Author Topic: Two Factor Authorization Mod  (Read 40214 times)

0 Members and 2 Guests are viewing this topic.

Offline
****
Two Factor Authorization Mod
« on: February 06, 2020, 12:48:12 AM »
I have built a Two Factor Authorization Module for CWP.  I have tested it, but please consider this is BETA.   All Issues should be reported to me on this post.

Pre-Requisites.
You need an API key created with ACCOUNT-> list created
After installation, make sure you change User Account -> Themes to the modified theme, and don't allow them to change

Please not that this system works around the CWP login system, and therefore is not infallible, though I did my best to hide that it's there.

TO install:
From root user via ssh:
wget https://schaffner.org/cwp2fa.tar.gz
tar -xzf cwp2fa.tar.gz
cd cwp_2fa/
./install.sh
When prompted, put in your API key
That's it. 

Now log into CWP and you should see a new menu 2Factor Auth directly under Server Settings Menu


Users Menu Appears under CWP Settings
« Last Edit: February 06, 2020, 12:53:03 AM by rcschaff »
Google Hangouts:  rcschaff82@gmail.com

Offline
***
Re: Two Factor Authorization Mod
« Reply #1 on: February 06, 2020, 02:23:40 PM »
Zip File is corrupt. Kindly check again

Offline
****
Re: Two Factor Authorization Mod
« Reply #2 on: February 06, 2020, 06:20:21 PM »
Not a zip.  It's a tar gzipped
Google Hangouts:  rcschaff82@gmail.com

Offline
****
Re: Two Factor Authorization Mod
« Reply #3 on: February 06, 2020, 08:15:11 PM »
Fixed now.  Not sure why it corrupted.
Google Hangouts:  rcschaff82@gmail.com

Offline
****
Re: Two Factor Authorization Mod
« Reply #4 on: February 06, 2020, 10:51:04 PM »
Here are the checksums for the file cwp2fa.tar.gz
MD5:  a3b85cbb5f67022da228de61224560fc
sha1:  65d80e3cd034d54ef0cf144ae236a42b84468366
sha256:  edb57a36d2df601e1ef4d02020d7c11a1e74109b7d3a895fee53808e510a57e1 
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #5 on: February 20, 2020, 03:59:08 PM »
Works great!

Only I bumped into 2 things
-1 Couldn't copy
/usr/local/cwpsrv/htdocs/admin/design/ was read-only due to an SE-linux setting, maybe check it? (ls -Z)

-2 Local time on the server was off with 2 minutes, so every login failed.
Solved it with installing ntpd
So maybe do a check if ntpdate is installed?

Offline
****
Re: Two Factor Authorization Mod
« Reply #6 on: February 21, 2020, 04:23:12 AM »
md5sum 2b158a964d064639df93697c9aee0b42
sha1sum 5a3cb827e7cc8e9ff7b6892b88c5cb333820af19
sha256sum af36c7e02c5de41d911477fdecdc806d43db8c59e94432488335bc013d4f5e6e

The only update I made was to check for ntp, and install it if it's not installed.

If you have selinux installed, then you must know what you are doing, as CWP disables it by default.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #7 on: February 21, 2020, 04:24:35 AM »
i am gertting this error in cwp admin

Warning: require_once(design/googleAuthenticator.php): failed to open stream: No such file or directory in /usr/local/cwpsrv/htdocs/resources/admin/modules/cwp2fa.php on line 106

Fatal error: require_once(): Failed opening required 'design/googleAuthenticator.php' (include_path='.:/usr/local/cwp/php71/lib/php') in /usr/local/cwpsrv/htdocs/resources/admin/modules/cwp2fa.php on line 106

when trying to create a key

it has stopped me from loggin into my user control panel. also the file manager only loads this /home/google
phpqrcode  not my site files

i reinstalled it to try that now i have 2 entries in the left menu. sorry to be a pain

any help would be great as i really want the use of this mod
« Last Edit: February 21, 2020, 04:58:05 AM by annettek »

Offline
****
Re: Two Factor Authorization Mod
« Reply #8 on: February 21, 2020, 05:31:38 AM »
make sure you are on the root account
go to where you untarred cwp_2fa

try these
cp -v admin/googleAuthenticator.php /usr/local/cwpsrv/htdocs/admin/design/
cp -v admin/showQRCode.php /usr/local/cwpsrv/htdocs/admin/design/

If you cannot copy them, try chattr -i /usr/local/cwpsrv/htdocs/admin/design and see if they will copy.   It's also possible you have selinux activated.
If it is, you can do
setenforce 0
copy the files
then
setenforce 1
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #9 on: February 21, 2020, 06:03:03 AM »
se linux disabled

setenforce: SELinux is disabled

the files are in the correct dir

still same error

/usr/local/cwpsrv/htdocs/admin/design

googleAuthenticator.php
showQRCode.php

Offline
****
Re: Two Factor Authorization Mod
« Reply #10 on: February 21, 2020, 06:17:33 AM »
Install script has been updated.

Redownload, and rerun the install.

md5sum 8f0f50679d5a37fd49610227b840db60
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #11 on: February 21, 2020, 06:44:29 AM »
workd nowe how do i remove the 2 extra entries in left menu i have  now lol.

thanks

so much appericated for this.

Offline
****
Re: Two Factor Authorization Mod
« Reply #12 on: February 21, 2020, 06:49:31 AM »
Edit

/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php

remove the extra lines ;)

It starts with <noscript>  20 lines or so, end with </script>
« Last Edit: February 21, 2020, 06:54:17 AM by rcschaff »
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #13 on: February 21, 2020, 07:07:57 AM »
ok one last part

/home/google
phpqrcode

the file manager is user control panel loads these dir not the user files home/public_html ect

thanks for the support awsome many many thanks
« Last Edit: February 21, 2020, 07:24:37 AM by annettek »

Offline
****
Re: Two Factor Authorization Mod
« Reply #14 on: February 21, 2020, 07:31:28 AM »
Correct.  The login user uses /home/google
Google Hangouts:  rcschaff82@gmail.com