This plugin adds Logintap functionality directly into the standard WordPress authentication process.
The plugin is Open-Source, so you can modify it any way you see fit.
Note, that you can go the other way around with WP & LT - install any OpenID Connect plugin in WP and add Logintap auth using the standard OpenID protocol. A couple of OpenID plugins for WordPress - MiniOrange, DaggerHeart.
If you have custom ideas, download Logintap's WP plugin and play with it to apply your own vision.
6. Add our JS widget to your frontend (1 line - 4.3.1 below).
7. Update your application's current "auth points" and logic, depending on your use case (next section - 2 ).
2. Ways to use Logintap (auth points)
You can choose various auth starting points to initiate the mobile 2FA, depending on your use case:
2.1 Cookie, or similar
2.2 Login & Button
Press for Mobile Auth
2.3 Full Auth, then 2FA
You Login & Pass are Correct
Waiting for your Mobile Confirmation
Waiting for your Mobile Confirmation
User is recognised via cookie (or alike), when opening the website. No logins/passwords, all is done through mobile 2FA. The same works for business process auth type cases.
It is for maximum speed and convenience for your users.
User enters login/email, presses the Login button, and the rest is done via mobile 2FA.
As a sub case - user forgot a password, gets instant access from just the login.
User first passes full standard auth with login and password, then the mobile 2FA auto starts.
This way is about maximum security.
3. Basic Use Logic for Auth
4. Full step-by step instruction
, VERY IMPORTANT! The purpose of this instruction is just to show an example, of a schema for mobile 2FA in your workflow. In reality, your schema can be different because you only need to comply with API calls and widget initiation. The rest - how and where and even if you store user data or session ids can be fully done the way you need to.
This instruction assumes that you have already registered with Logintap. If not - press Sign Up and check your email.
3. "Display site name in messenger" means that Logintap will show user this "Site's name" during auth process. If you want to hide this information from whoever accidentally sees user's push notifications - uncheck it.
4. "Limit" on requests per minute is necessary to prevent spam, in case only email is used to start mobile auth and somebody gets a hold of that email and just tries to login again and again.
5. Application UUID ( appUUID) is an auto generated connector, which you will need at a latter step.
4.2 Prepare your backend
1. Download suitable library here - (PHP5, PHP7 or WordPress plugin) or from inside your Logintap account. It is open source and has just 4 API methods.
2. Deploy the library at your back and connect it to your CMS.
3. Add 2 new tables to your website's data base - lt_auth_sessions to store all user auth requests through Logintap and lt_settings to store connections to your Account.
Add Table 1 - lt_auth_sessions (start table name with LT for your convenience):
Test Logintap auth in under 5 minutes
1. Press "Sign up" & fill up the form
You will recieve a new account into you email within 1 minute time.
2. Open your email and login into your account - DO NOT SAVE LOGIN DATA IN BROWSER
3. Press - "Connect a Messenger" - top right
4. In a pop up - pick a messenger, which you have on your mobile phone, where to auth your logins
4. Use your photo app, or any QR taking app to follow in the link on your mobile device
5. Press Start when in a messenger of your choice. You will see an instruction message, follow it. Provide faceID or fingerprint, if asked for.
6. Logout of your Logintap account
7. Enter your email & Press - "Logintap" button to use mobile auth.
8. Your messenger gets a Push, follow the Yes/Ok/Continue answers. Provide fingerprint or faceID if asked for.
DONE - your are again in Logintap account. Without using a password.
This is just a one possible approach - use login to enter account. Read on more options in Tech Docs.