Skip to content

The JetRails 2FA plugin adds an extra layer of security to your Magento store. User based 2FA enablement ensures that admin users are following best security practices.

License

Notifications You must be signed in to change notification settings

jetrails/magento-twofactor

Repository files navigation

Magento — Two-Factor Authentication

The JetRails 2FA plugin adds an extra layer of security to your Magento store. User based 2FA enablement ensures that admin users are following best security practices.

About

The JetRails 2FA plugin adds an extra layer of security to your Magento store. User-based 2FA enablement ensures that admin users are following best security practices. This module has the following features:

  • A Master Administrator can require 2FA to be utilized by specific users.
  • Usage of 2FA can be enforced and required for log in.
  • Once you use the 2FA to log in, there is an option to bypass authentication for a pre-configured number of days.
  • A Master Administrator can oversee every user's authentication process.
  • In the event of a lost or misplaced 2FA account, backup codes are available as an alternate method for authentication.
  • In the event of an attempted account breach, prevention protocols are in place via brute-force protection, which will temporarily block the account.
  • The threshold for the number of failed authentication attempts before a temporary ban is imposed is configurable.
  • The duration of a user's temporary ban is configurable.
  • An automatic instantaneous alert will be sent to the account owner and store admins informing them of an attempted breach. Any security warning will be logged with any relevant data such as the offender's IP address.
  • The 2FA account can be setup for devices (something they have) using the Google Authenticator app, which is available for every platform including iPhone and Android.

Compatibility

Please refer to COMPATIBILITY.md to see which versions of Magento this extension was tested on and proved to be compatible with.

Documentation

The user guide can be found in the docs folder. The user guide goes through the installation process as well as explains all the features that comes with this plugin. For furthur support, please email [email protected].

Build System

This extension uses Gulp as it's build system. Gulp is a package that can be easily downloaded using NPM or Yarn. Once this repository is cloned, run npm install gulp -g followed by npm install or yarn install to install Gulp and all Gulp modules used within this build system. Please refer to the following table for a description of some useful Gulp commands. A typical Gulp command takes the following form: gulp <command>.

Command Description
init Creates build, staging, and distribution directories
clean Deletes build and distribution directories
bump Bumps version number in source files to reflect version found in package.json
build Builds and copies files from source directory to the build directory
deploy Copies files from build directory to the staging directory
watch Watches files in source directory and executes deploy on file change
package Updates package.xml with file hashes and packages extension into distribution directory

Docker Environment

This project comes with a docker-compose.yml and a docker-sync.yml file, which can be used to spin up a Magento 1 development environment. In order to use docker, please make sure you have Docker, Docker Compose, and Docker Sync installed. For information about configuring this docker environment, please refer to it's Github repository which can be found here.

About

The JetRails 2FA plugin adds an extra layer of security to your Magento store. User based 2FA enablement ensures that admin users are following best security practices.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •