Đã Đóng

Website that checks OTP (email or google authenticator) with LDAP backend

Hi,

I want a website that asks the user for his email. Then he has the choice to select if he uses email or google authenticator for OTP.

In case of email, the email is checked

a) is it a valid email -> no, return error (out of scope: fail2ban will block IP)

b) yes, query LDAP with specific credentials to check if email is valid and a specific field is set to yes. In case of success, send code via email. If not successful return error (out of scope: fail2ban will block IP)

In case of google authenticator, open field to enter code. When press send

a) is it a valid email -> no, return error (out of scope: fail2ban will block IP)

b) yes, query LDAP with specific credentials to check if email is valid and retrieve whatever info is needed to validate the code. If not successful return error (out of scope: fail2ban will block IP)

In both cases, if the code is valid, write to log and (out of scope: fail2ban will whitelist IP for period of time). If code is wrong return error (out of scope: fail2ban will block IP).

I want this to be a github project with permissive license (no idea yet which). I was thinking of php as programming language and use one of those free OTP libraries available. Note: I want a simple site. Depending on the logfiles, fail2ban will do the "security" part of this project and that is up to me.

Small update: This OTP protection is not part of a big web project, but is only intended to write something in the NGINX log files, that fail2ban can read. Fail2ban then whitelists the users IP on the remote server. This is not very fast (< 10 seconds) but sufficient. This OTP website itself will be behind a NGINX proxy, so the connection to it will be unencrypted. The LDAP server can be reached unencrypted through ssh tunnel. You will need to bind to the LDAP server as specific user since anonymous queries are disabled. You will need to show me how to create the qr-code for google authenticator and what I have to store in the LDAP server.

Update2: I need s simple [login to view URL] file that looks like the attached file. User fills out the form. First check the fields, if everything is right, create a log entry fail2ban will evaluate. If any field does not meet the criteria, e.g. illegal character, create log entry fail2ban will evaluate.

Update 3: It should all be licensed under apache 2.0 license.

Kĩ năng: PHP, Linux, HTML, Web Development

Xem nhiều hơn: website designs opt email features, list website local business directory google, website come front page google, website form submit email, google maps free real estate website, backend css website, website checks sentences, website doesnt show properly google chrome, email google apps joomla, website ability add tags google maps, send bulk email google, upload google webmaster html code blinkweb website, send email google calendar, website contact form email strange characters, website work inquiry email, configure joomla email google apps, how to use google authenticator in my website

Về Bên Thuê:
( 0 nhận xét ) Jazan, Saudi Arabia

ID dự án: #31001754

4 freelancer chào giá trung bình$26 cho công việc này

(7 Nhận xét)
5.0
saqibwebdesigner

Hey, Are you looking for a full stack developer to help you to customize and add backend functionalities on a pre-made website template of a social media website for gaming that you bought? We are a team of professio Thêm

$20 USD trong 7 ngày
(0 Nhận xét)
0.0
arturr2

Hello, I have developed web applications for about 15 years, Im particular, I have solved this requirement for an Identity and authorization solution (Google otp based authentication 2fa and ldap auth) . I can show Thêm

$35 USD trong 1 ngày
(0 Nhận xét)
0.0
IvanLomakin

Hello Dear Thank you so much for offering me the job opportunity. I appreciate the time you took to interview me, and I am very glad to become a part of your project. About Me As a highly skilled Full Stack Web develop Thêm

$20 USD trong 5 ngày
(0 Nhận xét)
0.0