Is there a way to set up 2FA for logging into Payload?
A plugin would be great
Yes, PayloadCMS uses PasswordJS authentication strategies.
Though I haven't manage to get Google Authenticator app working yet. Need more time with that. If anybody has successfully implemented a Google Auth for MFA login and is willing to share the code, much appreciated. 🙏
that's something on my list of plugins to make
maybe I can hack something together early next week if nobody else gets to it before me
you would use the prelogin hooks and a few custom routes to setup 2FA with speakeasy
it's a tough one, I don't think an additional strategy is the ideal solution here but im still doing research
its not as simple as i thought initially 😅
maybe but in v3 we dont use passport anymore, its a self rolled solution
I second that - thanks
@858693520012476436any update on this? I am ready to move forward with Payload on a new project, but after reviewing the requirements, I see I need 2FA.
We rolled our own solution
@858693520012476436
any update?
So it has been done successfully ? Do you have any tip or code ?
I tried to implement this, but the problem is with the webpack. I literally spent a couple of hours troubleshooting the missing settings and once I did everything, the login page wouldn't load at all.
And there is still the question of where to pass the code from 2fa
I did it, tomorrow we're doing tests. If everything goes well, I'll publish somewhere how to do it.
Yes soon will sory about delay but I will can publish after project finish. It schould be this week
Recorded, must now edit
I made it, it's my first YouTube video so forgive me if it's not the best quality but I wanted to share it already and not edit it endlessly
https://www.youtube.com/watch?v=Tpqt_q7KWPQHmm
So since Payload uses passport, I wonder if the passport 2fa plugin could work
I'm not sure how the auth flow is
Otherwise, I could see a system where there is a property set on an auth collection that controls the 2fa auth state and token. You would need a hook for after Login and a custom access control role, but I think it would be possible.
could something like this work maybe?
https://www.passportjs.org/packages/passport-2fa-totp/Any update on this?
Great thank you sir 🎉
Star
Discord
online
Get dedicated engineering support directly from the Payload team.