various formatting tweaks

Author: taylorotwell

app/Http/Controllers/Auth/AuthenticatedSessionController.php

@@ -38,7 +38,7 @@ public function store(LoginRequest $request): RedirectResponse
                 'login.remember' => $request->boolean('remember'),
             ]);
 
-            return redirect()->route('two-factor.login');
+            return to_route('two-factor.login');
         }
 
         Auth::login($user, $request->boolean('remember'));

app/Http/Controllers/Settings/TwoFactorAuthenticationController.php

@@ -30,8 +30,8 @@ public function show(TwoFactorAuthenticationRequest $request): Response
         $request->validateState();
 
         return Inertia::render('settings/TwoFactor', [
-            'requiresConfirmation' => Features::optionEnabled(Features::twoFactorAuthentication(), 'confirm'),
             'twoFactorEnabled' => $request->user()->hasEnabledTwoFactorAuthentication(),
+            'requiresConfirmation' => Features::optionEnabled(Features::twoFactorAuthentication(), 'confirm'),
         ]);
     }
 }

app/Http/Requests/Auth/TwoFactorAuthenticationRequest.php

@@ -38,17 +38,14 @@ public function validateState(): void
 
         $currentTime = time();
 
-        // Notate totally disabled state in session...
         if ($this->twoFactorAuthenticationDisabled()) {
             $this->session()->put('two_factor_empty_at', $currentTime);
         }
 
-        // If was previously totally disabled this session but is now confirming, notate time...
         if ($this->hasJustBegunConfirmingTwoFactorAuthentication()) {
             $this->session()->put('two_factor_confirming_at', $currentTime);
         }
 
-        // If the profile is reloaded and is not confirmed but was previously in confirming state, disable...
         if ($this->neverFinishedConfirmingTwoFactorAuthentication($currentTime)) {
             app(DisableTwoFactorAuthentication::class)(Auth::user());
 
@@ -67,7 +64,7 @@ protected function twoFactorAuthenticationDisabled(): bool
     }
 
     /**
-     * Determine if two-factor authentication is just now being confirmed within the last request cycle.
+     * Determine if two-factor authentication is being confirmed within the last request cycle.
      */
     protected function hasJustBegunConfirmingTwoFactorAuthentication(): bool
     {

app/Providers/FortifyServiceProvider.php

@@ -25,12 +25,10 @@ public function register(): void
     public function boot(): void
     {
         Fortify::twoFactorChallengeView(fn () => Inertia::render('auth/TwoFactorChallenge'));
-
         Fortify::confirmPasswordView(fn () => Inertia::render('auth/ConfirmPassword'));
 
-        RateLimiter::for(
-            'two-factor',
-            fn (Request $request) => Limit::perMinute(5)->by($request->session()->get('login.id'))
-        );
+        RateLimiter::for('two-factor', function (Request $request) {
+            return Limit::perMinute(5)->by($request->session()->get('login.id'));
+        });
     }
 }

database/migrations/2025_08_14_170933_add_two_factor_columns_to_users_table.php

@@ -12,17 +12,9 @@
     public function up(): void
     {
         Schema::table('users', function (Blueprint $table) {
-            $table->text('two_factor_secret')
-                ->after('password')
-                ->nullable();
-
-            $table->text('two_factor_recovery_codes')
-                ->after('two_factor_secret')
-                ->nullable();
-
-            $table->timestamp('two_factor_confirmed_at')
-                ->after('two_factor_recovery_codes')
-                ->nullable();
+            $table->text('two_factor_secret')->after('password')->nullable();
+            $table->text('two_factor_recovery_codes')->after('two_factor_secret')->nullable();
+            $table->timestamp('two_factor_confirmed_at')->after('two_factor_recovery_codes')->nullable();
         });
     }
 

resources/js/components/TwoFactorSetupModal.vue

@@ -30,8 +30,8 @@ const pinInputContainerRef = ref<HTMLElement | null>(null);
 const modalConfig = computed<{ title: string; description: string; buttonText: string }>(() => {
     if (props.twoFactorEnabled) {
         return {
-            title: 'You have enabled two factor authentication.',
-            description: 'Two factor authentication is now enabled, scan the QR code or enter the setup key in authenticator app.',
+            title: 'Two-Factor Authentication Enabled',
+            description: 'Two-factor authentication is now enabled. Scan the QR code or enter the setup key in your authenticator app.',
             buttonText: 'Close',
         };
     }
@@ -45,8 +45,8 @@ const modalConfig = computed<{ title: string; description: string; buttonText: s
     }
 
     return {
-        title: 'Turn on 2-step Verification',
-        description: 'To finish enabling two factor authentication, scan the QR code or enter the setup key in authenticator app',
+        title: 'Enable Two-Factor Authentication',
+        description: 'To finish enabling two-factor authentication, scan the QR code or enter the setup key in your authenticator app',
         buttonText: 'Continue',
     };
 });

resources/js/pages/auth/TwoFactorChallenge.vue

@@ -44,7 +44,7 @@ const codeValue = computed<string>(() => code.value.join(''));
 
 <template>
     <AuthLayout :title="authConfigContent.title" :description="authConfigContent.description">
-        <Head title="Two Factor Authentication" />
+        <Head title="Two-Factor Authentication" />
 
         <div class="space-y-6">
             <template v-if="!showRecoveryInput">

resources/js/pages/settings/TwoFactor.vue

@@ -47,9 +47,10 @@ onUnmounted(() => {
 
                 <div v-if="!twoFactorEnabled" class="flex flex-col items-start justify-start space-y-4">
                     <Badge variant="destructive">Disabled</Badge>
+
                     <p class="text-muted-foreground">
-                        When you enable 2FA, you'll be prompted for a secure code during login, which can be retrieved from your phone's TOTP
-                        supported app.
+                        When you enable two-factor authentication, you will be prompted for a secure pin during login. This pin can
+                        be retrieved from a TOTP-supported application on your phone.
                     </p>
 
                     <div>
@@ -62,9 +63,10 @@ onUnmounted(() => {
 
                 <div v-else class="flex flex-col items-start justify-start space-y-4">
                     <Badge variant="default">Enabled</Badge>
+
                     <p class="text-muted-foreground">
-                        With two factor authentication enabled, you'll be prompted for a secure, random token during login, which you can retrieve
-                        from your TOTP Authenticator app.
+                        With two-factor authentication enabled, you will be prompted for a secure, random pin during login, which you
+                        can retrieve from the TOTP-supported application on your phone.
                     </p>
 
                     <TwoFactorRecoveryCodes />

tests/Feature/Auth/AuthenticationTest.php

@@ -34,7 +34,7 @@ public function test_users_can_authenticate_using_the_login_screen()
     public function test_users_with_two_factor_enabled_are_redirected_to_two_factor_challenge()
     {
         if (! Features::canManageTwoFactorAuthentication()) {
-            $this->markTestSkipped('Two factor authentication is not enabled.');
+            $this->markTestSkipped('Two-factor authentication is not enabled.');
         }
 
         Features::twoFactorAuthentication([

tests/Feature/Auth/PasswordConfirmationTest.php

@@ -26,6 +26,7 @@ public function test_confirm_password_screen_can_be_rendered()
     public function test_password_confirmation_requires_authentication()
     {
         $response = $this->get(route('password.confirm'));
+
         $response->assertRedirect(route('login'));
     }
 }