new: usr: implement the 2FA authentication (TOTP and backup codes) #4

config/packages/security.yaml

@@ -17,6 +17,14 @@ security:
       lazy: true
       provider: app_user_provider
       user_checker: App\Security\UserChecker
+      two_factor:
+        check_path: 2fa_login_check
+        auth_form_path: 2fa_login
+        auth_code_parameter_name: _auth_code
+        post_only: true
+        default_target_path: MineSeekerBundle_homepage
+        prepare_on_login: true
+        prepare_on_access_denied: true
       form_login:
         login_path: MineSeekerBundle_login
         check_path: MineSeekerBundle_login
@@ -27,11 +35,9 @@ security:
       logout:
         path: MineSeekerBundle_logout
         target: MineSeekerBundle_homepage
-      remember_me:
-        secret: '%kernel.secret%'
-        lifetime: 604800
-        remember_me_parameter: _remember_me
+      switch_user: false
 
   access_control:
+    - { path: ^/2fa, roles: IS_AUTHENTICATED_2FA_IN_PROGRESS }
     - { path: ^/api/webauthn/authentication/begin, roles: PUBLIC_ACCESS }
     - { path: ^/api/webauthn/authentication/complete, roles: PUBLIC_ACCESS }