Add docs for MFA

Infisical · Feb 21, 2023 · 7cb6aee · 7cb6aee
1 parent 469d042
commit 7cb6aee
Show file tree

Hide file tree

Showing 6 changed files with 38 additions and 5 deletions.
diff --git a/backend/src/controllers/v2/usersController.ts b/backend/src/controllers/v2/usersController.ts
@@ -68,6 +68,15 @@ export const updateMyMfaEnabled = async (req: Request, res: Response) => {
     try {
         const { isMfaEnabled }: { isMfaEnabled: boolean } = req.body;
         req.user.isMfaEnabled = isMfaEnabled;
+
+        if (isMfaEnabled) { 
+            // TODO: adapt this route/controller 
+            // to work for different forms of MFA
+            req.user.mfaMethods = ['email'];
+        } else {
+            req.user.mfaMethods = [];
+        }
+
         await req.user.save();
 
         user = req.user;

diff --git a/backend/src/models/user.ts b/backend/src/models/user.ts
@@ -17,7 +17,8 @@ export interface IUser {
 	verifier?: string;
 	refreshVersion?: number;
 	isMfaEnabled: boolean;
-	seenIps: [string];
+	mfaMethods: boolean;
+	seenIps: [string]; // TODO 1: email for unseen IPs, TODO 2: move to a central alerting system
 }
 
 const userSchema = new Schema<IUser>(
@@ -82,8 +83,14 @@ const userSchema = new Schema<IUser>(
 			type: Boolean,
 			default: false
 		},
-		seenIps: [String]
-	},
+		mfaMethods: [{
+			type: String
+		}],
+		seenIps: {
+			type: [String],
+			default: []
+		}
+	}, 
 	{
 		timestamps: true
 	}

diff --git a/docs/getting-started/dashboard/integrations.mdx b/docs/getting-started/dashboard/integrations.mdx
@@ -5,8 +5,6 @@ description: "How to sync your secrets among various 3rd-party services with Inf
 
 Integrations allow environment variables to be synced across your entire infrastructure from local development to CI/CD and production.
 
-We're still relatively early with integrations. 6+ integrations are already avaiable but expect more coming very soon.
-
 <Card title="View integrations" icon="link" href="/integrations/overview">
   View all available integrations and their guides
 </Card>

diff --git a/docs/getting-started/dashboard/mfa.mdx b/docs/getting-started/dashboard/mfa.mdx
@@ -0,0 +1,18 @@
+---
+title: "MFA"
+description: "Secure your Infisical account with MFA"
+---
+
+MFA requires users to provide multiple forms of identification to access their account. Currently, this means logging in with your password and a 6-digit code sent to your email.
+
+## Email 2FA
+
+Check the box in Personal Settings > Two-factor Authentication to enable email-based 2FA.
+
+![Email-based MFA](../../images/mfa-email.png)
+
+<Note>
+  Infisical currently supports email-based 2FA. We're actively working on
+  building support for other forms of identification via SMS and Authenticator
+  App.
+</Note>
diff --git a/docs/images/mfa-email.png b/docs/images/mfa-email.png
diff --git a/docs/mint.json b/docs/mint.json
@@ -98,6 +98,7 @@
         "getting-started/dashboard/pit-recovery",
         "getting-started/dashboard/secret-versioning",
         "getting-started/dashboard/audit-logs",
+        "getting-started/dashboard/mfa",
         "getting-started/dashboard/token"
       ]
     },