Add option to skip combined login method
Someone may want to setup 2FA for example password+sms but when user is in the company network we do not need to send an SMS (because it can be expensive and annoying).
So I propose to add options to login method that define condition for which the authentication method can be skipped. In standard I see ip_address
and device_cookie
as options. For ip_address
there will be a configuration option to define a list of network.