Chapters
47 Chapters
|
4:41:51
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
This tutorial also works great for Symfony 6!
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"babdev/pagerfanta-bundle": "^3.3", // v3.3.0
"composer/package-versions-deprecated": "^1.11", // 1.11.99.4
"doctrine/annotations": "^1.0", // 1.13.2
"doctrine/doctrine-bundle": "^2.1", // 2.6.3
"doctrine/doctrine-migrations-bundle": "^3.0", // 3.1.1
"doctrine/orm": "^2.7", // 2.10.1
"knplabs/knp-markdown-bundle": "^1.8", // 1.9.0
"knplabs/knp-time-bundle": "^1.11", // v1.16.1
"pagerfanta/doctrine-orm-adapter": "^3.3", // v3.3.0
"pagerfanta/twig": "^3.3", // v3.3.0
"phpdocumentor/reflection-docblock": "^5.2", // 5.2.2
"scheb/2fa-bundle": "^5.12", // v5.12.1
"scheb/2fa-qr-code": "^5.12", // v5.12.1
"scheb/2fa-totp": "^5.12", // v5.12.1
"sensio/framework-extra-bundle": "^6.0", // v6.2.0
"stof/doctrine-extensions-bundle": "^1.4", // v1.6.0
"symfony/asset": "5.3.*", // v5.3.4
"symfony/console": "5.3.*", // v5.3.7
"symfony/dotenv": "5.3.*", // v5.3.8
"symfony/flex": "^1.3.1", // v1.21.6
"symfony/form": "5.3.*", // v5.3.8
"symfony/framework-bundle": "5.3.*", // v5.3.8
"symfony/monolog-bundle": "^3.0", // v3.7.0
"symfony/property-access": "5.3.*", // v5.3.8
"symfony/property-info": "5.3.*", // v5.3.8
"symfony/rate-limiter": "5.3.*", // v5.3.4
"symfony/runtime": "5.3.*", // v5.3.4
"symfony/security-bundle": "5.3.*", // v5.3.8
"symfony/serializer": "5.3.*", // v5.3.8
"symfony/stopwatch": "5.3.*", // v5.3.4
"symfony/twig-bundle": "5.3.*", // v5.3.4
"symfony/ux-chartjs": "^1.3", // v1.3.0
"symfony/validator": "5.3.*", // v5.3.8
"symfony/webpack-encore-bundle": "^1.7", // v1.12.0
"symfony/yaml": "5.3.*", // v5.3.6
"symfonycasts/verify-email-bundle": "^1.5", // v1.5.0
"twig/extra-bundle": "^2.12|^3.0", // v3.3.3
"twig/string-extra": "^3.3", // v3.3.3
"twig/twig": "^2.12|^3.0" // v3.3.3
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.3", // 3.4.0
"symfony/debug-bundle": "5.3.*", // v5.3.4
"symfony/maker-bundle": "^1.15", // v1.34.0
"symfony/var-dumper": "5.3.*", // v5.3.8
"symfony/web-profiler-bundle": "5.3.*", // v5.3.8
"zenstruck/foundry": "^1.1" // v1.13.3
}
}
11 Comments
Hello, any idea on how to generate secret but in a different situation? Imagine there is a system where SUPER ADMINS have to use 2fa. So it is not a matter of enabling it for someone after he logged in, but it is required. So I should somehow hook in so that when user is authenticated with username and password, generate Secret for him, store in in User entity, so that when scheb/2fa takes its hands on the user it redirects him to show the QR Code. If I do not do this, I will get TwoFactorProviderLogicException that the secret is missing.
Hey Tomasz-I!
Hmm. Here's how I would implement that:
A) Create a listener on LoginSuccessEvent.
B) If the user MUST have 2fa enabled and they do NOT, then generate the totp secret on the User object and save it. THEN, redirect to a "show QR code" screen where you show the totp. (Make it very clear to the user that they MUST set up their authenticator app or else they will not be able to log in).
And... that's it. The big difference, I think, is that I'm using aa LoginSuccessEvent listener to generate the top secret instead of trying to hook into scheb/2fa and making *it* redirect to the "show QR code" page.
Let me know if that makes sense, or if I'm misunderstood the situation :).
Cheers!
weaverryan
Thank you. I already tried it but the problem is that scheb 2fa (ver 6) is faster than that and throws
User has to provide a secret code for Google Authenticator authentication.
That is why I asked here cause I do not have any other options. It is weird because LoginSuccessEvent should be first. See https://ibb.co/dJX2pfH
Hmm. In that case, until the secret is set, can you return false from
User.isTotpAuthenticationEnabled()? I believe that if this is false (and it would be false JUST the first time that they log in), then 2fa should not initiate the process and then your redirect will take over.Sorry for the slow reply, btw - it's been a crazy week :).
Cheers!
Oh yes, that did the job, genius. Thank you very much!!!!!
"slow reply" - no worries :) Been swamped too, helping Ukrainian refugees
❤️❤️❤️
Trying to figure out why I am getting Cannot autowire service error: I have done everything that I should be as directed above but still to no avail.
Cannot autowire argument $totpAuthenticator of "App\Controller\SecurityController::enable2fa()": it references class "Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Totp\TotpAuthenticator" but no such service exists.
My bundles.php file in /config/bundles.php
My autoload_static after running a composer dump-autoload -o
` 'Scheb\TwoFactorBundle\' =>
My Security.yaml
` main:
<br />My packages/scheb_2fa.yaml file<br /># See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/5.x/configuration.htmlscheb_two_factor:
My Routes scheb_2fa.yaml file
`2fa_login:
2fa_login_check:
`
Cleared my cache no issues, ran composer dump-autoload -o and still getting this issue. I am not running docker this is being run on symfony 5.3 using the symfony cli command symfony serve -d php version is 8.1.13
I am stuck any help is much appreciated.
Greg
Hey @captsulu32
Have you tried type-hinting the interface instead?
Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Totp\TotpAuthenticatorInterface;Cheers!
I even went as far as upgrading symfony to version 5.4 and still the same issue.
Hi Ryan,
what the hec is that:
`Symfony\Component\HttpKernel\Exception\
ControllerDoesNotReturnResponseException
in C:\xampp\htdocs\lernen5sec\src\Controller\SecurityController.php (line 49)
5 minutes ago this one worked. Then I changed to
dd($totpAuthenticator->getQRContent($user));and got this error for the first time. Now switching back todd($user)does not work either!?What went wrong?
Thx
Oliver
aaaaarg, the } has to be in front of dd($user). Sorry for bothering you ;-)
Apparently I accidently pressed Shift+Caps+Up.
"Houston: no signs of life"
Start the conversation!