Skip to content

Boilerplate default member access rules for Silverstripe websites - including password, MFA and pending profiles

License

Notifications You must be signed in to change notification settings

nswdpc/silverstripe-authentication-boilerplate

Silverstripe Authentication Boilerplate

This module provides a standard set of rules for defining access to Silverstripe sites:

  • password validation configuration per NIST standards
  • password handling and management
  • password checking via pwnedpasswords API
  • multi-factor authentication setup (MFA)
  • security extensions
  • security reports
  • pending profiles

This module is under active development and should not be considered production-ready just yet

We welcome testing and feedback via the Github issue tracker

Requirements

  • silverstripe/totp-authenticator - for MFA via a Time-based One-time Password
  • nswdpc/silverstripe-pwnage-hinter - provides pwned password/breached account assistance
  • silverstripe/security-extensions - provides features including sudo mode, password change on next sign in
  • silverstripe/securityreport - "Users, Groups and Permissions" report in the administration area for Administrators
  • spomky-labs/otphp - TOTP base library

See composer.json for details

Configuration

See _config/config.yml

Note that this module provides the ability to configure the MFA secret key via per-project YAML rather than in .env

More: Multi Factor Authentication

Good-to-know

Password validator

If you are setting a PasswordValidator in project configuration like so:

$validator = \SilverStripe\Security\PasswordValidator::create();
\SilverStripe\Security\Member::set_password_validator($validator);

This will replace the password validator provided in this module.

License

BSD-3-Clause

Documentation

Maintainers

Bugtracker

We welcome bug reports, pull requests and feature requests on the Github Issue tracker for this project.

Please review the code of conduct prior to opening a new issue.

Development and contribution

If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.

Please review the code of conduct prior to completing a pull request.

About

Boilerplate default member access rules for Silverstripe websites - including password, MFA and pending profiles

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published