Hello,
I am using Opencart v3.0.2.0, without any particular extension. I made some modifications myself on some functions, but I did not touch anything concerning the files which manage the login process, I have difficulty understanding how it works.
I don't have the level to make a modification on a point as sensitive as the login process of Opencart, so rather than risk creating a loophole, what better than to ask for help directly from the community which has gave life to this project?
What I want is that in addition to entering their email and password to login, customers have to prove their identities with PGP, if and only if a public PGP key is present in their profiles (I added a custom field that they are free to complete or not in the account / edit page).
assumption: 2-FA in two steps, email + password, then must decrypt a PGP message
Client enters his email and password -> If no public PGP key added in his profile (or corrupted key, or it is not a PGP key), client is connected. Otherwise, if client has a public PGP key, a token is generated, encrypted with its public key -> Client must decrypt the message and paste the token in a field -> If the token entered is valid, client is connected, otherwise error and return on the login page.
I have already done some research and I thought to integrate this script to generate the token, encrypt it, and compare it to the client's entry: https://github.com/hardest1/pgp-2fa
Where I encounter a problem is that I do not know where to integrate it in the login function (normal, I do not understand anything about its operation ^^⁾, and also, I have to modify the login.twig file to show the text field that will contain the encrypted message, and the text field in which the client will enter the token after decryption (either a new page is loaded to display these two fields, or with a kind of window that unfolds, like on the checkout page, with the flaps that unfold as you advance in the ordering process).
I have done a lot of research and I have not found anyone who has already done this on Opencart, I hope your help can solve this problem. I will gladly give a tip to the one or those who will make me this modification;)
I hope to have been as clear as possible in what I want to do, I look forward to your answers!
Thank you in advance.
Have you checked this one? https://www.opencart.com/index.php?rout ... MarketInSG
or this: https://www.opencart.com/index.php?rout ... n_id=32882
Or maybe this one: https://medium.com/code-master/how-to-c ... b5a211d034
or this: https://www.opencart.com/index.php?rout ... n_id=32882
Or maybe this one: https://medium.com/code-master/how-to-c ... b5a211d034
Custom OpenCart modules and solutions. You can write PM with additional questions... Extensions you can find here
Thank you but I need PGP authentication, no sms or other. For customer only, not admin panel.kestas wrote: ↑Fri Feb 05, 2021 3:18 amHave you checked this one? https://www.opencart.com/index.php?rout ... MarketInSG
or this: https://www.opencart.com/index.php?rout ... n_id=32882
Or maybe this one: https://medium.com/code-master/how-to-c ... b5a211d034
Who is online
Users browsing this forum: No registered users and 40 guests