Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failover 2FA #234

Open
ehymel opened this issue Jun 15, 2024 · 1 comment
Open

Failover 2FA #234

ehymel opened this issue Jun 15, 2024 · 1 comment
Labels
Enhancement

Comments

@ehymel
Copy link

ehymel commented Jun 15, 2024

I have multiple 2FA methods enabled (totp, two_factor_text, email) with a service implementing TwoFactorProviderDeciderInterface to pick which to use. One of these (email) is the default method and always available.

I recently encountered an issue where my SMS provider was unavailable, so anyone using text-based 2FA was unable to authenticate and login.

When multiple methods are available, it would be nice to catch any error sending the 2FA code and then try the next available method.

The flow in my case would be:

login --> send 2fa code via text --> fail --> send 2fa code via email

I wouldn't mind working on this if you could point me to a hook in the code to implement.
@scheb
Copy link
Owner

scheb commented Jun 15, 2024

This is where the provider preparation is executed and where a fallback logic would need to go:

2fa/src/bundle/Security/TwoFactor/Provider/TwoFactorProviderPreparationListener.php

Line 114 in 43051f8

$this->providerRegistry->getProvider($providerName)->prepareAuthentication($user);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@scheb @ehymel