https://issues.apache.org/jira/browse/OPENMEETINGS-2755

will try to implement it :)

On Wed, 3 Aug 2022 at 13:45, Ali Alhaidary <ali.alhaid...@the5stars.org>
wrote:

> +1
>
> Yes, why not...
>
> Ali
> On 8/3/22 8:34 AM, Maxim Solodovnik wrote:
>
> we already have BSD 3-clause:
> https://github.com/apache/openmeetings/blob/master/LICENSE#L2479
> will need to add one line only :)
>
> On Wed, 3 Aug 2022 at 12:25, seba.wag...@gmail.com <seba.wag...@gmail.com>
> wrote:
>
>> There seem to be a few options for Google using Java
>> E.g. https://github.com/wstrange/GoogleAuth
>>
>> I don't quite see in that lib how it generates the QR code for scanning
>> but there should be a way :)
>>
>> The BSD license would require us to add a copy left into our License
>> file, but in general it would be compatible imho.
>>
>> Thanks
>> Seb
>>
>> Sebastian Wagner
>> Director Arrakeen Solutions, OM-Hosting.com
>> http://arrakeen-solutions.co.nz/
>> https://om-hosting.com - Cloud & Server Hosting for HTML5
>> Video-Conferencing OpenMeetings
>>
>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>>
>>
>> On Wed, 3 Aug 2022 at 16:12, Maxim Solodovnik <solomax...@gmail.com>
>> wrote:
>>
>>> Hello Seb,
>>>
>>> Sorry for a late response, I'm on vacation :)
>>>
>>> I would
>>> +1 this feature :)
>>>
>>> The problems we'll need to solve
>>> - add 2fa mechanisms other than email (not sure if apps like "Google
>>> authenticator" has open source API :(, we can use telegram API ....)
>>> - we'll need to move this out of om_user db table (maybe with
>>> activation_hash and *reset-password-hash*
>>>
>>> Need to be investigated and carefully refactored :)
>>>
>>> from mobile (sorry for typos ;)
>>>
>>>
>>> On Wed, Aug 3, 2022, 10:15 seba.wag...@gmail.com <seba.wag...@gmail.com>
>>> wrote:
>>>
>>>> Not many pros or cons in this discussion.
>>>>
>>>> But I think it would be a good option to have available for users. As
>>>> well as a good feature to advertise for. Especially in order to use
>>>> OpenMeetings in a Gov/Education environment where compliance may require to
>>>> have 2 factor auth for applications in order for using it.
>>>>
>>>> So I assume I can create some tickets and get this on the way.
>>>>
>>>> Thanks
>>>> Seb
>>>>
>>>>
>>>>
>>>> Sebastian Wagner
>>>> Director Arrakeen Solutions, OM-Hosting.com
>>>> http://arrakeen-solutions.co.nz/
>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5
>>>> Video-Conferencing OpenMeetings
>>>>
>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>>>>
>>>>
>>>> On Mon, 1 Aug 2022 at 09:31, seba.wag...@gmail.com <
>>>> seba.wag...@gmail.com> wrote:
>>>>
>>>>> I would like to add a ticket to investigate and look into adding 2
>>>>> factor authentication to OpenMeetings. As an optional feature, default
>>>>> would be turned off.
>>>>>
>>>>> There are various libraries to achieve 2 factor auth. I would
>>>>> probably prefer using the Google Authenticator as a method since it seems
>>>>> the most widely adopted authenticator.
>>>>>
>>>>> In terms of turning it on/off I would add 2 flags:
>>>>>  - On a per server basis a flag to generally turn 2 factor auth on or
>>>>> off
>>>>>  - On a per individual account basis so you can turn 2 factor
>>>>> auth on/off for an individual user
>>>>>
>>>>> This would not affect past installations.
>>>>> This would not affect logging in via Soap/Rest.
>>>>>
>>>>> I think this would be a good feature to improve security.
>>>>>
>>>>> Let me know what you think, and I will add a ticket and look into
>>>>> adding this over the next few weeks.
>>>>>
>>>>> Thanks
>>>>> Seb
>>>>>
>>>>> Sebastian Wagner
>>>>> Director Arrakeen Solutions, OM-Hosting.com
>>>>> http://arrakeen-solutions.co.nz/
>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5
>>>>> Video-Conferencing OpenMeetings
>>>>>
>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>>>>>
>>>>
>
> --
> Best regards,
> Maxim
>
>

-- 
Best regards,
Maxim

Reply via email to