"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."
Get the resources you need to start building today
Microsoft chose Payload to tell the world about AI.
2FA
Is there a way to set up 2FA for logging into Payload?
Yes, PayloadCMS uses PasswordJS authentication strategies.
https://payloadcms.com/docs/authentication/config#strategiesThough I haven't manage to get Google Authenticator app working yet. Need more time with that. If anybody has successfully implemented a Google Auth for MFA login and is willing to share the code, much appreciated. 🙏
that's something on my list of plugins to make
maybe I can hack something together early next week if nobody else gets to it before me
you would use the prelogin hooks and a few custom routes to setup 2FA with speakeasy
A plugin would be great
I second that - thanks
@858693520012476436it's a tough one, I don't think an additional strategy is the ideal solution here but im still doing research
its not as simple as i thought initially 😅
any update on this? I am ready to move forward with Payload on a new project, but after reviewing the requirements, I see I need 2FA.
@923397761045512202
@858693520012476436any update?
We rolled our own solution
So it has been done successfully ? Do you have any tip or code ?
Hmm
So since Payload uses passport, I wonder if the passport 2fa plugin could work
I'm not sure how the auth flow is
Otherwise, I could see a system where there is a property set on an auth collection that controls the 2fa auth state and token. You would need a hook for after Login and a custom access control role, but I think it would be possible.
@858693520012476436could something like this work maybe?
https://www.passportjs.org/packages/passport-2fa-totp/maybe but in v3 we dont use passport anymore, its a self rolled solution
I tried to implement this, but the problem is with the webpack. I literally spent a couple of hours troubleshooting the missing settings and once I did everything, the login page wouldn't load at all.
And there is still the question of where to pass the code from 2fa
I did it, tomorrow we're doing tests. If everything goes well, I'll publish somewhere how to do it.
Any update on this?
Yes soon will sory about delay but I will can publish after project finish. It schould be this week
Great thank you sir 🎉
Recorded, must now edit
I made it, it's my first YouTube video so forgive me if it's not the best quality but I wanted to share it already and not edit it endlessly
https://www.youtube.com/watch?v=Tpqt_q7KWPQ
Star
Discord
online
Get dedicated engineering support directly from the Payload team.