<!DOCTYPE html>
<html lang=“en”>
<head>
<meta charset=“UTF-8”>
<meta name=“viewport” content=“width=device-width, initial-scale=1.0”>
<title>2FA Implementation in AwareIM</title>
<style>
body {
font-family: Arial, sans-serif;
margin: 2em;
line-height: 1.6;
background: #f9f9f9;
color: Back button issues;
}
h1, h2, h3 {
color: #005288;
}
code {
background: #eee;
padding: 2px 4px;
font-family: Consolas, monospace;
}
pre {
background: #eee;
padding: 1em;
overflow-x: auto;
}
.section {
margin-bottom: 2em;
}
</style>
</head>
<body>
<h1>2FA Implementation in AwareIM (SMS & Email)</h1>
<h1>🔐 Summary: Two-Factor Authentication (2FA) Implementation in AwareIM</h1>
<p>I’ve implemented a flexible 2FA system in AwareIM that supports both <strong>SMS</strong> and <strong>email</strong> verification, based on a system-wide setting. Below is a short overview of the setup.</p>
<h2>⚙️ Configuration</h2>
<p>The 2FA method is defined in the <code>SystemSettings.Method2FA</code> attribute with the following options:</p>
<ul>
<li><code>SMS</code></li>
<li><code>Email</code></li>
<li><code>not available</code></li>
</ul>
<h2>📦 Business Objects</h2>
<ul>
<li><strong>Login2FA</strong>: stores the generated code (<code>Code2FA</code>) and user input (<code>Code2FAInput</code>), with a reference to <code>ps_BackofficeUser</code></li>
<li><strong>SMSService</strong>: handles REST call to <a href=“https://portal.bulkgate.com” target=“_blank”>BulkGate API</a></li>
<li><strong>SMSRequest</strong> and <strong>SMSResponse</strong>: support request and response data</li>
</ul>
<h2>🔁 Process Flow</h2>
<h3>Process: Initialise</h3>
<p>Called during user login or session startup. Checks which 2FA method is active and starts <code>SendSMS</code> or <code>SendEmail</code> accordingly.</p>
<div class=“section”>
<pre><code>IF SystemSettings.Method2FA=‘SMS’
AND SystemSettings.SMSKey IS DEFINED
AND LoggedInBackofficeUser.TelNrMobiel IS DEFINED THEN
DISPLAY PERSPECTIVE Login2FA
SendSMS
ELSE IF SystemSettings.Method2FA=‘Email’
AND SystemSettings.ps_Template2FA IS DEFINED
AND LoggedInBackofficeUser.EmailAddress IS DEFINED THEN
DISPLAY PERSPECTIVE Login2FA
SendEmail</code></pre>
</div>
<h3>Process: SendSMS</h3>
<ul>
<li>Creates a <code>Login2FA</code> record and generates a 6-digit code</li>
<li>Sends the code using a REST call to BulkGate</li>
<li>Displays a custom HTML form to enter the code</li>
</ul>
<div class=“section”>
<pre><code>CREATE Login2FA WITH ps_BackofficeUser=LoggedInBackofficeUser,
Code2FA=GENERATE_PWD(6,6,0,6,0), Code2FAInput=''
CREATE SMSRequest WITH SMSRequest.Request='{
application_id
: ' + SystemSettings.SMSApplicationID + '
,
application_token
: ' + SystemSettings.SMSKey + '
,
number
: ' + LoggedInBackofficeUser.TelNrMobiel + '
,
text
: Your verificationcode : ' + Login2FA.Code2FA + '
,
sender_id
: system_number
,
unicode
: true,
country
: NL
}'
REQUEST SERVICE SendLoginCode OF SMSService
VIEW Login2FA USING HTML</code></pre>
</div>
<h3>Process: SendEmail</h3>
<ul>
<li>Same logic as SMS, but sends the code via email using a predefined template</li>
</ul>
<div class=“section”>
<pre><code>CREATE Login2FA WITH ps_BackofficeUser=LoggedInBackofficeUser,
Code2FA=GENERATE_PWD(6,6,0,6,0), Code2FAInput=''
FIND Templates WHERE Templates=SystemSettings.ps_Template2FA TAKE BEST 1
CREATE OutgoingEmail WITH SentToAddress=LoggedInBackofficeUser.EmailAddress,
Subject=Templates.Subject, Message=Templates.Message
CREATE OutboundEmail WITH FromAddress=SystemSettings.OutgoingEmailFromAddress,
Subject=OutgoingEmail.Subject, Message=OutgoingEmail.Message
SEND OutboundEmail TO LoggedInBackofficeUser
VIEW Login2FA USING HTML</code></pre>
</div>
<h3>Process: Check2FA</h3>
<ul>
<li>Compares user input to the generated code</li>
<li>If incorrect, shows an error and clears the input</li>
<li>If valid, displays the target perspective (e.g., <code>Administrator</code>)</li>
</ul>
<div class=“section”>
<pre><code>IF SystemSettings.Method2FA IN ‘SMS’, ‘Email’
AND LoggedInSystemUser.AccessLevel IN ‘Administrator’, ‘BackendUser’
AND (Login2FA.Code2FA <> Login2FA.Code2FAInput OR Login2FA.Code2FAInput IS UNDEFINED) THEN
DISPLAY MESSAGE ‘Wrong verification code. Please try again.’
Login2FA.Code2FAInput=''
ELSE
DISPLAY PERSPECTIVE Administrator</code></pre>
</div>
<h2>📜 HTML Input Form</h2>
<pre><code><input class=“aw-mapped” type=“text” maxlength=“6” placeholder=“e.g., 123456” aw_attr_id=“101”>
<button class=“btn aw-selected aw-mapped” type=“submit” aw_oper_id=“4”>Verify</button></code></pre>
<div class=“section”>
<h2>HTML Form (Login2FA)</h2>
<pre><code><html lang=“nl”>
<head>
<meta charset=“UTF-8”>
<meta name=“viewport” content=“width=device-width, initial-scale=1.0”>
<title>2FA Verification</title>
</head>
<body>
<div class=“box”>
<h2>Enter verification code</h2>
<form class=“form-control”>
<input class=“aw-mapped” type=“text” maxlength=“6” placeholder=“e.g., 123456” aw_attr_id=“101”>
<br>
<button class=“btn aw-selected aw-mapped” type=“submit” aw_oper_id=“4”>Verify</button>
</form>
</div>
</body>
</html></code></pre>
</div>
<h2>✅ Result</h2>
<p>
This approach provides:
<ul>
<li>Flexible control via system settings</li>
<li>External SMS integration using REST</li>
<li>A simple and user-friendly HTML interface</li>
</ul>
</p>
</body>
</html>