在Symfony2中通过一个字段进行身份验证并确认

i'm need create authentication in one of projects, but simple login/password not suitable. Needs stepwise authentication: 1'st - user enter its phone number - check if user exists, then to phone send sms and open next form, else show message; 2'st - form with code input, user enter obtained code - check if code equals generated then authenticate user, else send again.

As sample i thought get phone data in custom controller and if user finded show him form the similarity:

<form action="{{ path('login_check') }}" method="post">
    <input type="hidden" id="username" name="_username" value="{{ user_phone }}" />
    <label for="password">Code:</label>
    <input type="text" id="password" name="_password" value="" />
    <input type="submit" name="login" />
</form>

But i do not like this option. Perhaps somebody tell more beautiful version?)

I didn't use this solution, but I think that can help you

How to go back to referer after login failure?

This answer shows how to use in case of "login-failure", but the login options has a "success_handler: some.service.id". Check the website below to see the options of the " app/config/security.yml"

http://symfony.com/doc/current/reference/configuration/security.html

Good luck

I this case you need to create two firewall with different patterns in your security.yml:

firewall:
    phone:
       pattern: ^/phoneauth/login$
       form_login:
          provider: phone_auth_provider
          check_path: your_login_check_path
       context: same_unique_name
       ...
    code:
       pattern: ^/codeauth/login$
       form_login
          provider: code_auth_provider
          check_path: your_login_check_path
       context: same_unique_name
       ...

Now you need to create two custom providers, one for phoneauth and another for codeauth In the phoneauth you just need to create a query to search for the phone number if the phone number exists it should return the User object otherwise do your process for sending SMS and base on your message which you return you can redirect it to the codeauth login page.
In the codeauth provider which is somewhat similar to the previous provider you can create query to search for the entered code and if it's found it will return the user object.

For more helps check below links:

Authenticate someone with a custom entity provider
Multi firewall configuration in security.yml