How to ask for 2FA (TOTP code) when already logged in

[yblatti]

Bundle version: 7.5.0 Symfony version: 7.1.2 PHP version: 8.3.8

Description

Hi,

I'm implementing TFA with Google Authenticator +Backup code + Trusted device in my app. And I love this bundle, thanks !!.

I would like to ask for a TOTP (with Google Authenticator) for some sensitive tasks, even though the user is already authenticated, as the last time the user had provided a TOTP code might date (thanks to Trusted devices). For example, when generating a new API Access Token.

Does anybody have a recommendation to implement this ?

Thanks in advance for your advice.

[scheb]

This is not a feature of the bundle.

You could write your own logic that asks for the 2fa code and use components from the bundle, such as the GoogleAuthenticator class to check the code. Though that doesn't give you backup code functionality, as this is implemented differently.

[yblatti]

Hi @scheb,

You could write your own logic that asks for the 2fa code and use components from the bundle, such as the GoogleAuthenticator class to check the code.

That's what I suspected, but wanted to ensure it before starting to work on it.

Though that doesn't give you backup code functionality, as this is implemented differently.

I'll implement it, as CheckBackupCodeListener is very clear, this should not be an issue.

Thanks a lot for your advice !