I would like to receive some ideas for implementing our 2 steps login.
The process works as follow:
1. User insert username and password
2. If they are correct, an email with an unique token code are sent to the user mailbox. (double check for higher security)
3. User is forwarded to a "insert token code" page
4. If the token inserted by the user is correct, authentication is successfull and the user is forwarded to the required page.
I'm wondering which classes should I extend/rewrite to have this functionality integrated in Acegi and to maintain the Acegi flexible design.
I was thinking to extend AbstractProcessingFilter to manage a different form page and to handle my filter with a specific getDefaultFilterProcessesUrl().
But I don't know if it is a good idea to implement the attemptAuthentication() method throwing a new InsertTokenCodeAuthenticationException (class to be created) and where to manage this exception
thanks in advance,