scheb/two-factor-bundle

Provides two-factor authentication for Symfony applications

Installs: 41 007

Dependents: 4

Suggesters: 0

Stars: 102

Watchers: 10

Forks: 32

Open Issues: 5

Type: symfony-bundle

v2.3.3 2016-06-24 15:15 UTC

README

This Symfony bundle provides two-factor authentication for your website. Currently it is shipped with two authentication methods:

  • Google Authenticator (via sonata-project/google-authenticator)
  • Authentication code sent via email

In addition to this it provides an interface for implementing your own custom two-factor authentication methods.

Compatibility: Use bundle version 1.x for Symfony < 2.6.

Build Status PHP 7 ready HHVM Status Coverage Status Latest Stable Version License

Limitations

After the initial login happened, the user is already fully authenticated to the Symfony security layer. The bundle then prevents access to secured and non-secured content by intercepting any request and showing the two-factor authentication form instead.

If you execute code based on the authentication status, make sure to take the two-factor status into account. This can be done by checking access with isGranted (security voter has to be registered, see configuration).

Warning: Just doing a getUser on security.token_storage (or the old security.context) is not secure. You will get a user object even when two-factor authentication is not complete yet.

Documentation

The documentation can be found in the Resources/doc directory.

Contribute

You're welcome to contribute to this bundle by creating a pull requests or feature request in the issues section.

Besides new features, translations are highly welcome.

License

This bundle is available under the MIT license.