1 (edited by ardyan 09/04/2021 06:23:09 am)

Topic: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

download duo_php lib here https://github.com/duosecurity/duo_php
extract to FrontAccounting folder.

open your /fa/path/folder/index.php
and replace with this code:

<?php
$path_to_root=".";
if (!file_exists($path_to_root.'/config_db.php'))
  header("Location: ".$path_to_root."/install/index.php");

$page_security = 'SA_OPEN';
ini_set('xdebug.auto_trace',1);
include_once("includes/session.inc");

add_access_extensions();
$app = &$_SESSION["App"];
if (isset($_GET['application']))
  $app->selected_application = $_GET['application'];

if(isset($_SESSION["wa_current_user"]->loginname) && $_SESSION["wa_current_user"]->loginname != "" && !isset($_POST['sig_response'])){
  define('AKEY', "THISISMYSUPERSECRETCUSTOMERKEYDONOTSHARE");
  define('IKEY', "IKEY");
  define('SKEY', "SKEY");
  define('HOST', "api-xxxxxxxx.duosecurity.com");
  
  require_once 'duo_php/src/Web.php';
  $sig_request = Duo\Web::signRequest(IKEY, SKEY, AKEY, $_SESSION["wa_current_user"]->loginname);
?>
  <style>
  iframe#duo_iframe { margin-top: 100px; width: 450px;height: 400px; border-style: none; }
  </style>
  <script type="text/javascript" src="duo_php/js/Duo-Web-v2.js"></script>
  <center><iframe id="duo_iframe" data-host="<?php echo HOST; ?>" data-sig-request="<?php echo $sig_request; ?>"></iframe></center>
<?php
} else if(isset($_POST['sig_response'])){
  if (!isset($_SESSION["App"])) {
    $_SESSION["App"] = new front_accounting();
    $_SESSION["App"]->init();
  }
  
  $app->display();
}

Re: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

Hope, Duo is not an open source application and it is chargeable beyond 10 users. instead can we could try with
open2fa,
linotp,
multiotp
and many more.

Can we have your opinion @ardyan please?

Regards,
Bharathiraja Kaliyamoorthy

3 (edited by ardyan 10/13/2021 06:43:03 am)

Re: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

Hi,
Yes @geesyscare, because our office using DUO for additional login purposes. But sure, the other kind of 2FA could be deploy to frontaccounting. In the near future I will do my accounting lab and try the opensourcce for 2FA.

I've tried using Google 2FA, and it worked, but I want to try to make a module so that everyone can easily use it

Re: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

@ardyan,  you don't need to customize the core to use it. Try hooks. You can do it from module itself. And make the duo security as separate module.

Re: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

Hi @kvvaradha,
i can't figuring out how to make this without customize  the core.
can you give me a clue, how to cut session between after login and before going to dashboard page just from module?

6 (edited by ardyan 10/15/2021 07:38:53 am)

Re: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

geesyscare wrote:

Hope, Duo is not an open source application and it is chargeable beyond 10 users. instead can we could try with
open2fa,
linotp,
multiotp
and many more.

Can we have your opinion @ardyan please?

Hi @geesyscare and @kvvaradha
please read my new post at https://frontaccounting.com/punbb/viewt … ?pid=40108

Re: FrontAccounting with Duo Security 2 Factor Authentication (2fa)

@ardyan, Still you didn't understand what i mean in my comment.