SchebTwoFactorBundle

Edit this page

This bundle provides two-factor authentication (2FA) for Symfony applications.

Live demo of 2FA in Symfony

SchebTwoFactorBundle Logo

Documentation Index

How-to's

Screencast

Do you prefer video tutorials? Check out the Two-Factor Authentication screencasts from SymfonyCasts.

Two-Factor Authentication Methods

The bundle supports the following authentication methods out of the box:

3rd-party packages:

Note

There are 3rd-party packages for adding different two-factor authentication methods. Check out the related packages on Packagist.org.

The Authentication Process with Two-Factor Authentication

What changes when you add two-factor authentication to your application?

The bundle hooks into the security layer and listens for authentication events. When a user login appears and the user has two-factor authentication enabled, access and privileges are temporarily withheld, putting the authentication status into an intermediate state. The user is challenged to enter a valid two-factor authentication code. Only when that code is entered correctly, the associated roles are granted.

Authentication process

To represent the state between login and a valid two-factor code being entered, the bundle introduces the role-like attribute IS_AUTHENTICATED_2FA_IN_PROGRESS, which can be used in is_granted() calls. IS_AUTHENTICATED_FULLY is – just like roles – withheld until the two-factor authentication step has been completed successfully.

Contributing

Want to contribute to this project? See CONTRIBUTING.md in the repository.

Security

For information about the security policy and know security issues, see SECURITY.md in the repository.

License

SchebTwoFactorBundle is available under the MIT license.

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.
TOC
    Version