Is there a possibility to make two factor authentication in Symfony 2 for REST API?
I would like to achieve sth like this:
- User in end point (mobile app) prepares dynamically login and password (based on some algorithm)
- User in end point requests an API interface, like /api/me?access_token=[ACEESTOKEN]
- In order to proceed user has to pass created login and password for Basic Auth.
- Symfony2 prepares login and password in the same way as mobile app and compares with the ones sent from mobile app.
- If it is OK, Symfony2 checks access_token (OAuth2 implemented with FOSOAuthServerBundle). If it is ok, provider receives User object based on access token, user is authenticated and can access api/me