:
<code>$conf['profileconfirm'] = false;</code>

The other problem is periodic rechecking of the user's credentials. By default, DokuWiki tries every 900 seconds to check the password. As there is no current 2FA secret available by that time, the check will fail and the user is logged out. You can increase the Timeout to, e.g. 24h, by settings:

<code>$conf['auth_security_timeout'] = 24*3600;</code>

===== Configuration and Settings =====

The available settings are as follows:
  * Enable/Disable G2FA authentication
  * Force G2FA authentication for all users (disallow others)
  * Hint G2FA (notify the user to update his/her profile)

The individual G2FA secrets can be configured in the user's profile and the QR Code displayed. An admin plugin is provided which allows the generation of new secrets. This is not yet feature complete.

===== Development =====

The plugin is heavily based on authgoogl2fa, but extended by many features. Feel free to comment and request features below.