SchebTwoFactorBundle
This bundle provides two-factor authentication (2FA) for Symfony applications.
Documentation Index
- Installation
- Configuration Reference
- Trusted Devices
- Backup Codes
- Brute Force Protection
- CSRF Protection
- Events
- Troubleshooting (common issues)
How-to's
- How to create a custom two-factor provider
- How to handle multiple activated authentication methods
- How to customize conditions when to require two-factor authentication
- How to configure two-factor authentication for an API
- How to create a custom persister
- How to use a different template per firewall
Two-Factor Authentication Methods
The bundle supports the following authentication methods out of the box:
The Authentication Process with Two-Factor Authentication
What changes when you add two-factor authentication to your application?
The bundle hooks into the security layer and listens for authentication events. When a user login appears and the user has two-factor authentication enabled, access and privileges are temporarily withheld, putting the authentication status into an intermediate state. The user is challenged to enter a valid two-factor authentication code. Only when that code is entered correctly, the associated roles are granted.
To represent the state between login and a valid two-factor code being entered, the bundle introduces the role-like
attribute IS_AUTHENTICATED_2FA_IN_PROGRESS, which can be used in is_granted() calls. IS_AUTHENTICATED_FULLY
is – just like roles – withheld until the two-factor authentication step has been completed successfully.
Contributing
Want to contribute to this project? See CONTRIBUTING.md in the repository.
Security
For information about the security policy and know security issues, see SECURITY.md in the repository.
License
SchebTwoFactorBundle is available under the MIT license.