Use ensure state is valid from Fortify

Author: pushpak1300

app/Http/Controllers/Settings/TwoFactorAuthenticationController.php

@@ -27,7 +27,7 @@ public static function middleware(): array
      */
     public function show(TwoFactorAuthenticationRequest $request): Response
     {
-        $request->validateState();
+        $request->ensureStateIsValid();
 
         return Inertia::render('settings/TwoFactor', [
             'twoFactorEnabled' => $request->user()->hasEnabledTwoFactorAuthentication(),

app/Http/Requests/Auth/TwoFactorAuthenticationRequest.php

@@ -3,12 +3,13 @@
 namespace App\Http\Requests\Auth;
 
 use Illuminate\Foundation\Http\FormRequest;
-use Illuminate\Support\Facades\Auth;
-use Laravel\Fortify\Actions\DisableTwoFactorAuthentication;
 use Laravel\Fortify\Features;
+use Laravel\Fortify\InteractsWithTwoFactorState;
 
 class TwoFactorAuthenticationRequest extends FormRequest
 {
+    use InteractsWithTwoFactorState;
+
     /**
      * Determine if the user is authorized to make this request.
      */
@@ -26,61 +27,4 @@ public function rules(): array
     {
         return [];
     }
-
-    /**
-     * Validate the two-factor authentication state for the request.
-     */
-    public function validateState(): void
-    {
-        if (! Features::optionEnabled(Features::twoFactorAuthentication(), 'confirm')) {
-            return;
-        }
-
-        $currentTime = time();
-
-        if ($this->twoFactorAuthenticationDisabled()) {
-            $this->session()->put('two_factor_empty_at', $currentTime);
-        }
-
-        if ($this->hasJustBegunConfirmingTwoFactorAuthentication()) {
-            $this->session()->put('two_factor_confirming_at', $currentTime);
-        }
-
-        if ($this->neverFinishedConfirmingTwoFactorAuthentication($currentTime)) {
-            app(DisableTwoFactorAuthentication::class)(Auth::user());
-
-            $this->session()->put('two_factor_empty_at', $currentTime);
-            $this->session()->remove('two_factor_confirming_at');
-        }
-    }
-
-    /**
-     * Determine if two-factor authentication is totally disabled.
-     */
-    protected function twoFactorAuthenticationDisabled(): bool
-    {
-        return is_null($this->user()->two_factor_secret) &&
-            is_null($this->user()->two_factor_confirmed_at);
-    }
-
-    /**
-     * Determine if two-factor authentication is being confirmed within the last request cycle.
-     */
-    protected function hasJustBegunConfirmingTwoFactorAuthentication(): bool
-    {
-        return ! is_null($this->user()->two_factor_secret) &&
-            is_null($this->user()->two_factor_confirmed_at) &&
-            $this->session()->has('two_factor_empty_at') &&
-            is_null($this->session()->get('two_factor_confirming_at'));
-    }
-
-    /**
-     * Determine if two-factor authentication was never totally confirmed once confirmation started.
-     */
-    protected function neverFinishedConfirmingTwoFactorAuthentication(int $currentTime): bool
-    {
-        return ! array_key_exists('code', $this->session()->getOldInput()) &&
-            is_null($this->user()->two_factor_confirmed_at) &&
-            $this->session()->get('two_factor_confirming_at', 0) != $currentTime;
-    }
 }

tests/Feature/Auth/PasswordResetTest.php

@@ -39,7 +39,7 @@ public function test_reset_password_screen_can_be_rendered()
         $this->post(route('password.email'), ['email' => $user->email]);
 
         Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) {
-            $response = $this->get(route('password.reset', $notification->token) . '?email=' . $user->email);
+            $response = $this->get(route('password.reset', $notification->token).'?email='.$user->email);
 
             $response->assertStatus(200)
                 ->assertInertia(fn ($page) => $page