Closed randomsymbols closed 4 years ago
The bundle's goal is to provide two-factor authentication during the login. Asking for an authentication code on arbitrary actions is not part of the feature set. If you want this feature you have to implemement it yourself into the action you want to protect.
You don't have to build everything yourself, though. The bundle has these helper classes that you can inject into your code. They're offering a method to check a code. You need to pass the code and the user entity, which needs to have that authentication method configured and activated (that's something you need to make sure before calling the method).
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
I want to protect a user action (certain site functional / form submission) with two-factor-bundle, plus/additional to the protection of user login (2fa is requested at user login AND at the time of a form submission).
What is the best way to do it?