Tfa class

Tfa - ProcessWire Two Factor Authentication module base class

This class is for “Tfa” modules to extend. See the TfaEmail and TfaTotp modules as examples.

USAGE

$tfa = new Tfa();

if($tfa->success()) {
$session->redirect('after/login/url/');

} else if($tfa->active()) {
echo $tfa->render();

} else if($input->post('submit_login')) {
$name = $input->post('name');
$pass = $input->post('pass');
$tfa->start($name, $pass);

the start() method performs a redirect if TFA is active for the user
place your regular code to login user here, which will be used if TFA is not active for the user

} else {
render login form
}

SETTINGS

TEXT LABELS

HOOKABLE METHODS


There are 2 Tfa types in the core, plus many more Tfa modules in our directory.

Click any linked item for full usage details and examples. Hookable methods are indicated with the icon. In addition to those shown below, the Tfa class also inherits all the methods and properties of: WireData and Wire.

Show class?     Show args?       Only hookable?    

Common

NameReturnSummary 
Tfa::active()
boolReturns true if a TFA process is currently active 
Tfa::autoEnableSupported()
boolDoes this TFA module support automatic enable? 
Tfa::autoEnableUser(User $user)
NoneAuto-enable this TFA module for given $user 
Tfa::buildAuthCodeForm()
InputfieldFormBuild the form used for two-factor authentication
Tfa::getModule()
Tfa nullGet the TFA module for given user or current session 
Tfa::getModuleConfigInputfields(InputfieldWrapper $inputfields)
NoneModule configuration 
Tfa::getTfaTypeName()
stringGet translated Tfa type name (short name) 
Tfa::getTfaTypeSummary()
stringGet translated Tfa type summary 
Tfa::getTfaTypeTitle()
stringGet translated Tfa type title (longer name) 
Tfa::getUser()
UserGet current user for TFA 
Tfa::getUserEnabledInputfields(User $user, InputfieldWrapper $fieldset, array $settings)
NoneGet fields for when user already has TFA enabled
Tfa::getUserSettings(User $user)
arrayGet TFA data for given user from user_tfa field 
Tfa::getUserSettingsInputfields(User $user, InputfieldWrapper $fieldset, array $settings)
NoneGet fields needed for a user to configure and confirm TFA from their user profile
Tfa::hookAfterInputfieldFormProcess(HookEvent $event)
NoneHook after InputfieldForm::processInput() 
Tfa::hookBeforeInputfieldFormProcess(HookEvent $event)
NoneHook before InputfieldForm::processInput() 
Tfa::hookInputfieldFormRender(HookEvent $event)
NoneHook before InputfieldForm::render() 
Tfa::init()
NoneModule init 
Tfa::install()
NoneModule module and other assets required to execute it
Tfa::isValidUserCode(User $user, $code, array $settings)
bool intReturn true if code is valid or false if not 
Tfa::process()
User boolProcess two-factor authentication code input
Tfa::processUserEnabledInputfields(User $user, InputfieldWrapper $fieldset, array $settings, array $settingsPrev)
arrayCalled when the user config fieldset has been processed (for enabled user) but before $settings have been saved
Tfa::processUserSettingsInputfields(User $user, InputfieldWrapper $fieldset, array $settings, array $settingsPrev)
arrayCalled when the user config fieldset has been processed but before $settings have been saved
Tfa::render()
stringRender the code input form
Tfa::saveUserSettings(User $user, array $settings)
boolSave TFA data for given user to user_tfa field 
Tfa::start(string $name, string $pass)
boolStart 2-factor authentication
Tfa::startUser(User $user, array $settings)
boolStart two-factor authentication for User 
Tfa::success()
boolReturns true when TFA has successfully completed and user is now logged in 
Tfa::uninstall()
NoneUninstall
Tfa::wired()
NoneCalled when assigned to ProcessWire instance 

Properties

NameReturnSummaryDefault
Tfa::autoRoleIDs array Role IDs to enforce $autoType or blank for all roles, applies only if $autoType set []
Tfa::autoType string Automatic/force TFA type (module name) to use when user doesn’t already have TFA enabled ''
Tfa::cancelLabel string Label to use for Cancel link 'Cancel', translatable
Tfa::cancelMarkup string Markup to use for the cancel link that appears under auth code form, must have {url} and {label} placeholders. 
Tfa::codeExpire int Codes expire after this many seconds 180
Tfa::codeLength int Required length for authentication code 6
Tfa::codeType int Type of TFA code to use, see codeType constants 0, which is Tfa::codeTypeDigits
Tfa::configureLabel string Indicates that TFA needs to be configured 
Tfa::enabledDescLabel string Describes enabled TFA and how to change settings 
Tfa::enabledLabel string Indicates TFA enabled 
Tfa::expiredCodeLabel string Expired code error 
Tfa::fieldTfaTypeDescLabel string Description of 2-factor auth type 
Tfa::fieldTfaTypeLabel string Select 2-factor auth type 
Tfa::formAttrs array Form <form> element attributes 
Tfa::inputAttrs array Code <input> element attributes 
Tfa::inputLabel string Label for code <input> element 
Tfa::invalidCodeLabel string Invalid code error 
Tfa::maxAttemptsLabel string Max attempts error  
Tfa::rememberClearLabel string Clear remembered browsers 
Tfa::rememberClearedLabel string Message after remembered browsers cleared 
Tfa::rememberDays int Number of days to "remember this browser", 0 to disable option, or -1 for no limit? 0
Tfa::rememberFingerprints array Fingerprints to remember: agent,agentVL,accept,scheme,host,ip,fwip agentVL,accept,scheme,host
Tfa::rememberLabel string Label for "remember this browser" option  
Tfa::rememberSkipLabel string Indicates that code entry was skipped because browser is remembered 
Tfa::rememberSuccessLabel string Indicates that browser has been saved/remembered for n days. 
Tfa::sendCodeErrorLabel string Error creating or sending code 
Tfa::showCancel bool Show a cancel link under authentication code form? true
Tfa::startUrl string URL we are operating from './'
Tfa::submitAttrs array Submit button attributes 
Tfa::submitLabel string Label for submit button 
Tfa::timeLimitLabel string Time limit reached error 

Additional methods and properties

In addition to the methods and properties above, Tfa also inherits the methods and properties of these classes:

Core Tfa types

See also: Tfa modules in the modules directory

API reference based on ProcessWire core version 3.0.251