Homepage:

https://github.com/nswdpc/silverstripe-authentication-boilerplate.git

Packagist:

https://packagist.org/packages/nswdpc/silverstripe-authentication-boilerplate

Repository:

https://github.com/nswdpc/silverstripe-authentication-boilerplate

Authors:

Readme

Silverstripe Authentication Boilerplate

This module provides a standard set of rules for defining access to Silverstripe sites:

password validation configuration per NIST standards
password handling and management
password checking via pwnedpasswords API
multi-factor authentication setup (MFA)
security extensions
security reports
pending profiles

This module is under active development and should not be considered production-ready just yet

We welcome testing and feedback via the Github issue tracker

Requirements

silverstripe/totp-authenticator - for MFA via a Time-based One-time Password
nswdpc/silverstripe-pwnage-hinter - provides pwned password/breached account assistance
silverstripe/security-extensions - provides features including sudo mode, password change on next sign in
silverstripe/securityreport - "Users, Groups and Permissions" report in the administration area for Administrators
spomky-labs/otphp - TOTP base library

See composer.json for details

Configuration

See _config/config.yml

Note that this module provides the ability to configure the MFA secret key via per-project YAML rather than in .env

More: Multi Factor Authentication

Good-to-know

Password validator

If you are setting a PasswordValidator in project configuration like so:

$validator = \SilverStripe\Security\PasswordValidator::create();
\SilverStripe\Security\Member::set_password_validator($validator);

This will replace the password validator provided in this module.

License

BSD-3-Clause

Documentation

Documentation

Maintainers

[email protected]:~$

Bugtracker

We welcome bug reports, pull requests and feature requests on the Github Issue tracker for this project.

Please review the code of conduct prior to opening a new issue.

Development and contribution

If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.

Please review the code of conduct prior to completing a pull request.

Module rating breakdown

47/100

Module rating system helping users find modules that are well supported. For more on how the rating system works visit Module standards

Score not correct? Let us know there is a problem

Readme

FOSS License

Structured correctly

Contributing file

Git attributes file

Editor config file

Good code coverage (>40%)

Great code coverage (>75%)

Documentation

CI builds passing

Scrutinizer >6.5

PSR-2 standards

phpunit/phpunit: ^9.5
friendsofphp/php-cs-fixer: ^3

v0.3.1-rc1

Install

Requires

v0.3.0

Install

Requires

Requires (Development)

phpunit/phpunit: ^9.5
friendsofphp/php-cs-fixer: ^3

silverstripe/totp-authenticator: ^4
nswdpc/silverstripe-pwnage-hinter: dev-master
silverstripe/security-extensions: ^4
silverstripe/securityreport: ^2.2
spomky-labs/otphp: ^9.1

v0.1

Install

Requires

silverstripe/totp-authenticator: ^4
nswdpc/silverstripe-pwnage-hinter: dev-master
silverstripe/security-extensions: ^4
silverstripe/securityreport: ^2.2
spomky-labs/otphp: ^9.1

dev-feat-passwordvalidator

Install

Requires

dev-improve-pendingprofiles

Install

Requires

dev-feat-profile-extension

Install

Requires

dev-ss410

Install

Requires

Requires (Development)

phpunit/phpunit: ^9.5
friendsofphp/php-cs-fixer: ^3

dev-v0-2

Install

Requires

dev-updates

Install

Requires

Requires (Development)

phpunit/phpunit: ^9.5
friendsofphp/php-cs-fixer: ^3

dev-master

Install

Requires

silverstripe/totp-authenticator: ^4
nswdpc/silverstripe-pwnage-hinter: dev-master
silverstripe/security-extensions: ^4
silverstripe/securityreport: ^2.2
spomky-labs/otphp: ^9.1

dev-feat-approval-improvements

Install

Requires

silverstripe/totp-authenticator: ^4
nswdpc/silverstripe-pwnage-hinter: dev-master
silverstripe/security-extensions: ^4
silverstripe/securityreport: ^2.2
spomky-labs/otphp: ^9.1

dev-feat-improve-pending

Install

Requires

dev-feat-emails

Install

Requires

dev-feat-notifications

Install

Requires

dev-feat-resetaccountextension

Install

Requires

dev-feat-uatfeedback

Install

Requires

silverstripe/totp-authenticator: ^4
nswdpc/silverstripe-pwnage-hinter: dev-master
silverstripe/security-extensions: ^4
silverstripe/securityreport: ^2.2
spomky-labs/otphp: ^9.1

dev-feat-include-namespace

Install

Requires

dev-feat-email-change-notify

Install

Requires

Requires (Development)

phpunit/phpunit: ^9.5
friendsofphp/php-cs-fixer: ^3

nswdpc / silverstripe-authentication-boilerplate

Readme

Silverstripe Authentication Boilerplate

Requirements

Configuration

Good-to-know

Password validator

License

Documentation

Maintainers

Bugtracker

Development and contribution

Module rating breakdown

Versions

Requires

Requires (Development)

Requires

Requires (Development)

Requires

Requires (Development)

Requires

Requires

Requires (Development)

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires (Development)

Requires

Requires

Requires (Development)

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires

Requires (Development)