Bubka/2FAuth v5.3.0

on GitHub

Added

• The /up endpoint for health checks (#271).
• A user preference to close the on-screen OTP after a predefined delay
• A user preference to automatically register a 2FA account immediately after a QR code scan. When enabled, there is no need to click the Save button anymore to save the account to the database.
• An admin setting to make SSO the only authentication method available (does not apply to admins). (#368).
• The ability to assign a 2FA account to a specific group directly from the advanced form (#372).
• A new Auth tab in the admin panel to gather settings related to authentication
• Proxy support for the OpenID connector (using PROXY_FOR_OUTGOING_REQUESTS), thanks to @rstefko (PR #367)

New env vars

A lot of new environment variables are available thanks to the Laravel 11 upgrade. They give more control over various features of the application:

• ARGON_THREADS: Number of threads that Argon2 will use to compute a hash.
• ARGON_TIME: Maximum amount of time it may take to compute an Argon2 hash.
• ARGON_MEMORY: Maximum memory (in kibibytes) that may be used to compute an Argon2 hash.
• DB_CHARSET: The character set of the database.
• DB_COLLATION: The collation of the database.
• HASH_DRIVER: The hash algorithm used to hash user passwords.
• LOG_STACK: The stack of log channels used when the log channel is set to stack.
• LOG_DAILY_DAYS: Number of log files to generate/rotate when using the daily log channel.
• LOG_SLACK_USERNAME: The name of the user sending the log messages when using the slack log channel.
• LOG_SLACK_EMOJI: The Emoji code of the emoji used to illustrate log messages when using the slack log channel.
• LOG_SYSLOG_FACILITY: The syslog facility that provides a rough clue of where in a system the message originated.
• SESSION_TABLE: Name of the table to be used to store sessions when using the database session driver.
• SESSION_ENCRYPT: Whether or not session data are encrypted before it is stored.

Please refer to the Configuration doc to find out when and how to use them.

Changed

• The Service data field is now encrypted in the database (#365).
• Upgrade to Laravel 11

Fixed

• issue #347 Sort with ignore case
• issue #349 "Show QR Code" feature returns wrong QR code
• issue #360 Can’t import QR Codes from Confluence 2FA
• issue #362 Cannot use SSO if app runs in subdirectory

API [1.5.0]

• New group_id property for POST and PUT operations of the /api/v1/twofaccounts path