table of contents
- bookworm 2.16.1+ds-deb12u4
- bookworm-backports 2.20.1+ds-1~bpo12+1
- testing 2.20.1+ds-1
- unstable 2.20.1+ds-1
| Lemonldap::NG::Portal::Main::SecondFactor(3pm) | User Contributed Perl Documentation | Lemonldap::NG::Portal::Main::SecondFactor(3pm) |
NAME¶
Lemonldap::NG::Portal::Main::SecondFactor - Base class for Lemonldap::NG::Portal second factor plugins.
SYNOPSIS¶
package Lemonldap::NG::Portal::2F::MySecondFactor;
use Mouse;
# Import used constants
use Lemonldap::NG::Portal::Main::Constants qw(
PE_OK
PE_BADCREDENTIALS
PE_SENDRESPONSE
);
extends 'Lemonldap::NG::Portal::Main::SecondFactor';
# INITIALIZATION
# Prefix that will be used in parameter names. The form used to enter the
# second factor must post its result to "/my2fcheck" (if "my" is the prefix).
has prefix => ( is => 'ro', default => 'my' );
# Optional logo
has logo => ( is => 'rw', default => 'mylogo.png' );
# Required init method
sub init {
my ($self) = @_;
# Insert here initialization process
#
# If self registration is enabled and "activation" is set to "enabled",
# replace the rule to detect if user has registered a device key.
# The rule must be like this :
# By example :
$self->conf->{totp2fActivation} = '$_2fDevices =~ /"type":\s*"TOTP"/s'
# Optionally, the rule can be : '$_2fDevices and $_2fDevices =~ /"type":\s*"TOTP"/s'
# to avoid warning due to undef variable
#
# Required call:
return $self->SUPER::init();
}
# RUNNING METHODS
# Required 2nd factor send method
sub run {
my ( $self, $req, $token ) = @_;
# $token must be inserted in a hidden input in your form with the name
# "token"
...
# A LLNG constant must be returned. Example:
$req->response($my_psgi_response);
return PE_SENDRESPONSE;
}
# Required 2nd factor verify method
sub verify {
my ( $self, $req, $session ) = @_;
# Use $req->param('field') to get POST responses
...
if ($result eq $goodResult) {
return PE_OK;
}
else {
return PE_BADCREDENTIALS;
}
}
1;
Enable your plugin in lemonldap-ng.ini, section [portal]:
- <prefix>2fActivation (required): 1, 0 or a rule
- <prefix>2fAuthnLevel (optional): change authentication level for users authenticated by this plugin
Example:
[portal] customPlugins = Lemonldap::NG::Portal::2F::MyPlugin my2fActivation = 1 my2fAuthnLevel = 4
DESCRIPTION¶
Lemonldap::NG::Portal::Main::SecondFactor provides a simple framework to build Lemonldap::NG second authentication factor plugin.
See Lemonldap::NG::Portal::Plugins::2F::* packages for examples.
SEE ALSO¶
OTHER POD FILES¶
- Writing an authentication module: Lemonldap::NG::Portal::Auth
- Writing a UserDB module: Lemonldap::NG::Portal::UserDB
- Writing a second factor module: Lemonldap::NG::Portal::Main::SecondFactor
- Writing an issuer module: Lemonldap::NG::Portal::Main::Issuer
- Writing another plugin: Lemonldap::NG::Portal::Main::Plugin
- Request object: Lemonldap::NG::Portal::Main::Request
- Adding parameters in the manager: Lemonldap::NG::Manager::Build
AUTHORS¶
BUG REPORT¶
Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
DOWNLOAD¶
Lemonldap::NG is available at <https://lemonldap-ng.org/download>
COPYRIGHT AND LICENSE¶
See COPYING file for details.
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
| 2024-11-12 | perl v5.36.0 |