we already have BSD 3-clause: https://github.com/apache/openmeetings/blob/master/LICENSE#L2479 will need to add one line only :)
On Wed, 3 Aug 2022 at 12:25, seba.wag...@gmail.com <seba.wag...@gmail.com> wrote: > There seem to be a few options for Google using Java > E.g. https://github.com/wstrange/GoogleAuth > > I don't quite see in that lib how it generates the QR code for scanning > but there should be a way :) > > The BSD license would require us to add a copy left into our License file, > but in general it would be compatible imho. > > Thanks > Seb > > Sebastian Wagner > Director Arrakeen Solutions, OM-Hosting.com > http://arrakeen-solutions.co.nz/ > https://om-hosting.com - Cloud & Server Hosting for HTML5 > Video-Conferencing OpenMeetings > > <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> > <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> > > > On Wed, 3 Aug 2022 at 16:12, Maxim Solodovnik <solomax...@gmail.com> > wrote: > >> Hello Seb, >> >> Sorry for a late response, I'm on vacation :) >> >> I would >> +1 this feature :) >> >> The problems we'll need to solve >> - add 2fa mechanisms other than email (not sure if apps like "Google >> authenticator" has open source API :(, we can use telegram API ....) >> - we'll need to move this out of om_user db table (maybe with >> activation_hash and *reset-password-hash* >> >> Need to be investigated and carefully refactored :) >> >> from mobile (sorry for typos ;) >> >> >> On Wed, Aug 3, 2022, 10:15 seba.wag...@gmail.com <seba.wag...@gmail.com> >> wrote: >> >>> Not many pros or cons in this discussion. >>> >>> But I think it would be a good option to have available for users. As >>> well as a good feature to advertise for. Especially in order to use >>> OpenMeetings in a Gov/Education environment where compliance may require to >>> have 2 factor auth for applications in order for using it. >>> >>> So I assume I can create some tickets and get this on the way. >>> >>> Thanks >>> Seb >>> >>> >>> >>> Sebastian Wagner >>> Director Arrakeen Solutions, OM-Hosting.com >>> http://arrakeen-solutions.co.nz/ >>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>> Video-Conferencing OpenMeetings >>> >>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>> >>> >>> On Mon, 1 Aug 2022 at 09:31, seba.wag...@gmail.com < >>> seba.wag...@gmail.com> wrote: >>> >>>> I would like to add a ticket to investigate and look into adding 2 >>>> factor authentication to OpenMeetings. As an optional feature, default >>>> would be turned off. >>>> >>>> There are various libraries to achieve 2 factor auth. I would >>>> probably prefer using the Google Authenticator as a method since it seems >>>> the most widely adopted authenticator. >>>> >>>> In terms of turning it on/off I would add 2 flags: >>>> - On a per server basis a flag to generally turn 2 factor auth on or >>>> off >>>> - On a per individual account basis so you can turn 2 factor >>>> auth on/off for an individual user >>>> >>>> This would not affect past installations. >>>> This would not affect logging in via Soap/Rest. >>>> >>>> I think this would be a good feature to improve security. >>>> >>>> Let me know what you think, and I will add a ticket and look into >>>> adding this over the next few weeks. >>>> >>>> Thanks >>>> Seb >>>> >>>> Sebastian Wagner >>>> Director Arrakeen Solutions, OM-Hosting.com >>>> http://arrakeen-solutions.co.nz/ >>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>> Video-Conferencing OpenMeetings >>>> >>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>> >>> -- Best regards, Maxim
