There seem to be a few options for Google using Java E.g. https://github.com/wstrange/GoogleAuth
I don't quite see in that lib how it generates the QR code for scanning but there should be a way :) The BSD license would require us to add a copy left into our License file, but in general it would be compatible imho. Thanks Seb Sebastian Wagner Director Arrakeen Solutions, OM-Hosting.com http://arrakeen-solutions.co.nz/ https://om-hosting.com - Cloud & Server Hosting for HTML5 Video-Conferencing OpenMeetings <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> On Wed, 3 Aug 2022 at 16:12, Maxim Solodovnik <[email protected]> wrote: > Hello Seb, > > Sorry for a late response, I'm on vacation :) > > I would > +1 this feature :) > > The problems we'll need to solve > - add 2fa mechanisms other than email (not sure if apps like "Google > authenticator" has open source API :(, we can use telegram API ....) > - we'll need to move this out of om_user db table (maybe with > activation_hash and *reset-password-hash* > > Need to be investigated and carefully refactored :) > > from mobile (sorry for typos ;) > > > On Wed, Aug 3, 2022, 10:15 [email protected] <[email protected]> > wrote: > >> Not many pros or cons in this discussion. >> >> But I think it would be a good option to have available for users. As >> well as a good feature to advertise for. Especially in order to use >> OpenMeetings in a Gov/Education environment where compliance may require to >> have 2 factor auth for applications in order for using it. >> >> So I assume I can create some tickets and get this on the way. >> >> Thanks >> Seb >> >> >> >> Sebastian Wagner >> Director Arrakeen Solutions, OM-Hosting.com >> http://arrakeen-solutions.co.nz/ >> https://om-hosting.com - Cloud & Server Hosting for HTML5 >> Video-Conferencing OpenMeetings >> >> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >> >> >> On Mon, 1 Aug 2022 at 09:31, [email protected] <[email protected]> >> wrote: >> >>> I would like to add a ticket to investigate and look into adding 2 >>> factor authentication to OpenMeetings. As an optional feature, default >>> would be turned off. >>> >>> There are various libraries to achieve 2 factor auth. I would >>> probably prefer using the Google Authenticator as a method since it seems >>> the most widely adopted authenticator. >>> >>> In terms of turning it on/off I would add 2 flags: >>> - On a per server basis a flag to generally turn 2 factor auth on or off >>> - On a per individual account basis so you can turn 2 factor >>> auth on/off for an individual user >>> >>> This would not affect past installations. >>> This would not affect logging in via Soap/Rest. >>> >>> I think this would be a good feature to improve security. >>> >>> Let me know what you think, and I will add a ticket and look into adding >>> this over the next few weeks. >>> >>> Thanks >>> Seb >>> >>> Sebastian Wagner >>> Director Arrakeen Solutions, OM-Hosting.com >>> http://arrakeen-solutions.co.nz/ >>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>> Video-Conferencing OpenMeetings >>> >>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>> >>
