new: usr: implement the 2FA authentication (TOTP and backup codes) #4

templates/Security/2fa.html.twig

@@ -0,0 +1,54 @@
+{% extends 'Game/index.html.twig' %}
+
+{% block title %} - Two-Factor Authentication{% endblock %}
+
+{% block body %}
+  <div class="auth-page">
+    <div class="auth-card">
+      <h2 class="auth-title">Two-Factor Authentication</h2>
+      <p class="auth-sub">Enter the 6-digit code from your authenticator app</p>
+
+      {% if authenticationError is defined and authenticationError %}
+        <div class="auth-error">
+          <i class="fa fa-exclamation-triangle"></i>
+          {{ authenticationError|trans({}, 'SchebTwoFactorBundle') }}
+        </div>
+      {% endif %}
+
+      <form class="auth-form" method="post" action="{{ path('2fa_login_check') }}">
+
+        <div class="auth-field">
+          <label for="auth-code" class="auth-label">Authentication Code</label>
+          <div class="auth-input-wrap">
+            <i class="fa fa-shield auth-input-icon"></i>
+            <input
+              type="text"
+              id="auth-code"
+              name="_auth_code"
+              class="auth-input auth-input--code"
+              inputmode="numeric"
+              pattern="[0-9]*"
+              maxlength="8"
+              autocomplete="one-time-code"
+              autofocus
+              required
+              placeholder="000000"
+            />
+          </div>
+          <p class="auth-field-hint">Or enter one of your backup codes.</p>
+        </div>
+
+        <button type="submit" class="auth-submit">
+          <i class="fa fa-check"></i> Verify
+        </button>
+      </form>
+
+      <form method="post" action="{{ path('MineSeekerBundle_logout') }}" class="auth-cancel-standalone">
+        <input type="hidden" name="_csrf_token" value="{{ csrf_token('logout') }}"/>
+        <button type="submit" class="auth-cancel auth-cancel--block">
+          <i class="fa fa-sign-out"></i> Cancel
+        </button>
+      </form>
+    </div>
+  </div>
+{% endblock %}