Hi,

I would also like to be able to enable 2FA for portal users. Is this something that is on the roadmap? or is there some steps I can do that would allow me to enable it?

Hi,
I have updated a portal user record in the DB table: user_data with the 2FA settings and I am prompted for a code now when logging in, so the 2FA appears to work for a portal user however the UI Security Button that is available to internal users is not shown to a portal user. Does anyone have any ideas on how I can expose this button and the pop out menu it shows?

I was able to get this working by patching several files. Please be aware of the fact that I am not absolutely sure whether these changes pose some security risks (although I doubt it).


1. Allow portal users to access the UserSecurity service: You have to change several if statements in application/Espo/Services/UserSecurity.php from
if (!$user->isAdmin() && !$user->isRegular()) throw new Forbidden();
to
if (!$user->isAdmin() && !$user->isRegular() && !$user->isPortal()) throw new Forbidden();
so that the portal user is actually allowed to enable 2FA

2. Change client/src/views/user/record/detail.js so that the Security-Button appears:
if (
(this.model.id == this.getUser().id || this.getUser().isAdmin() ) &&
(this.model.isRegular() || this.model.isAdmin() ) &&
this.getConfig().get('auth2FA')
) {
this.addButton({
name: 'viewSecurity',
label: 'Security',
});
}
has to be changed to
if (
(this.model.id == this.getUser().id || this.getUser().isAdmin() || this.getUser().isPortal() ) &&
(this.model.isRegular() || this.model.isAdmin() || this.getUser().isPortal() ) &&
this.getConfig().get('auth2FA')
) {
this.addButton({
name: 'viewSecurity',
label: 'Security',
});
}

Afterwards, you are able to enable 2FA for your portal users. And it works.

Now iam using this 2FA portal, it helps
Thanks & Regards
ritek

Can we have this added to espocrm by default, feature requested....