- sysHUB Server 2023.2.0 or newer
- Node.JS (with npm included) LTS (20.x) or newer
- Download the ppk file and import it via webclient -> Transport -> Import package
- If not yet done, install Node.JS
- Open command prompt and check that
npm -v
is working and outputs a version number. If not return to step 2. - In the command prompt navigate to the
tools
folder within sysHUB root. Iftools
does not exist, create it. In my environment sysHUB is located atD:\sysHUB\2023.2.0
, so I run the following commands:d: cd D:\sysHUB\2023.2.0\tools
- Inside the
tools
folder create a folder callednpm
, navigate into it and initialize a new npm folder:mkdir npm cd npm npm init // comment: answer all inputs with enter key
- Install the
authenticator
package which is used for creating otp key and qr-code data:npm i authenticator-cli
- Validate in Explorer that the folder
D:\sysHUB\2023.2.0\tools\npm\node_modules\.bin
exists and inside a file calledauthenticator.cmd
. - Test the authenticator by simply running the
D:\sysHUB\2023.2.0\tools\npm\node_modules\.bin\authenticator.cmd
. This should give you three output lines, a key, a token and and url. If so, everything is prepared. Example output:Key: 6kvt ursx oymh slsa 5ysn 65fc aahf 3zjd Token: 070247 URL: otpauth://totp/ACME:[email protected]?secret=6KVTURSXOYMHSLSA5YSN65FCAAHF3ZJD&issuer=ACME&algorithm=SHA1&digits=6&period=30
- If you use a different folder than
{rootdir}\tools\npm\
you must update the parameterset nodesTOTP/binDir
andTOTP/outDir
. - In the sysHUB System database create a new table
usertotp
:CREATE TABLE [dbo].[usertotp]( [uuid] [varchar](32) NOT NULL, [totpkey] [varchar](128) NOT NULL, CONSTRAINT [PK_usertotp] PRIMARY KEY CLUSTERED ( [uuid] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY] ) ON [PRIMARY] GO ALTER TABLE [dbo].[usertotp] WITH CHECK ADD CONSTRAINT [FK_usertotp_usertotp] FOREIGN KEY([uuid]) REFERENCES [dbo].[usertotp] ([uuid]) GO ALTER TABLE [dbo].[usertotp] CHECK CONSTRAINT [FK_usertotp_usertotp] GO
- Back in the webclient refresh the page in order to get the custom menu displayed.
- In the top navigation bar next to Action and Run you'll find Menu Extension.
- Open the Menu Extension dropdown and click on 2FA to open the new dialog.
- Press the red
Generate QR-Code
button. In case of any error you'll find more info in the server log. If you see the QR-code anything worked. - Scan the QR-code with an app like Microsoft Authenticator, Google Authenticator, Authy, etc.
- Input the current 6-digit 2FA code into the dialog in the webclient and press the green
Validate code
button.
You're done. Feel free to share your feedback or improvements.