/** * Listen for successful login events. * * @param InteractiveLoginEvent $event */ public function onSecurityInteractiveLogin(InteractiveLoginEvent $event) { $request = $event->getRequest(); // Skip two-factor authentication for whitelisted IPs if (in_array($request->getClientIp(), $this->ipWhitelist)) { return; } // Check if security token is supported $token = $event->getAuthenticationToken(); if (!$this->isTokenSupported($token)) { return; } // Forward to two-factor providers // They decide if they will do two-factor authentication $context = $this->authenticationContextFactory->create($request, $token); $this->authHandler->beginAuthentication($context); }
/** * Listen for request events. * * @param GetResponseEvent $event */ public function onCoreRequest(GetResponseEvent $event) { $request = $event->getRequest(); // Exclude path if ($this->excludePattern !== null && preg_match('#' . $this->excludePattern . '#', $request->getPathInfo())) { return; } // Check if security token is supported $token = $this->tokenStorage->getToken(); if (!$this->isTokenSupported($token)) { return; } // Forward to two-factor provider // Providers can create a response object $context = $this->authenticationContextFactory->create($request, $token); $response = $this->authHandler->requestAuthenticationCode($context); // Set the response (if there is one) if ($response instanceof Response) { $event->setResponse($response); } }