├── LICENSE
├── Mailer
    ├── AuthCodeMailerInterface.php
    └── SymfonyAuthCodeMailer.php
├── Model
    └── Email
    │   └── TwoFactorInterface.php
├── README.md
├── Security
    └── TwoFactor
    │   ├── Event
    │       └── EmailCodeEvents.php
    │   └── Provider
    │       └── Email
    │           ├── EmailTwoFactorProvider.php
    │           └── Generator
    │               ├── CodeGenerator.php
    │               └── CodeGeneratorInterface.php
└── composer.json


/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2024 Christian Scheb
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of
 6 | this software and associated documentation files (the "Software"), to deal in
 7 | the Software without restriction, including without limitation the rights to
 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
 9 | the Software, and to permit persons to whom the Software is furnished to do so,
10 | subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21 | 


--------------------------------------------------------------------------------
/Mailer/AuthCodeMailerInterface.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Mailer;
 6 | 
 7 | use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
 8 | 
 9 | interface AuthCodeMailerInterface
10 | {
11 |     /**
12 |      * Send the auth code to the user via email.
13 |      */
14 |     public function sendAuthCode(TwoFactorInterface $user): void;
15 | }
16 | 


--------------------------------------------------------------------------------
/Mailer/SymfonyAuthCodeMailer.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Mailer;
 6 | 
 7 | use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
 8 | use Symfony\Component\Mailer\MailerInterface;
 9 | use Symfony\Component\Mime\Address;
10 | use Symfony\Component\Mime\Email;
11 | 
12 | /**
13 |  * @final
14 |  */
15 | class SymfonyAuthCodeMailer implements AuthCodeMailerInterface
16 | {
17 |     private Address|string|null $senderAddress = null;
18 | 
19 |     public function __construct(
20 |         private readonly MailerInterface $mailer,
21 |         string|null $senderEmail,
22 |         string|null $senderName,
23 |     ) {
24 |         if (null !== $senderEmail && null !== $senderName) {
25 |             $this->senderAddress = new Address($senderEmail, $senderName);
26 |         } elseif (null !== $senderEmail && $senderEmail) {
27 |             $this->senderAddress = $senderEmail;
28 |         }
29 |     }
30 | 
31 |     public function sendAuthCode(TwoFactorInterface $user): void
32 |     {
33 |         $authCode = $user->getEmailAuthCode();
34 |         if (null === $authCode) {
35 |             return;
36 |         }
37 | 
38 |         $message = new Email();
39 |         $message
40 |             ->to($user->getEmailAuthRecipient())
41 |             ->subject('Authentication Code')
42 |             ->text($authCode);
43 | 
44 |         if (null !== $this->senderAddress) {
45 |             $message->from($this->senderAddress);
46 |         }
47 | 
48 |         $this->mailer->send($message);
49 |     }
50 | }
51 | 


--------------------------------------------------------------------------------
/Model/Email/TwoFactorInterface.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Model\Email;
 6 | 
 7 | interface TwoFactorInterface
 8 | {
 9 |     /**
10 |      * Return true if the user should do two-factor authentication.
11 |      */
12 |     public function isEmailAuthEnabled(): bool;
13 | 
14 |     /**
15 |      * Return user email address.
16 |      */
17 |     public function getEmailAuthRecipient(): string;
18 | 
19 |     /**
20 |      * Return the authentication code.
21 |      */
22 |     public function getEmailAuthCode(): string|null;
23 | 
24 |     /**
25 |      * Set the authentication code.
26 |      */
27 |     public function setEmailAuthCode(string $authCode): void;
28 | }
29 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | scheb/2fa-email
 2 | ===============
 3 | 
 4 | [![Build Status](https://github.com/scheb/2fa/actions/workflows/ci.yaml/badge.svg?branch=7.x)](https://github.com/scheb/2fa/actions?query=workflow%3ACI+branch%3A7.x)
 5 | [![Code Coverage](https://codecov.io/gh/scheb/2fa/branch/7.x/graph/badge.svg)](https://app.codecov.io/gh/scheb/2fa/branch/7.x)
 6 | [![Latest Stable Version](https://img.shields.io/packagist/v/scheb/2fa-email)](https://packagist.org/packages/scheb/2fa-email)
 7 | [![Monthly Downloads](https://img.shields.io/packagist/dm/scheb/2fa-email)](https://packagist.org/packages/scheb/2fa-email/stats)
 8 | [![Total Downloads](https://img.shields.io/packagist/dt/scheb/2fa-email)](https://packagist.org/packages/scheb/2fa-email/stats)
 9 | [![License](https://poser.pugx.org/scheb/2fa-email/license.svg)](https://packagist.org/packages/scheb/2fa-email)
10 | 
11 | This package extends [scheb/2fa-bundle](https://github.com/scheb/2fa-bundle) with two-factor authentication via email.
12 | 
13 | ---
14 | 
15 | This repository is a sub-repository of [scheb/2fa](https://github.com/scheb/2fa) and is **READ ONLY**.
16 | 
17 | **Please do not submit any Pull Request here.** Use the [main repository](https://github.com/scheb/2fa) instead.
18 | 
19 | Installation
20 | ------------
21 | Please follow the [bundle's installation instructions](https://symfony.com/bundles/SchebTwoFactorBundle/7.x/installation.html).
22 | 
23 | Documentation
24 | -------------
25 | Documentation can be found on the
26 | [Symfony Bundles Documentation](https://symfony.com/bundles/SchebTwoFactorBundle/7.x/index.html) website.
27 | 
28 | License
29 | -------
30 | This software is available under the [MIT license](LICENSE).
31 | 


--------------------------------------------------------------------------------
/Security/TwoFactor/Event/EmailCodeEvents.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Security\TwoFactor\Event;
 6 | 
 7 | /**
 8 |  * @final
 9 |  */
10 | class EmailCodeEvents
11 | {
12 |     /**
13 |      * When a code was sent by the email provider.
14 |      */
15 |     public const SENT = 'scheb_two_factor.provider.email.sent';
16 | 
17 |     /**
18 |      * When a code is about to be checked by the email provider.
19 |      */
20 |     public const CHECK = 'scheb_two_factor.provider.email.check';
21 | 
22 |     /**
23 |      * When the code was deemed to be valid by the email provider.
24 |      */
25 |     public const VALID = 'scheb_two_factor.provider.email.valid';
26 | 
27 |     /**
28 |      * When the code was deemed to be invalid by the email provider.
29 |      */
30 |     public const INVALID = 'scheb_two_factor.provider.email.invalid';
31 | }
32 | 


--------------------------------------------------------------------------------
/Security/TwoFactor/Provider/Email/EmailTwoFactorProvider.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Email;
 6 | 
 7 | use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
 8 | use Scheb\TwoFactorBundle\Security\TwoFactor\AuthenticationContextInterface;
 9 | use Scheb\TwoFactorBundle\Security\TwoFactor\Event\EmailCodeEvents;
10 | use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorCodeEvent;
11 | use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Email\Generator\CodeGeneratorInterface;
12 | use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\TwoFactorFormRendererInterface;
13 | use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\TwoFactorProviderInterface;
14 | use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
15 | use function str_replace;
16 | 
17 | /**
18 |  * @final
19 |  */
20 | class EmailTwoFactorProvider implements TwoFactorProviderInterface
21 | {
22 |     public function __construct(
23 |         private readonly CodeGeneratorInterface $codeGenerator,
24 |         private readonly TwoFactorFormRendererInterface $formRenderer,
25 |         private readonly EventDispatcherInterface $eventDispatcher,
26 |     ) {
27 |     }
28 | 
29 |     public function beginAuthentication(AuthenticationContextInterface $context): bool
30 |     {
31 |         // Check if user can do email authentication
32 |         $user = $context->getUser();
33 | 
34 |         return $user instanceof TwoFactorInterface && $user->isEmailAuthEnabled();
35 |     }
36 | 
37 |     public function prepareAuthentication(object $user): void
38 |     {
39 |         if (!($user instanceof TwoFactorInterface)) {
40 |             return;
41 |         }
42 | 
43 |         $this->codeGenerator->generateAndSend($user);
44 | 
45 |         $event = new TwoFactorCodeEvent($user, $user->getEmailAuthCode() ?? '');
46 |         $this->eventDispatcher->dispatch($event, EmailCodeEvents::SENT);
47 |     }
48 | 
49 |     public function validateAuthenticationCode(object $user, string $authenticationCode): bool
50 |     {
51 |         if (!($user instanceof TwoFactorInterface)) {
52 |             return false;
53 |         }
54 | 
55 |         $event = new TwoFactorCodeEvent($user, $authenticationCode);
56 |         $this->eventDispatcher->dispatch($event, EmailCodeEvents::CHECK);
57 | 
58 |         // Strip any user added spaces
59 |         $authenticationCode = str_replace(' ', '', $authenticationCode);
60 |         $isValid = $user->getEmailAuthCode() === $authenticationCode;
61 |         $this->eventDispatcher->dispatch($event, $isValid ? EmailCodeEvents::VALID : EmailCodeEvents::INVALID);
62 | 
63 |         return $isValid;
64 |     }
65 | 
66 |     public function getFormRenderer(): TwoFactorFormRendererInterface
67 |     {
68 |         return $this->formRenderer;
69 |     }
70 | }
71 | 


--------------------------------------------------------------------------------
/Security/TwoFactor/Provider/Email/Generator/CodeGenerator.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Email\Generator;
 6 | 
 7 | use Scheb\TwoFactorBundle\Mailer\AuthCodeMailerInterface;
 8 | use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
 9 | use Scheb\TwoFactorBundle\Model\PersisterInterface;
10 | use function random_int;
11 | 
12 | /**
13 |  * @final
14 |  */
15 | class CodeGenerator implements CodeGeneratorInterface
16 | {
17 |     public function __construct(
18 |         private readonly PersisterInterface $persister,
19 |         private readonly AuthCodeMailerInterface $mailer,
20 |         private readonly int $digits,
21 |     ) {
22 |     }
23 | 
24 |     public function generateAndSend(TwoFactorInterface $user): void
25 |     {
26 |         $min = 10 ** ($this->digits - 1);
27 |         $max = 10 ** $this->digits - 1;
28 |         $code = $this->generateCode($min, $max);
29 |         $user->setEmailAuthCode((string) $code);
30 |         $this->persister->persist($user);
31 |         $this->mailer->sendAuthCode($user);
32 |     }
33 | 
34 |     public function reSend(TwoFactorInterface $user): void
35 |     {
36 |         $this->mailer->sendAuthCode($user);
37 |     }
38 | 
39 |     protected function generateCode(int $min, int $max): int
40 |     {
41 |         return random_int($min, $max);
42 |     }
43 | }
44 | 


--------------------------------------------------------------------------------
/Security/TwoFactor/Provider/Email/Generator/CodeGeneratorInterface.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | declare(strict_types=1);
 4 | 
 5 | namespace Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Email\Generator;
 6 | 
 7 | use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
 8 | 
 9 | interface CodeGeneratorInterface
10 | {
11 |     /**
12 |      * Generate a new authentication code an send it to the user.
13 |      */
14 |     public function generateAndSend(TwoFactorInterface $user): void;
15 | }
16 | 


--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "name": "scheb/2fa-email",
 3 |     "type": "library",
 4 |     "description": "Extends scheb/2fa-bundle with two-factor authentication via email",
 5 |     "keywords": ["2fa", "two-factor", "two-step", "authentication", "symfony", "email"],
 6 |     "homepage": "https://github.com/scheb/2fa",
 7 |     "license": "MIT",
 8 |     "authors": [
 9 |         {
10 |             "name": "Christian Scheb",
11 |             "email": "me@christianscheb.de"
12 |         }
13 |     ],
14 |     "require": {
15 |         "php": "~8.2.0 || ~8.3.0 || ~8.4.0",
16 |         "scheb/2fa-bundle": "self.version"
17 |     },
18 |     "autoload": {
19 |         "psr-4": {
20 |             "Scheb\\TwoFactorBundle\\": ""
21 |         }
22 |     }
23 | }
24 | 


--------------------------------------------------------------------------------