SchebTwoFactorBundleEdit this page
This bundle provides two-factor authentication (2FA) for Symfony applications.
- Configuration Reference
- Trusted Devices
- Backup Codes
- Brute Force Protection
- CSRF Protection
- Troubleshooting (common issues)
- How to create a custom two-factor provider
- How to handle multiple activated authentication methods
- How to customize conditions when to require two-factor authentication
- How to configure two-factor authentication for an API
- How to create a custom persister
- How to use a different template per firewall
Do you prefer video tutorials? Check out the Two-Factor Authentication screencasts from SymfonyCasts.
The bundle supports the following authentication methods out of the box:
There are 3rd-party packages for adding different two-factor authentication methods. Check out the
related packages on Packagist.org
What changes when you add two-factor authentication to your application?
The bundle hooks into the security layer and listens for authentication events. When a user login appears and the user has two-factor authentication enabled, access and privileges are temporarily withheld, putting the authentication status into an intermediate state. The user is challenged to enter a valid two-factor authentication code. Only when that code is entered correctly, the associated roles are granted.
To represent the state between login and a valid two-factor code being entered, the bundle introduces the role-like
IS_AUTHENTICATED_2FA_IN_PROGRESS, which can be used in
is – just like roles – withheld until the two-factor authentication step has been completed successfully.
For information about the security policy and know security issues, see SECURITY.md in the repository.