mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-07-12 20:16:21 +02:00
Code Issues Releases Wiki Activity

Remove documentation on half-baked support for multi-factor auth

Browse Source
This commit is contained in:
Marco
2017-08-03 22:02:09 +02:00
parent 59cd626bd0
commit e4f8673eab
1 changed files with 0 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
README.md
View File

@ -81,7 +81,6 @@ Migrating from an earlier version of this project? See our [upgrade guide](Migra
* [Creating a random string](#creating-a-random-string) * [Creating a random string](#creating-a-random-string)
* [Creating a UUID v4 as per RFC 4122](#creating-a-uuid-v4-as-per-rfc-4122) * [Creating a UUID v4 as per RFC 4122](#creating-a-uuid-v4-as-per-rfc-4122)
* [Reading and writing session data](#reading-and-writing-session-data) * [Reading and writing session data](#reading-and-writing-session-data)
* [Implementing multi-factor authentication](#implementing-multi-factor-authentication)
### Creating a new instance ### Creating a new instance
@ -805,24 +804,6 @@ $uuid = \Delight\Auth\Auth::createUuid();
For detailed information on how to read and write session data conveniently, please refer to [the documentation of the session library](https://github.com/delight-im/PHP-Cookie#reading-and-writing-session-data), which is included by default. For detailed information on how to read and write session data conveniently, please refer to [the documentation of the session library](https://github.com/delight-im/PHP-Cookie#reading-and-writing-session-data), which is included by default.
### Implementing multi-factor authentication
You can pass a callback, e.g. an anonymous function, to the two methods `login` or `loginWithUsername` as their fourth parameter. Such a callback could look like this:
```php
function ($userId) {
// ...
return false;
// or
// return true;
}
```
The callback will be executed if (and only if) authentication is successful, but it will run *right before* completing authentication. This lets you hook into the login flow.
In that callback, you receive the authenticating user's ID as the only parameter. Return `true` from the callback to let authentication proceed, or return `false` to cancel the attempt. Be ready to catch the `AttemptCancelledException` in the latter case.
## Frequently asked questions ## Frequently asked questions
### What about password hashing? ### What about password hashing?