Prepared DB and models for Two Factor authentication

2025-12-23 03:19:31 +00:00 · 2019-12-14 16:35:19 +01:00 · 2019-12-14 16:35:19 +01:00 · 2fa0963374
commit 2fa0963374
parent 235baf32d5
13 changed files with 935 additions and 39 deletions
--- a/config/bundles.php
+++ b/config/bundles.php
@ -21,4 +21,6 @@ return [
    Twig\Extra\TwigExtraBundle\TwigExtraBundle::class => ['all' => true],
    Gregwar\CaptchaBundle\GregwarCaptchaBundle::class => ['all' => true],
    Doctrine\Bundle\DoctrineCacheBundle\DoctrineCacheBundle::class => ['all' => true],
+    Scheb\TwoFactorBundle\SchebTwoFactorBundle::class => ['all' => true],
+    R\U2FTwoFactorBundle\RU2FTwoFactorBundle::class => ['all' => true],
 ];
--- a/config/packages/scheb_two_factor.yaml
+++ b/config/packages/scheb_two_factor.yaml
@ -0,0 +1,24 @@
+# See the configuration reference at https://github.com/scheb/two-factor-bundle/blob/master/Resources/doc/configuration.md
+scheb_two_factor:
+    security_tokens:
+        - Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
+        # If you're using guard-based authentication, you have to use this one:
+        # - Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken
+
+    google:
+        enabled: true                   # If Google Authenticator should be enabled, default false
+        server_name: '%partdb_title%'   # Server name used in QR code
+        issuer: 'Part-DB'               # Issuer name used in QR code
+        digits: 6                       # Number of digits in authentication code
+        window: 1                       # How many codes before/after the current one would be accepted as valid
+
+    backup_codes:
+        enabled: true  # If the backup code feature should be enabled
+
+    trusted_device:
+        enabled: true                  # If the trusted device feature should be enabled
+        lifetime: 5184000              # Lifetime of the trusted device token
+        extend_lifetime: false         # Automatically extend lifetime of the trusted cookie on re-login
+        cookie_name: trusted_device    # Name of the trusted device cookie
+        cookie_secure: false           # Set the 'Secure' (HTTPS Only) flag on the trusted device cookie
+        cookie_same_site: "lax"        # The same-site option of the cookie, can be "lax" or "strict"
--- a/config/routes/scheb_two_factor.yaml
+++ b/config/routes/scheb_two_factor.yaml
@ -0,0 +1,7 @@
+2fa_login:
+    path: /2fa
+    defaults:
+        _controller: "scheb_two_factor.form_controller:form"
+
+2fa_login_check:
+    path: /2fa_check