I'm using 2FA for logins, but I need to have it enabled only when accessing the site from non-trusted IPs
I already had been doing this for CAPTCHA using the following code in globals:
//Disable reCaptcha for locally hosted servers
$localIPs="xxx.xxx.xxx.xxx, xxx.xxx.xxx.xxy, xxx.xxx.xxx.xxz";
$externalIPs="xxx.xxx.xxx.abc, xxx.xxx.xxx.def";
if (strpos($localIPs,$_SERVER['SERVER_ADDR'])>0 || strpos($externalIPs,$_SERVER['REMOTE_ADDR'])>0) { // check if allowed local IP without recaptcha
$CaptchaClass = "CaptchaBase"; /// Without Recaptcha
}
2FA is part of the AUTH_CONFIG section, and the syntax is different.
How can I oveeride only these in Globals with false values?
"USE_TWO_FACTOR_AUTHENTICATION" => true,
"FORCE_TWO_FACTOR_AUTHENTICATION" => true,