Forked from markadrake/EnforceTwoFactorAuthentication.js
Last active
December 29, 2025 11:14
-
-
Save Rockerby/3dce3a47c8657a7fa4a7fbcb7bd73190 to your computer and use it in GitHub Desktop.
Force Users to Enable Two-Factor Authentication in Umbraco 13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (() => { | |
| angular.module("umbraco").run(["authResource", "twoFactorLoginResource", "editorService", "notificationsService", "eventsService", "overlayService", async (authResource, twoFactorLoginResource, editorService, notificationsService, eventsService, overlayService) => { | |
| const state = {}; | |
| const init = async (firstInit) => { | |
| "app.ready" | |
| state.currentUser = await authResource.getCurrentUser(); | |
| state.twoFactorAuthProviders = await twoFactorLoginResource.get2FAProvidersForUser(state.currentUser.id); | |
| if(firstInit && !twoFactorIsEnabled()) { | |
| configureTwoFactor(); | |
| } | |
| }; | |
| const twoFactorIsEnabled = () => { | |
| return !!state.twoFactorAuthProviders.find(provider => provider.isEnabledOnUser); | |
| }; | |
| const configureTwoFactor = () => { | |
| // Have an overlay to give a short explanation as to what the user is seeing and why | |
| var options = { | |
| title: 'Configure Two-Factor Auth', | |
| content: 'You are required to have MFA enabled on your account. Please close this dialog and follow the prompts to enable MFA.', | |
| disableBackdropClick: true, | |
| disableEscKey: true, | |
| closeButtonLabel: 'Close', | |
| hideSubmitButton: true, | |
| view: 'views/common/overlays/confirm/confirm.html', | |
| submit: function () { | |
| overlayService.close(); | |
| } | |
| }; | |
| overlayService.open(options); | |
| editorService.open({ | |
| create: true, | |
| user: state.currentUser, | |
| isCurrentUser: true, | |
| size: "small", | |
| view: "views/common/infiniteeditors/twofactor/configuretwofactor.html", | |
| close: async () => { | |
| await init(); | |
| if(twoFactorIsEnabled()) { | |
| notificationsService.success("Two-Factor Auth", "You have successfully configured two-factor authentication."); | |
| editorService.close(); | |
| } else { | |
| notificationsService.error("Two-Factor Auth", "You must configure two-factor authentication before continuing."); | |
| } | |
| } | |
| }); | |
| }; | |
| eventsService.on("app.ready", (name, args) => { | |
| init(true); | |
| }); | |
| }]); | |
| })(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "javascript": [ | |
| "~/App_Plugins/path/to/EnforceTwoFactorAuthentication.js" | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I've implemented 2fa encforcement in v17 🎉
Here is the gist document: https://gist.github.com/SSPLGautam/f2f9fafea5240e199ddf6f2ff938ae34
I've left a todo here for the notification service because the notification gets opened behind the mfa modal.