npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

strapi-identity

v0.1.1

Published

Strapi plugin to add missing features to the strapi auth system

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

link2twentylink2twenty

Keywords

strapipluginauthentication2FAMFA

Readme

Strapi Plugin Strapi Identity

Detailed Multi-Factor Authentication (MFA) plugin for Strapi v5+. Secure your Strapi Admin panel with TOTP-based 2FA, fully integrated into the Strapi interface.

Features

  • MFA Login Interception: Seamlessly integrates with the default Strapi login flow.
  • TOTP Compatibility: Works with all major authenticator apps (Google Authenticator, Authy, 1Password, etc.).
  • Recovery Codes: Generates secure recovery codes for emergency access.
  • Native UI Integration:
    • Matches Strapi's design system.
    • Profile integration for easy setup.
    • Dedicated verification page.
  • Global Configuration:
    • Enable/Disable globally.
    • Custom "Issuer" name for authenticator apps.
  • Role-Based Access Control: Granular permissions for managing plugin settings.
  • Multi-language Support: Fully localized interface.

Installation

To install this plugin, you'll need to include it in your Strapi project.

  1. Install the dependency:
npm install strapi-identity
# or
yarn add strapi-identity
  1. Enable the plugin in config/plugins.ts:
export default {
  // ...
  'strapi-identity': {
    enabled: true,
  },
  // ...
};
  1. Build the admin panel:
npm run build
  1. Restart Strapi:
npm run develop

Configuration

Access the global settings via the admin panel: Settings -> Global Settings -> Strapi Identify Settings

| Option | Description | | ----------- | ------------------------------------------------------------------------------------------ | | Enabled | Master switch to enable or disable the MFA interception logic globally. | | Enforce | (Coming Soon) Force all users to set up MFA before accessing the dashboard. | | Issuer | The name that appears in the authenticator app (e.g., "My Project"). Defaults to "Strapi". |

Permissions

Go to Settings -> Administration Panel -> Roles to configure who can manage these settings:

  • plugins::strapi-identity.settings.read: View configuration.
  • plugins::strapi-identity.settings.update: Modify configuration.

User Guide

Setting up MFA (User)

  1. Log in to the Strapi Admin panel.
  2. Click on your User Profile avatar in the top-right corner.
  3. Click Profile.
  4. In the "Two-Factor Authentication" section, toggle the switch to Enable Two-Factor Authentication.
  5. A modal will appear:
    • Scan the QR Code with your authenticator app.
    • Enter the 6-digit code displayed in your app.
    • Save your Recovery Codes in a safe place. You will not see them again!
  6. Click Finish.

Signing In

  1. Enter your Email and Password on the standard Strapi login page.
  2. If credentials are correct and MFA is enabled, you will be redirected to the Verification Page.
  3. Enter the code from your authenticator app.
  4. Upon success, you will be redirected to the dashboard.

Admin Reset (Super Admin)

Administrators with the settings.update permission can reset MFA for other users:

  1. Navigate to Settings -> Administration Panel -> Users.
  2. Click the Edit (pencil) icon for the user you wish to manage.
  3. Locate the Two-Factor Authentication section in the user form.
  4. If MFA is enabled for that user, click the Reset button.
    • This will disable 2FA for the user, allowing them to log in with just their password and set up MFA again.

Roadmap & Status

Below is the implementation status of planned features.

  • [x] MFA Login: Intercepts admin login securely.
  • [x] Recovery Codes: Backup access method.
  • [x] TOTP App Compatibility: Standard RFC 6238 implementation.
  • [x] Integrated Setup Screen: User-friendly wizard in profile settings.
  • [x] MFA Page Matches Theme: Consistent UI/UX.
  • [x] Custom Issuer: Configurable app label.
  • [x] Multi-language Support: i18n ready.
  • [x] Admin Reset: Allow super-admins to reset MFA for other users who lost access.
  • [ ] Email Passcode: Alternative MFA method via Email.
  • [ ] Enforced Mode: Mandatory MFA for specific roles or all users.