How would we implement MFA on Filament admin panel using a confirmation code sent over email
Hey everyone,
One of my guys is trying to intercept the login flow on the panel with some middleware that will only allow login if the user enters a confirmation code that would get generated and sent over email at the point of attempting to log in.
Could somebody point me in the right direction of what steps would be required to complete this in 3.0 please?
He has tried tapping into the process before session start but this has proven to be cumbersome so I just wanted to see if there is an easy way to do this and we are maybe overthinking things as can often be the case when deadlines loom etc
We may have to resort to using the 2FA plugin to get this moving BUT I can't help but feel like we are missing some simple steps that may make this possible.
Any help would be greatly appreciated and welcome, thank you.
10 Replies
Filament
Breezy by Jeff Greco - Filament
The top Two Factor Authentication package for Filament with customizable and extendable My Profile page, self-service update password, avatar support, and Sanctum token management.
Yeah, this is our fallback if we absolutely need to but we just want to have a confirmation code from an email and not a full 2FA system with Authenticator app etc
Not sure if the plugin can be customized in this way but it could be a good starting point if you want to do a custom implementation
This will be what we look at tomorrow as we have already had several days of implementations ourselves to get to this point but we don’t want to use a whole package and then customise that if there is already an easier way to just intercept that you know?
would probably be better to just implement a custom Login flow, than to try to intercept Filament's
then you can just tell Filament to use your class instead of it's built in one
That was also an option but we didn’t want to reinvent the wheel. I just felt that there was something simple that we may have been missing. We decided to just ask here as a last resort before looking at using Breezy.
I just remembered this from a few years back, maybe it can still be useful:
https://github.com/LaravelDaily/Laravel-Two-Factor-Auth-Email
GitHub
GitHub - LaravelDaily/Laravel-Two-Factor-Auth-Email
Contribute to LaravelDaily/Laravel-Two-Factor-Auth-Email development by creating an account on GitHub.
We are finding that clients are asking for 2FA/MFA more and more now so I’m not sure if it’s part of a future development by Filament but would be nice to have that in a future release. Obviously nobody can expect these things but would be a nice add on.
I can't speak for the core team but I imagine that this is more in the domain of plugins... considering that there are many strategies and implementations.
You’re probably right tbh as email code is just one example I guess. I may have the guys produce their own for a future reusable set of auth screens. Won’t help us for this one but if nobody is able to help this evening, we will likely push on with Breezy. Thank you for all of your help so far guys. This community is great.