nswdpc/silverstripe-authentication-boilerplate

Boilerplate default access rules for Silverstripe websites

Installs: 4 357

Dependents: 1

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 1

Open Issues: 1

Type:silverstripe-vendormodule

v1.0.0-rc1 2024-08-22 07:34 UTC

README

This module provides a standard set of rules for defining access to Silverstripe sites:

  • password validation configuration per NIST standards
  • password handling and management
  • password checking via pwnedpasswords API
  • multi-factor authentication setup (MFA)
  • security extensions
  • security reports
  • pending profiles

This module is under active development and should not be considered production-ready just yet

We welcome testing and feedback via the Github issue tracker

Requirements

  • silverstripe/totp-authenticator - for MFA via a Time-based One-time Password
  • nswdpc/silverstripe-pwnage-hinter - provides pwned password/breached account assistance
  • silverstripe/security-extensions - provides features including sudo mode, password change on next sign in
  • silverstripe/securityreport - "Users, Groups and Permissions" report in the administration area for Administrators
  • spomky-labs/otphp - TOTP base library

See composer.json for details

Configuration

See _config/config.yml

Note that this module provides the ability to configure the MFA secret key via per-project YAML rather than in .env

More: Multi Factor Authentication

Good-to-know

Password validator

If you are setting a PasswordValidator in project configuration like so:

$validator = \SilverStripe\Security\PasswordValidator::create();
\SilverStripe\Security\Member::set_password_validator($validator);

This will replace the password validator provided in this module.

License

BSD-3-Clause

Documentation

Maintainers

Bugtracker

We welcome bug reports, pull requests and feature requests on the Github Issue tracker for this project.

Please review the code of conduct prior to opening a new issue.

Development and contribution

If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.

Please review the code of conduct prior to completing a pull request.