v0.3.3

Changelog

• when configuring an authenticator app, the user is required to enter a valid code before changes are saved
• various minor frontend improvements (e.g, removed suggestions to use email-to-text, included link to 2FAS authenticator)
• when a user is deleted in WebCTRL, correponding MFA mappings are also deleted
• when MFA mappings are deleted, corresponding cached IP addresses are also deleted

Note

• A static CSS page changed, so you may need to clear cached files in your browser if something looks weird in the GUI (e.g, a link that looks like a button when it should be a normal link)

v0.3.2

Changelog

• Minor UI improvements like hiding email fields when email is disabled

v0.3.0

Warning

Saved data from v0.2.0 is NOT compatible with this version. So you'll need to remove the old version with its data and configure the new version fresh.

Changelog

• implemented REST API for centralized MFA
• implemented a trusted IP cache list for each user to temporarily bypass MFA after one successful verification
• restructuring and bug fixes
• bumped dependency versions

v0.2.0

Changelog

• Added support for authenticator apps

When upgrading from v0.1.0, you'll have to remove data and reconfigure each mapping because the saved-data file structure has changed.

v0.1.0

This add-on has been tested on WebCTRL8.5 and WebCTRL9.0.