lmr/duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

Installs: 51

Dependents: 0

Suggesters: 0

Stars: 0

Watchers: 1

Forks: 1

Open Issues: 0

Type: roundcube-plugin

v1.0.5 2018-06-11 20:28 UTC

README

This is a Roundcube webmail plugin that enables Duo Security Two Factor Authentication.

image

It creates an additional page after successful username/password authentication that requires a 2nd Factor of Authentication using Duo Security (push, sms, call, hardware token code).

INSTALLATION

Install using Composer (https://getcomposer.org) from the root directory of your roundcube installation:

Run $ composer require lmr/duo_auth

CONFIGURATION

Copy config.inc.php.dist to config.inc.php and modify as necessary. Enter all keys necessary for integration with Duo in the config.inc.php file. Assuming a Duo integration has already been created in Duo's Admin Panel, you will be able to find all the information requested in the config.inc.php there.

CREDITS

Author: Alexios Polychronopoulos - Wrote duo_auth for Roundcube.

Author: Leonardo Mariño-Ramírez - Updated the plugin for compatibility with Roundcube 1.3.0.

Author: Johnson Chow - Added support for IPv4 CIDR matching and 2FA overrride for specific users.