Implemented the two factor auth login form.

config/packages/scheb_two_factor.yaml

@@ -11,6 +11,7 @@ scheb_two_factor:
         issuer: 'Part-DB'               # Issuer name used in QR code
         digits: 6                       # Number of digits in authentication code
         window: 1                       # How many codes before/after the current one would be accepted as valid
+        template: security/2fa_form.html.twig
 
     backup_codes:
         enabled: true  # If the backup code feature should be enabled

config/packages/security.yaml

@@ -18,6 +18,11 @@ security:
             anonymous: true
             user_checker: App\Security\UserChecker
 
+            two_factor:
+                auth_form_path: 2fa_login
+                check_path: 2fa_login_check
+                csrf_token_generator: security.csrf.token_manager
+
               # activate different ways to authenticate
 
               #http_basic: true
@@ -42,5 +47,7 @@ security:
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
-    # - { path: ^/admin, roles: ROLE_ADMIN }
-    # - { path: ^/profile, roles: ROLE_USER }
+        # This makes the logout route available during two-factor authentication, allows the user to cancel
+        - { path: ^/logout, role: IS_AUTHENTICATED_ANONYMOUSLY }
+        # This ensures that the form can only be accessed when two-factor authentication is in progress
+        - { path: ^/2fa, role: IS_AUTHENTICATED_2FA_IN_PROGRESS }

config/routes/scheb_two_factor.yaml

@@ -1,7 +1,7 @@
 2fa_login:
-    path: /2fa
+    path: /{_locale}/2fa
     defaults:
         _controller: "scheb_two_factor.form_controller:form"
 
 2fa_login_check:
-    path: /2fa_check
+    path: /{_locale}/2fa_check