Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-07-27 18:12:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

use admonition

Browse Source
This commit is contained in:
JYC333 2025-05-17 15:26:51 +08:00
parent 2f3f8b31cf
commit 4dcb697a8f
2 changed files with 55 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.html generated
View File

@ -5,50 +5,54 @@
<p>By requiring more than one verification method, MFA helps reduce the risk <p>By requiring more than one verification method, MFA helps reduce the risk
of unauthorized access, even if someone has obtained your password. Its of unauthorized access, even if someone has obtained your password. Its
highly recommended for securing sensitive information stored in your notes.</p> highly recommended for securing sensitive information stored in your notes.</p>
<p><strong>Warning</strong>: OpenID and TOTP cannot be both used at the same <aside
time!</p> class="admonition warning">
<h2>Log in with your Google Account with OpenID!</h2> <p>OpenID and TOTP cannot be both used at the same time!</p>
<p>OpenID is a standardized way to let you log into websites using an account </aside>
from another service, like Google, to verify your identity.</p> <h2>Log in with your Google Account with OpenID!</h2>
<h2>Why Time-based One Time Passwords?</h2> <p>OpenID is a standardized way to let you log into websites using an account
<p>TOTP (Time-Based One-Time Password) is a security feature that generates from another service, like Google, to verify your identity.</p>
a unique, temporary code on your device, like a smartphone, which changes <h2>Why Time-based One Time Passwords?</h2>
every 30 seconds. You use this code, along with your password, to log into <p>TOTP (Time-Based One-Time Password) is a security feature that generates
your account, making it much harder for anyone else to access them.</p> a unique, temporary code on your device, like a smartphone, which changes
<h2>Setup</h2> every 30 seconds. You use this code, along with your password, to log into
<p>MFA can only be set up on a server instance.</p> your account, making it much harder for anyone else to access them.</p>
<h3>TOTP</h3> <h2>Setup</h2>
<ol> <p>MFA can only be set up on a server instance.</p>
<li>Go to "Menu" -&gt; "Options" -&gt; "MFA"</li> <h3>TOTP</h3>
<li>Click the “Enable Multi-Factor Authentication” checkbox if not checked</li> <ol>
<li>Choose “Time-Based One-Time Password (TOTP)” under MFA Method</li> <li>Go to "Menu" -&gt; "Options" -&gt; "MFA"</li>
<li>Click the "Generate TOTP Secret" button</li> <li>Click the “Enable Multi-Factor Authentication” checkbox if not checked</li>
<li>Copy the generated secret to your authentication app/extension</li> <li>Choose “Time-Based One-Time Password (TOTP)” under MFA Method</li>
<li>Click the "Generate Recovery Codes" button</li> <li>Click the "Generate TOTP Secret" button</li>
<li>Save the recovery codes. Recovery codes can be used once in place of the <li>Copy the generated secret to your authentication app/extension</li>
TOTP if you loose access to your authenticator. After a rerecovery code <li>Click the "Generate Recovery Codes" button</li>
is used, it will show the unix timestamp when it was used in the MFA options <li>Save the recovery codes. Recovery codes can be used once in place of the
tab.</li> TOTP if you loose access to your authenticator. After a rerecovery code
<li>Re-login will be required after TOTP setup is finished (After you refreshing is used, it will show the unix timestamp when it was used in the MFA options
the page).</li> tab.</li>
</ol> <li>Re-login will be required after TOTP setup is finished (After you refreshing
<h3>OpenID</h3> the page).</li>
<p><em>Currently only compatible with Google. Other services like Authentik and Auth0 are planned on being added.</em> </ol>
</p> <h3>OpenID</h3>
<p>In order to setup OpenID, you will need to setup a authentication provider. <aside class="admonition note">
This requires a bit of extra setup. Follow <a href="https://developers.google.com/identity/openid-connect/openid-connect">these instructions</a> to <p>Currently only compatible with Google. Other services like Authentik and
setup an OpenID service through google.</p> Auth0 are planned on being added.</p>
<ol> </aside>
<li>Set the <code>oauthBaseUrl</code>, <code>oauthClientId</code> and <code>oauthClientSecret</code> in <p>In order to setup OpenID, you will need to setup a authentication provider.
the <code>config.ini</code> file (check&nbsp;<a class="reference-link" href="#root/_help_Gzjqa934BdH4">Configuration (config.ini or environment variables)</a>&nbsp;for This requires a bit of extra setup. Follow <a href="https://developers.google.com/identity/openid-connect/openid-connect">these instructions</a> to
more information). setup an OpenID service through google.</p>
<ol> <ol>
<li>You can also setup through environment variables (<code>TRILIUM_OAUTH_BASE_URL</code>, <code>TRILIUM_OAUTH_CLIENT_ID</code> and <code>TRILIUM_OAUTH_CLIENT_SECRET</code>).</li> <li>Set the <code>oauthBaseUrl</code>, <code>oauthClientId</code> and <code>oauthClientSecret</code> in
</ol> the <code>config.ini</code> file (check&nbsp;<a class="reference-link" href="#root/_help_Gzjqa934BdH4">Configuration (config.ini or environment variables)</a>&nbsp;for
</li> more information).
<li>Restart the server</li> <ol>
<li>Go to "Menu" -&gt; "Options" -&gt; "MFA"</li> <li>You can also setup through environment variables (<code>TRILIUM_OAUTH_BASE_URL</code>, <code>TRILIUM_OAUTH_CLIENT_ID</code> and <code>TRILIUM_OAUTH_CLIENT_SECRET</code>).</li>
<li>Click the “Enable Multi-Factor Authentication” checkbox if not checked</li> </ol>
<li>Choose “OAuth/OpenID” under MFA Method</li> </li>
<li>Refresh the page and login through OpenID provider</li> <li>Restart the server</li>
</ol> <li>Go to "Menu" -&gt; "Options" -&gt; "MFA"</li>
<li>Click the “Enable Multi-Factor Authentication” checkbox if not checked</li>
<li>Choose “OAuth/OpenID” under MFA Method</li>
<li>Refresh the page and login through OpenID provider</li>
</ol>

6
docs/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.md
View File

@ -3,7 +3,8 @@ Multi-factor authentication (MFA) is a security process that requires users to p
By requiring more than one verification method, MFA helps reduce the risk of unauthorized access, even if someone has obtained your password. Its highly recommended for securing sensitive information stored in your notes. By requiring more than one verification method, MFA helps reduce the risk of unauthorized access, even if someone has obtained your password. Its highly recommended for securing sensitive information stored in your notes.
**Warning**: OpenID and TOTP cannot be both used at the same time! > [!WARNING]
> OpenID and TOTP cannot be both used at the same time!
## Log in with your Google Account with OpenID! ## Log in with your Google Account with OpenID!
@ -30,7 +31,8 @@ MFA can only be set up on a server instance.
### OpenID ### OpenID
_Currently only compatible with Google. Other services like Authentik and Auth0 are planned on being added._ > [!NOTE]
> Currently only compatible with Google. Other services like Authentik and Auth0 are planned on being added.
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google. In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google.