scheb / two-factor-bundle

[ABANDONED] Two-factor authentication for Symfony 2 & 3 applications 🔐. Please use the newer versions from https://github.com/scheb/2fa.
https://github.com/scheb/2fa
MIT License
385 stars 111 forks source link

Redirection when using two firewalls #275

Closed gauthier-marchand closed 4 years ago

gauthier-marchand commented 4 years ago

Bundle version: 4.14 Symfony version: 4.4.5

Description

Hi, in my application I need to have two firewalls in order to manage two types of connections.

Here my security.yaml :

firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        admin:
            pattern: /admin/(.*)
            user_checker: security.user_checker
            form_login:
                provider: fos_userbundle
                login_path: admin_login
                check_path: admin_check
                csrf_token_generator: security.csrf.token_manager
            logout:
                path: admin_logout
                target: admin_login
            anonymous: true

            two_factor:
                auth_form_path: 2fa_login
                check_path: 2fa_login_check
                default_target_path: /
                provider: fos_userbundle

        main:
            pattern: ^/
            user_checker: security.user_checker
            form_login:
                login_path: fos_user_security_login
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager

            logout:
                path: fos_user_security_logout
            anonymous:    true

So, when I'm try to go to /admin, I'm correctly redirect to /admin/login. There I can put my username and password. My user has a google_authenticator_token. Then, after login I am redirected to the route 2fa which is what I want. But then I'm a redirected to /login.

I tried to figure out why and it appears that in the Scheb\TwoFactorBundle\Controller\FormController ont he method getTwoFactorToken when I dump the token is Type is Symfony\Component\Security\Core\Authentication\Token\AnonymousToken.

I tried to put the exact same 2fa config in the main firewall and all work fine...

Do you have any idea on my issue ?

Thank in advance

scheb commented 4 years ago

The path for the 2fa_login and 2fa_login_check routes have to be located within your firewall's pattern, so effectively under /admin/. Something like /admin/2fa should work fine.

gauthier-marchand commented 4 years ago

Hi,

Yes, I found it too, I was to focus to figure it out.

Thank a lot