| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- Two Step Validation (with Google Authenticator)
- ===============================================
- The SonataUserBundle provides an optional layer of security by including a support for a Two Step Validation process.
- When the option is enabled, the login process is done with the following workflow :
- * the user enters the login and password
- * if the user get the correct credentials, then
- * a code validation form is diplayed
- * at this point the user must enter a time based code provided by the Google Authenticator application
- * the code is valid only once per minute
- So if your login and password are compromised then the hacker must also hold your phone!
- Installation
- ------------
- Add the following lines to the file ``deps``::
- [GoogleAuthenticator]
- git=git://github.com/rande/GoogleAuthenticator.php.git
- target=/google-authenticator
- Update the autoload.php file::
- // app/autoload.php
- $loader->registerNamespaces(array(
- // ...
- 'Google' => __DIR__.'/../vendor/google-authenticator/lib'
- // ...
- ));
- Edit the configuration file
- .. code-block:: yaml
- # app/config/config.yml
- sonata_user:
- google_authenticator:
- enabled: true
- server: yourserver.com
- Now if the ``User::twoStepVerificationCode`` property is not null, then a second form will be displayed.
|
