Allow token based logins without 2fa for automated access

By default token auth accesses to the API are now always allowed without
2fa. If you need automated access to other endpoints (like a script

Allow token based logins without 2fa for automated access

By default token auth accesses to the API are now always allowed without
2fa. If you need automated access to other endpoints (like a script
provided by a plugin) an option enables that.

show more ...

allow to skip 2fa for trusted IP addresses

protect password reset with 2fa

This needed some internal changes, because now 2fa data needs to be
checked for a user that is not logged in. Providers may need adjustments
if they access user data.

protect password reset with 2fa

This needed some internal changes, because now 2fa data needs to be
checked for a user that is not logged in. Providers may need adjustments
if they access user data. They should use the getUserData() method of
the abstract Provider class to do so.

show more ...

Add "useinternaluid" option

fix error message in admin interface

Update mandatory.txt

Fix tiny typo

added custom OTP form field

This also fixes wilminator/dokuwiki-plugin-twofactor#26

streamline language files

We use "two-factor" and "mechanism" as our preferred terms now.

fixed language files for settings

changed how provider setup works

This makes the interface a bit cleaner and less confusing

some cleanup and streamlining for providers

removed obsolete config and language

finished admin refactoring

first start with the admin interface

delete cookie on logout

profile localization and styling

first go a profile refactoring

remove enable config

Plugins are enabled or disabled in the extension manager. No need to
duplicate it here. The feature was also broken because of strict type
checking.

* Reworked flow to better grant the 2FA to non-enabled users on the wiki access. This should prevent users from being hit up with a 2FA challenge just after enabling the software on the wiki or just

* Reworked flow to better grant the 2FA to non-enabled users on the wiki access. This should prevent users from being hit up with a 2FA challenge just after enabling the software on the wiki or just after configuring their first provider.
* Users with master disabled 2FA settings will no longer populate any available 2FA providers. These may be available if they were configured before turning off 2FA.
* Notices will now only send if the user truly wanted them, I think.

show more ...

* Added LogLog support to this module.
* Refactored workflow to eliminate redundant calls and provide cleaner logging.
* Rewrote the login function to (properly) use a cookie to survive a session pur

* Added LogLog support to this module.
* Refactored workflow to eliminate redundant calls and provide cleaner logging.
* Rewrote the login function to (properly) use a cookie to survive a session purge.
* The login cookie now has a server-side timeout setting.
* Added audit/debug logging. The audit logging will provide enough logging without LogLog to track user login activity. The debug logging will help me assist when others have problems.
* Removed trailing spaces.
* Added language internationalization for many options including email notification of successful login option.

show more ...

* Removed GetInfo from this module to fallback to base class method.
* Updated plugin.info.txt.
* Implemented a method-breaking change to _send_otp. The first argument is now the subject for the mes

* Removed GetInfo from this module to fallback to base class method.
* Updated plugin.info.txt.
* Implemented a method-breaking change to _send_otp. The first argument is now the subject for the message to be sent. This is used only if the transport supports it.
* Implemented login notification in _grant_clearance.
* Fixed session-loss fix so that when logging in via tokens (like with GA), the session id is properly recorded.
* Split out the message sending function of _send_otp into _send_message in action.php.
* Added new configuration options to the module to support the login notification and new message subject functionality.
* Rearranged the layout of the en/lang.php file.
* Removed the phone string from en/lang.php. This is being pushed back into the transport modules.
* Added setting translations for the new settings.
* Added per-item translations for the choice settings. This should further help with translations.

show more ...

* Added disable code to the admin module if the authentication module does not expose 'getUsers' functionality.
* Updated the language file to be more descriptive when disabling due to authentication

* Added disable code to the admin module if the authentication module does not expose 'getUsers' functionality.
* Updated the language file to be more descriptive when disabling due to authentication module issues.
* Updated the plugin release date files.

show more ...

* Corrected README to point to correct installation path
* Updated error messages regarding the lack of the Attribute plugin to be more clear that the plugin named Attribute is missing.
* Refactored

* Corrected README to point to correct installation path
* Updated error messages regarding the lack of the Attribute plugin to be more clear that the plugin named Attribute is missing.
* Refactored some code to accommodate for versions of PHP that do not let you index a function. This will help future debugging as needed.
* Changed how _send_otp used $modname. It now stores $modname as an array of class names that successfully sent the OTP out.
* Updated the default processLogin function to succeed if any OTP module processing the OTP is in the list of modules that succeeded in sending the OTP.
* Fixed the return value of _send_otp to refer to the correct variable to count.
* Updated the module release date.

show more ...

* Check to see if session is closed before opening and closing the session for _logout and _grant_clearance functions.
* Updated the publication information in preparation for posting to the internet

* Check to see if session is closed before opening and closing the session for _logout and _grant_clearance functions.
* Updated the publication information in preparation for posting to the internet.
* Fixed admin page to purge child attribute files.
* Fixed failure to pass user to exist check in _settingsGet.
* Fixed logic flaw identifying the module used to send OTP, effectively breaking that.
* Removed die statement to enable otp passwords.
* Updated image for Twofactor Settings.
* Refactored code to have new actions for twofactor_login and twofactor_profile. It is a bit cleaner now.
* Restructured twofactor_before_auth_check to do a better job of handling OTP acceptance (or lack thereof).

show more ...

* Pulled out debugging code I forgot to remove before releasing.
* Forgot to publish some language updates for new settings I added with the SMS verification.