Configure authenticator priority lower than any official authenticator (#265)

Author: scheb

UPGRADE.md

@@ -3,6 +3,14 @@ Upgrading
 
 Here's an overview if you have to do any work when upgrading.
 
+7.x to 8.x
+----------
+
+Priority of the two-factor authenticator has changed from `0` to `-100`. Please make sure your authentication system
+is still working fine, especially when you're using custom (non-official) authenticators. You might need to adjust
+the priority of your custom authenticator.
+
+
 6.x to 7.x
 ----------
 

src/bundle/DependencyInjection/Factory/Security/TwoFactorFactory.php

@@ -18,6 +18,7 @@
  */
 class TwoFactorFactory implements FirewallListenerFactoryInterface, AuthenticatorFactoryInterface
 {
+    public const AUTHENTICATOR_PRIORITY = -100;
     public const AUTHENTICATION_PROVIDER_KEY = 'two_factor';
 
     public const DEFAULT_CHECK_PATH = '/2fa_check';
@@ -172,6 +173,7 @@ public function getKey(): string
 
     public function getPriority(): int
     {
-        return 0;
+        // Lower than the lowest "official" authenticator HttpBasicFactory (-50)
+        return self::AUTHENTICATOR_PRIORITY;
     }
 }