search

scheb / 2fa

Two-factor authentication for Symfony applications 🔐
MIT License
495 stars 72 forks source link

2fa_login and 2fa_login_check can't be replaced by our own route name #204

Closed allan-simon closed 9 months ago

allan-simon commented 11 months ago

Bundle version: 6.9.0 Symfony version: 6.3.5 PHP version: 8.1.20 Using authenticators (enable_authenticator_manager: true): YES (mandatory in 6.2+)

Description

As in my project I have a routing based on subdomain and I will want in the future to have different 2fa configuration I was thinking to have dedicated login / check route for 2fa by doing 

# config/routes/scheb_2fa.yaml
my_own_2fa_login:
    path: /2fa
    host: '{subdomain}'
    requirements:
        subdomain: 'companies.*'
    defaults:
        # "scheb_two_factor.form_controller" references the controller service provided by the bundle.
        # You don't HAVE to use it, but - except you have very special requirements - it is recommended.
        _controller: "scheb_two_factor.form_controller::form"
        subdomain: '%companies_domain%'

my_own_2fa_login_check:
    host: '{subdomain}'
    requirements:
        subdomain: 'companies.*'
    path: /2fa_check
    defaults:
        subdomain: '%companies_domain%'

and in my security.yaml 

            two_factor:
               auth_form_path: my_own_2fa_login  
               check_path:  my_own_2fa_check

but then, even though the form was displaying correctly, when I was submitting it

I had the error: 

Unable to find the controller for path "/2fa_check". The route is wrongly configured.

and in the debug I was seeing a route 2fa_check being matched , as it was added automatically by the bundle and overriding my route

reverting back the route name to their original ones fixed the problem

Additional Context

Is it expected ? Which I may understand but in that case the documentation may stress out more that it must be these values

scheb commented 11 months ago

Cannot reproduce.

I changed the name and path of my check route, even added these extra host/requirements/default parameters to the route. Still works.

Is your /2fa_check path within your firewall's pattern? Because I can reproduce this error only when the check-path isn't covered by the firewall. Would you please post your firewall configuration, so we can have a look?

stale[bot] commented 9 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.