update docs

1a94a691 · Hahn Axel (hahn) · ebc96a94 · 1a94a691 · 1a94a691 · 1a94a691
Commit 1a94a691 authored 3 weeks ago by Hahn Axel (hahn)
--- a/docs/30_Installation.md
+++ b/docs/30_Installation.md
@@ -24,6 +24,8 @@ Open the mfa server admin and create a new web app. You get an id and a secret f

 In the config enter the url of api, id and secret.

+**📌 Example**:
+
 ```php
 <?php

@@ -33,13 +35,43 @@ return [
    "appid" => "c1cabd22fbdb698861ad08b27de7399a",
    "shared_secret" => "p9wjjXSewZq0VkM1t5Sm3ZbI4ATEVetU",

-    // "user"=> $_SERVER['REMOTE_USER']??'',
+    "user"=> $_SERVER['REMOTE_USER']??'',

    "debug" => false,

 ];
 ```

+The values for a secure connection are given in your mfa server. Open the administration -> tab "Wep apps" -> your application (or create a new app) and copy the values from the shown snippet.
+
+| Key             | Type   | Descriptio
+|---              |---     |---
+| api 🔸          | string | api url
+| appid 🔸        | string | Given ID for your application
+| shared_secret 🔸| string | Generated secret for your application
+| user            | string | User id of logged in user
+| debug           | bool   | Flag: global debugging (for dev environment only)
+
+🔸 required
+
+If the user id is not in $_SERVER['REMOTE_USER'] then there are 2 options:
+
+* mfaconfig.php: correct the fieldname of $_SERVER or set your own variable
+* mfa-ensure.php: enable the line `$mfa->setUser(<your-function-to-fetch-userid>);`
+
+**📌 Example**:
+
+```php
+<?php
+require_once __DIR__.'/mfaclient.class.php';
+$mfa = new mfaclient();
+
+// if user was not set in config, set it manually
+$mfa->setUser($this->getUserid());
+
+$iHttpStatus=$mfa->ensure();
+```
+
 ### Activate MFA after logon

 This step depends on your code. You need to find a good place to embed the MFA process.

--- a/docs/50_Technical_details/mfaclient.class.php.md
+++ b/docs/50_Technical_details/mfaclient.class.php.md
@@ -11,6 +11,9 @@
 * Docs: https://os-docs.iml.unibe.ch/mfa-client/index.html
 * License: GNU GPL 3.0
 * 
+ * 2025-06-11  <axel.hahn@unibe.ch>  initial version
+ * 2025-06-30  <axel.hahn@unibe.ch>  set version 1.0.1 in user agenmt in http requests
+ * 2025-07-07  <axel.hahn@unibe.ch>  1.0.2 handle executed setUser() before ensure()
 */
 ```


--- a/src/mfa-ensure.php
+++ b/src/mfa-ensure.php
@@ -2,7 +2,7 @@
 /**
 * mfa-ensure.php
 * 
- * @author Axel Hahn <axel.hahn@unibe>
+ * @author Axel Hahn <axel.hahn@unibe.ch>
 * 
 */

@@ -11,6 +11,9 @@ $mfa = new mfaclient();

 $mfa->debug($aConfig['debug']??false);

+// if user was not set in config, set it manually
+// $mfa->setUser($this->getUserid());
+
 $iHttpStatus=$mfa->ensure();

 // mfa was skipped? Enable this line to see the reason