You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Apr 19, 2025. It is now read-only.
Copy file name to clipboardExpand all lines: README.md
+2-15Lines changed: 2 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -268,7 +268,7 @@ The first route is the route the user will be redirected to once the two-factor
268
268
### Failed Verification Attempt Handling
269
269
The default behaviour is to redirect to the previous view with an error message in case token verification fails. However, there most likely are instances where you would like to handle a failed token verification attempt differently. For instance, in the case of _MessageBird_ a token can only be verified once. Any attempt with the same token after a first failed attempt will always throw a `TokenAlreadyProcessedException` and hence, it would make more sense to either redirect to the _/login_ route again to start the entire authentication process from scratch or to redirect to a view where a new token can be requested.
270
270
271
-
In order to change the default behaviour it is possible to specify either a `$redirectToAfterFailure` property or a protected `redirectToAfterFailure` method on your `TwoFactorAuthController`. If one of these is present (the method taking precedence over the property), the default behaviour is bypassed and the user will be redirected to the specified route. To give a simple example, suppose you simply want to redirect to the _'/login'_ route after a failed verification attempt you would structure your `TwoFactorAuthController` like:
271
+
In order to change the default behaviour it is possible to specify either a `$redirectToAfterFailure` property or a protected `redirectToAfterFailure` method on your `TwoFactorAuthController`. If one of these is present (the method taking precedence over the property), the default behaviour is bypassed and the user will be redirected to the specified route. To give a simple example, suppose you simply want to redirect to the _/login_ route after a failed verification attempt you would structure your `TwoFactorAuthController` like:
272
272
```php
273
273
<?php
274
274
@@ -282,20 +282,6 @@ class TwoFactorAuthController extends Controller
282
282
{
283
283
use TwoFactorAuthenticatesUsers;
284
284
285
-
/**
286
-
* The maximum number of attempts to allow.
287
-
*
288
-
* @var int
289
-
*/
290
-
protected $maxAttempts = 5;
291
-
292
-
/**
293
-
* The number of minutes to throttle for.
294
-
*
295
-
* @var int
296
-
*/
297
-
protected $decayMinutes = 1;
298
-
299
285
/**
300
286
* Where to redirect users after two-factor authentication passes.
301
287
*
@@ -311,6 +297,7 @@ class TwoFactorAuthController extends Controller
311
297
protected $redirectToAfterFailure = '/login';
312
298
}
313
299
```
300
+
Redirecting a user to a route for generating a fresh authentication token would require a bit more work, but certainly is possible this way.
314
301
315
302
## Using a Custom Provider
316
303
Since the v2.1.0 release it is possible to user your own custom provider. To do so your provider needs to implement `MichaelDzjap\TwoFactorAuth\Contracts\TwoFactorProvider` (and possibly `MichaelDzjap\TwoFactorAuth\Contracts\SMSToken` if you want to send the authentication token via SMS).
0 commit comments