You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using a passwordless login link (magic link) the user is redirected to the 2FA page. How do you avoid this and make sure the user is logged in without providing the 2FA code?
Setting the FLAG_2FA_COMPLETE attribute in the token in the LoginLink success handler (AuthenticationSuccessHandlerInterface) of the passwordless login link provider does not work.
final readonly class LoginLinkAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
{
public function __construct(private UrlGeneratorInterface $router)
{
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token): ?Response
{
$token->setAttribute(TwoFactorAuthenticator::FLAG_2FA_COMPLETE, true);
return new RedirectResponse($request->query->get('redirectUrl') ?? $this->router->generate('app.home'));
}
}
Extending Symfony\Component\Security\Http\Authenticator\LoginLinkAuthenticator is also not an option because it is declared final.
Duplicating the code within LoginLinkAuthenticator as a custom authenticator and extending as per the example in the documentation might work, but it's not a nice solution.
Any help would be appreciated.
Additional Context
N/A
The text was updated successfully, but these errors were encountered:
Bundle version: 7.6.0
Symfony version: 7.0
PHP version: 8.3
Description
When using a passwordless login link (magic link) the user is redirected to the 2FA page. How do you avoid this and make sure the user is logged in without providing the 2FA code?
FLAG_2FA_COMPLETE
attribute in the token in the LoginLink success handler (AuthenticationSuccessHandlerInterface
) of the passwordless login link provider does not work.Extending
Symfony\Component\Security\Http\Authenticator\LoginLinkAuthenticator
is also not an option because it is declaredfinal
.Duplicating the code within
LoginLinkAuthenticator
as a custom authenticator and extending as per the example in the documentation might work, but it's not a nice solution.Any help would be appreciated.
Additional Context
N/A
The text was updated successfully, but these errors were encountered: