openfactory-ch / whmcs-oath-addon Goto Github PK
View Code? Open in Web Editor NEWGoogle Authenticator (OATH) addon for WHMCS 6+ for admin and client area.
Google Authenticator (OATH) addon for WHMCS 6+ for admin and client area.
Can this module be used alongside with the new WHMCS Sign-In Integrations?
https://blog.whmcs.com/132509/feature-spotlight-sign-in-integrations
When configuring 2FA for the client. Once you try to log in, and ask for the 6-digit token, simply click on any of the registered client-side services, which will no longer be requested token (even if it has never been typed).
The token is only requested on the login screen, and no other token is requested (even though you have not typed in the access before).
There is a remember me option in WHMCS Admin area but If you close browser and reopen then it ask for OATH code.
Please provide a option for people who wish to use Remember me option so code will be not asked to them.
Same feature as Google Gmail uses, If you do not remove cookies then it does not ask for code and only ask for auth for first time singing, If cookie removed then you will need to provide auth code but If you only close browser then gmail does not ask for 2fa code.
I have set correction content in Authenticator App, First Line Company and bottom of code your User name
$user = get_query_val('tblclients', 'email', "id = ".$_SESSION['uid']); $company = get_query_val('tblconfiguration', 'value', "setting = 'CompanyName'"); QRcode::png('otpauth://totp/' . $user . '?issuer=' . urlencode($company) . '&secret=' . $_GET['secret']);
$user = get_query_val('tbladmins', 'username', "id = ".$_SESSION['adminid']); $company = get_query_val('tblconfiguration', 'value', "setting = 'CompanyName'"); QRcode::png('otpauth://totp/' . $user . '?issuer=' . urlencode($company) . '&secret=' . $_GET['secret']);
Full download project correction: https://github.com/aminmahdi/whmcs-oath-addon
Hi,
is it possible to integrate it directly into WHMCS Login mask?
As with this, i am theoretically already inside of WHMCS.
I could see open tickets/ Invoices etc.
Or maybe just change Layout instead of not loading whole admin Template/ Sidebar etc.
Just have Passwort Field with some Text above. nothing else.
Currently when disabling the 2FA on client side there is no step asking for the code a last time -> it directly disables. So for disabling 2FA only a valid session required. I think that this is not enough. Disabling the 2FA should be the same security as like the normal login.
Should disabling the 2FA need the a valid Code for confirmation? Discussion open :)
Hello,
Im using WHMCS 7.1 Updated version and when im trying to scan QR code on my phone the following error shows on Google Authenticator app "Cannot interpret QR code" only at Admin panel, Client area version is working.
I have tried the following solutions:
Also i pressed ctrl + f5 to refresh multiple times.
None of above tips are working, kindly guide me through.
Screenshot attached.
4 years ago I asked to obtain maintainership of this addon from the former developer but I haven't touched the code for some time. Meanwhile issues and PR keep coming, but I have no way to test any change nor resources to keep the repository in a healthy state. While the organisation probably still uses this addon, it seems no-one can step in an keep maintaining it.
I'd like to give this this project in new hands.
When enabling for admin users the title of the 2fa code on googles app is "Untitled"
Any ideas on where to set the site id or name for admin users?
Please find below the text for the Portuguese - Portugal (portuguese-pt.php) translation:
`<?php
$_ADDONLANG['incorrect']='O seu código estava incorreto.';
$_ADDONLANG['enterCodeNote']='Digite o código gerado pela sua aplicação móvel.';
$_ADDONLANG['enterCode']='Insira o seu código';
$_ADDONLANG['btnLogin']='Validar Autenticação';
$_ADDONLANG['enterEmCode']='Digite o seu código de emergência';
$_ADDONLANG['emLogin']='Acesso de Emergência';
$_ADDONLANG['lostDevice']='Perdeu o seu dispositivo móvel?';
$_ADDONLANG['inactive']='O suporte a Autenticação de 2 Factores está desactivado.';
$_ADDONLANG['disabled']='A Autenticação de 2 Factores está descativada.';
$_ADDONLANG['btnEnable']='Activar a Autenticação de 2 Factores';
$_ADDONLANG['scanNote']='Por favor digitalize este código QR com a sua aplicação de autenticação móvel.';
$_ADDONLANG['unableScan']='Se não for possível fazer scan do QR code, use este código:';
$_ADDONLANG['verify']='Código de Verificação';
$_ADDONLANG['recomApp']='App Recomendada';
$_ADDONLANG['enabled']='Autenticação de 2 Factores está activa de momento.';
$_ADDONLANG['emCode']='O seu código de emergência é';
$_ADDONLANG['emCodeNote']='Poderá usar este código se perder o seu dispositivo móvel.';
$_ADDONLANG['btnSecret']='Ver Código';
$_ADDONLANG['emCodeNote2']='Anote esta informação. Não será exibida novamente.';
$_ADDONLANG['btnDisable']='Desactivar Autenticação de 2 Factores';
$_ADDONLANG['note']='Nota: Quaisquer sub-utilizadores com acesso à sua conta terão que fornecer um token de autenticação de 2 factores.';
?>
`
one of my users got the error message from Google Authenticator that "Is unable to interpret this code"
In German, it was "Code kann nicht ausgewertet werden"
My WHMCS version is the newest 7.1
entering the code from hand worked
After I logged in like an customer link index.php?m=oath simply doesn't work. Anny suggestions?
For admins configuration works fine
@dionysius
I have add Persian (Farsi) language file.
https://github.com/aminmahdi/whmcs-oath-addon
Good Like 👍
There is no translation of the page title in the clientarea:
['pagetitle'] = 'Two-Factor Login Verification';
Line 66,67,88
Hello, my server index is broken and when always you try to access it, you get returned to the client area. There is anyway to redirect this to the client area directly, any way to allow my customers to use this without redirecting them to index?
Or you can help me fixing this index error I have with whmcs, thanks.
Hello thank you for this great module I translated it into my language so I share it for you.
https://pastebin.com/dYukM19j
I found a bug affecting sub-accounts. If the client with the user id "1234" activates 2FA, when someone with the sub-account id "1234" tries to login, it will be requested to pass the 2FA.
Hello, I'm using WHMCS 7.1 and always I try to read a code it says it's weong, and whne I type it manually it says that that's not the code.
Hello I created a file with Portuguese-br.php name with translation and did not work.
portuguese-br.zip
Hello,
Authenticator working for me but a little problem.
I'm verifying with Google Authenticator.
But when I enter the code it says wrong code.
Fixed : Your phone needs to be connected to the internete and get the date and time of the google authenticator online.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.