×
K5.1.1 is released (10 Jun 2018)

The Kunena team is pleased to announce Kunena 5.1.1 [K 5.1.1].
Please read the blog post for information:

× Please note: The Kunena project team takes NO responsibility for maintaining nor supporting anything in this category.

Question Two Factor Authentication

More
4 years 3 months ago - 4 years 2 months ago #1 by cotswoldphoto
As far as I can see, Kunena does not support 2FA. I have only just installed Kunena 3.0.5 on J!3.2.3

The J!3 login module in the left column shows the secret key field, but the Kunena login at the top of the forum does not. IS this true?
If you want, I can modify Kunena
to do this (it wouldn't take me long as I am a php coder anyway).

OR, has someone written this into the 3.1 beta?

There is always tomorrow. If there isn't, why worry? The world must be about to end!
Last edit: 4 years 2 months ago by cotswoldphoto.
The following user(s) said Thank You: Toshik, lucheins2508

Please Log in or Create an account to join the conversation.

More
4 years 3 months ago - 4 years 3 months ago #2 by cotswoldphoto
OK

So, the changes I made:

A new language variable in the en-GB.com_kunena.templates.ini file (found in the /components/com_kunena/language/en-GB folder)

after line 150 [COM_KUNENA_LOGIN_USERNAME="Username:"]
(I also changed line 150's setting - COM_KUNENA_LOGIN_USERNAME - from 'Username' to 'User Name'), add this line:
COM_KUNENA_LOGIN_SECRETKEY="Secret Key:"

Then find the login.php file in the /components/com_kunena/template/blue_eagle/html/common folder

Find lines 30-45 (they should look like this):
<div class="input">
<span>
<?php echo JText::_('COM_KUNENA_LOGIN_USERNAME') ?>
<input type="text" name="username" class="inputbox ks" alt="username" size="18" />
</span>
<span>
<?php echo JText::_('COM_KUNENA_LOGIN_PASSWORD'); ?>
<input type="password" name="password" class="inputbox ks" size="18" alt="password" /></span>
<span>
<?php if($this->remember) : ?>
<?php echo JText::_('COM_KUNENA_LOGIN_REMEMBER_ME'); ?>
<input type="checkbox" name="remember" alt="" value="1" />
<?php endif; ?>
<input type="submit" name="submit" class="kbutton" value="<?php echo JText::_('COM_KUNENA_PROFILEBOX_LOGIN'); ?>" />
</div>



Replace them with these lines.

<div class="input">
<label for="k-lgn-username"><?php echo JText::_('COM_KUNENA_LOGIN_USERNAME') ?>
<input id="k-lgn-username" type="text" name="username" class="inputbox ks" alt="username" size="18" /></label>
<label for="k-lgn-password"><?php echo JText::_('COM_KUNENA_LOGIN_PASSWORD'); ?>
<input id="k-lgn-password" type="password" name="password" class="inputbox ks" size="18" alt="password" /></label>
<?php $tfa = JPluginHelper::getPlugin('twofactorauth'); ?>
<?php if (!is_null($tfa) && $tfa != array()): ?>
<label for="k-lgn-secretkey"><?php echo JText::_('COM_KUNENA_LOGIN_SECRETKEY'); ?>
<input id="k-lgn-secretkey" type="text" name="secretkey" class="inputbox ks" size="18" alt="secretkey" /></label>
<?php endif; ?>
<?php if($this->remember) : ?>
<label for="k-lgn-rememberme"><?php echo JText::_('COM_KUNENA_LOGIN_REMEMBER_ME'); ?>
<input id="k-lgn-rememberme" type="checkbox" name="remember" alt="" value="1" /></label>
<?php endif; ?>
<input type="submit" name="submit" class="kbutton" value="<?php echo JText::_('COM_KUNENA_PROFILEBOX_LOGIN'); ?>" />
</div>

The extra css you will need is:
#Kunena div.input label {
display:inline-block;
margin: 3px 3px 0 0;
font-size: 1em;
}

I always have a custom css file loading pretty much last in my main template index.php, so that's where I put the above css.

This appears OK, but I am still having problems getting it to work. More digging I think. Wait for news!!

[Edit:] I see the problem. A normal joomla page posts back to itself as the root page, but the Kunena forum form posts back to the forum page with the submit set to 'Login'(the value of the COM_KUNENA_PROFILEBOX_LOGIN variable).

I need to go find that page and get it to handle the secret key. From the looks of it, that is the user.php file found in the controller folder.

There is always tomorrow. If there isn't, why worry? The world must be about to end!
Last edit: 4 years 3 months ago by cotswoldphoto.

Please Log in or Create an account to join the conversation.

More
4 years 3 months ago #3 by cotswoldphoto
OK, who's ya daddy?

This SEEMS to work, here come the other changes (would be great if one of the devs could take a peek too):

File login.php in the /plugins/kunena/joomla folder

Lines 21/22:

public function loginUser($username, $password, $secretkey, $rememberme) {
$credentials = array('username' => $username, 'password' => $password, 'secretkey' => $secretkey);

File user.php in the /components/com_kunena/controllers

Insert between Lines 223 and 224:

$secretkey = JRequest::getString ( 'secretkey', '');

Then edit line 227 (as it is after the previous insert):

$error = $login->loginUser($username, $password, $secretkey, $remember);

File login.php in the /libraries/kunena folder

Lines 45-48:

public function loginUser($username, $password, $secretkey, $rememberme=0, $return=null) {
foreach ($this->instances as $login) {
if (method_exists($login, 'loginUser')) {
return $login->loginUser($username, $password, $secretkey, $rememberme, $return);

File login.php in the /plugins/kunena/comprofiler folder

Line 20:

public function loginUser($username, $password, $secretkey, $rememberme) {

Line 31:

$resultError = $cbAuthenticate->login ( $username, $password, $secretkey, $rememberme, 1, $redirect_url, $messagesToUser, $alertmessages, $loginType );

There is always tomorrow. If there isn't, why worry? The world must be about to end!

Please Log in or Create an account to join the conversation.

More
4 years 3 months ago - 4 years 3 months ago #4 by cotswoldphoto
To any devs that read this, I did leave 2 files alone that might also need similar mods to those I have done.

Both called login.php, one is in the administrator/components/com_kunena/install/plugins/plg_kunena_comprofiler folder and the other is in the administrator/components/com_kunena/install/plugins/plg_kunena_joomla folder. The changes are obvious if you consider what I changed in the previous post. In the first file, lines 20 and 31:

Line 20: public function loginUser($username, $password, $secretkey, $rememberme) {
Line 31: $resultError = $cbAuthenticate->login ( $username, $password, $secretkey, $rememberme, 1, $redirect_url, $messagesToUser, $alertmessages, $loginType );


and in the second file in lines 21 and 22:

public function loginUser($username, $password, $secretkey, $rememberme) {
$credentials = array('username' => $username, 'password' => $password, 'secretkey' => $secretkey);

Bye for now.

There is always tomorrow. If there isn't, why worry? The world must be about to end!
Last edit: 4 years 3 months ago by cotswoldphoto.

Please Log in or Create an account to join the conversation.

More
4 years 3 months ago #5 by cotswoldphoto
Good God. Over 10k of you have read this in the last 10 hours!!!

Anyway, I changed those last 2 files as per my last post and it all seems to be working (yes, I have tested it).

Remember though, 2FA only works on Joomla! 3.2x and upwards. I wrote the code so it won't break it for earlier versions - the Secret Key field simply doesn't appear.

I will leave it to you to figure how to set up 2FA. I used the Google version. One thing though, you have to enable 2FA for the front end in the 2FA module in Joomla! If a user has not set it up, they can leave the field blank and it will log them on anyway. But, if they have set it up, they will need the Secret Key to log in.

DO NOT do as I did and upload a two factor authentication extension. Joomla! 3.2.x upwards ships with the module built in. And your server time has to be spot on to real time, and the server timezone and the Joomla! timezone need to match. I had to set the timezones to match ion my live server, but the server owner had to switch on the real time clock (it was about 2 minutes out before) updates.

Anyway, enjoy as they say. I wonder if this will be in later versions of Kunena as standard? Otherwise this will be a real pain to re-do each time I update.

There is always tomorrow. If there isn't, why worry? The world must be about to end!

Please Log in or Create an account to join the conversation.

More
4 years 3 months ago #6 by 810
Replied by 810 on topic Two Factor Authentication
Thank you, i had already started the tfa in k3.1. But now can i add this.


Regards 810

Please Log in or Create an account to join the conversation.

More
3 years 3 months ago #7 by djb
Replied by djb on topic Two Factor Authentication
Hi,

Is the plan still to include tfa in K3.1?

With thanks
David

Please Log in or Create an account to join the conversation.

More
3 years 3 months ago #8 by xillibit
Replied by xillibit on topic Two Factor Authentication
Hello,

The TFA support has been included into Kunena 3.1 developpement branch

I don't provide support by PM, because this can be useful for someone else.

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Time to create page: 0.090 seconds