# See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/6.x/configuration.html
scheb_two_factor:

    google:
        enabled: true                   # If Google Authenticator should be enabled, default false
        server_name: '$$DOMAIN$$'       # This field is replaced by the domain name of the server in DecoratedGoogleAuthenticator
        issuer: '%partdb.title%'        # Issuer name used in QR code
        digits: 6                       # Number of digits in authentication code
        leeway: 5                       # Acceptable time drift in seconds
        template: security/2fa_form.html.twig

    backup_codes:
        enabled: true  # If the backup code feature should be enabled

    trusted_device:
        enabled: true                  # If the trusted device feature should be enabled
        lifetime: 5184000              # Lifetime of the trusted device token
        extend_lifetime: false         # Automatically extend lifetime of the trusted cookie on re-login
        cookie_name: trusted_device    # Name of the trusted device cookie
        cookie_secure: false           # Set the 'Secure' (HTTPS Only) flag on the trusted device cookie
        cookie_same_site: "lax"        # The same-site option of the cookie, can be "lax" or "strict"

    security_tokens:
        - Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
        # If you're using guard-based authentication, you have to use this one:
        # - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken
        # If you're using authenticator-based security (introduced in Symfony 5.1), you have to use this one:
        - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken