Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide login hook, phpcs linting #34

Merged
merged 1 commit into from
Aug 8, 2023
Merged

Provide login hook, phpcs linting #34

merged 1 commit into from
Aug 8, 2023

Conversation

jules0x
Copy link
Contributor

@jules0x jules0x commented Sep 10, 2021

When using MFA along with this module, SAML users were not able to modify their MFA without first entering a CMS password.
As a SAML user, this is unknown/not set, so we added an extension to use this hook and call the getSudoModeService() function on SudoModeController (part of silverstripe/security-extensions module).

@madmatt
Copy link
Member

madmatt commented Sep 6, 2022

Sorry for the massive delay! This looks good to me, and it doesn't change anything beyond adding a hook in so is API neutral.

@jules0x Do you reckon you could add some docs to describe your use case? It may not be too common to require MFA as well as SAML (typically MFA should be implemented at the IdP end, not on the SP website - as it's part of the authentication process). In any case, it would be good to know what you did so others can replicate it if they see a security benefit in doing so.

If you don't have time, let me know and I can merge this and look into it later myself.

@wilr wilr merged commit 6b51fb5 into silverstripe:main Aug 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jules0x @madmatt @wilr