Move trait to form-request

pushpak1300 · pushpak1300 · commit aeffd88af1f4 · 2025-08-28T18:44:06.000+05:30
diff --git a/app/Http/Controllers/Concerns/ConfirmsTwoFactorAuthentication.php b/app/Http/Controllers/Concerns/ConfirmsTwoFactorAuthentication.php
diff --git a/app/Http/Controllers/Settings/TwoFactorAuthenticationController.php b/app/Http/Controllers/Settings/TwoFactorAuthenticationController.php
@@ -2,10 +2,8 @@
 
 namespace App\Http\Controllers\Settings;
 
-use App\Http\Controllers\Concerns\ConfirmsTwoFactorAuthentication;
 use App\Http\Controllers\Controller;
-use Illuminate\Http\Request;
-use Illuminate\Http\Response as HttpResponse;
+use App\Http\Requests\Auth\TwoFactorAuthenticationRequest;
 use Illuminate\Routing\Controllers\HasMiddleware;
 use Illuminate\Routing\Controllers\Middleware;
 use Inertia\Inertia;
@@ -14,8 +12,6 @@
 
 class TwoFactorAuthenticationController extends Controller implements HasMiddleware
 {
-    use ConfirmsTwoFactorAuthentication;
-
     /**
      * Get the middleware that should be assigned to the controller.
      */
@@ -29,15 +25,9 @@ public static function middleware(): array
     /**
      * Show the user's two-factor authentication settings page.
      */
-    public function show(Request $request): Response
+    public function show(TwoFactorAuthenticationRequest $request): Response
     {
-        abort_if(
-            ! Features::enabled(Features::twoFactorAuthentication()),
-            HttpResponse::HTTP_FORBIDDEN,
-            'Two factor authentication is disabled.'
-        );
-
-        $this->validateTwoFactorAuthenticationState($request);
+        $request->validateState();
 
         return Inertia::render('settings/TwoFactor', [
             'requiresConfirmation' => Features::optionEnabled(Features::twoFactorAuthentication(), 'confirm'),
diff --git a/app/Http/Requests/Auth/TwoFactorAuthenticationRequest.php b/app/Http/Requests/Auth/TwoFactorAuthenticationRequest.php
@@ -0,0 +1,89 @@
+<?php
+
+namespace App\Http\Requests\Auth;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Auth;
+use Laravel\Fortify\Actions\DisableTwoFactorAuthentication;
+use Laravel\Fortify\Features;
+
+class TwoFactorAuthenticationRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return Features::enabled(Features::twoFactorAuthentication());
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [];
+    }
+
+    /**
+     * Validate the two-factor authentication state for the request.
+     */
+    public function validateState(): void
+    {
+        if (! Features::optionEnabled(Features::twoFactorAuthentication(), 'confirm')) {
+            return;
+        }
+
+        $currentTime = time();
+
+        // Notate totally disabled state in session...
+        if ($this->twoFactorAuthenticationDisabled()) {
+            $this->session()->put('two_factor_empty_at', $currentTime);
+        }
+
+        // If was previously totally disabled this session but is now confirming, notate time...
+        if ($this->hasJustBegunConfirmingTwoFactorAuthentication()) {
+            $this->session()->put('two_factor_confirming_at', $currentTime);
+        }
+
+        // If the profile is reloaded and is not confirmed but was previously in confirming state, disable...
+        if ($this->neverFinishedConfirmingTwoFactorAuthentication($currentTime)) {
+            app(DisableTwoFactorAuthentication::class)(Auth::user());
+
+            $this->session()->put('two_factor_empty_at', $currentTime);
+            $this->session()->remove('two_factor_confirming_at');
+        }
+    }
+
+    /**
+     * Determine if two-factor authentication is totally disabled.
+     */
+    protected function twoFactorAuthenticationDisabled(): bool
+    {
+        return is_null($this->user()->two_factor_secret) &&
+            is_null($this->user()->two_factor_confirmed_at);
+    }
+
+    /**
+     * Determine if two-factor authentication is just now being confirmed within the last request cycle.
+     */
+    protected function hasJustBegunConfirmingTwoFactorAuthentication(): bool
+    {
+        return ! is_null($this->user()->two_factor_secret) &&
+            is_null($this->user()->two_factor_confirmed_at) &&
+            $this->session()->has('two_factor_empty_at') &&
+            is_null($this->session()->get('two_factor_confirming_at'));
+    }
+
+    /**
+     * Determine if two-factor authentication was never totally confirmed once confirmation started.
+     */
+    protected function neverFinishedConfirmingTwoFactorAuthentication(int $currentTime): bool
+    {
+        return ! array_key_exists('code', $this->session()->getOldInput()) &&
+            is_null($this->user()->two_factor_confirmed_at) &&
+            $this->session()->get('two_factor_confirming_at', 0) != $currentTime;
+    }
+}
diff --git a/app/Providers/FortifyServiceProvider.php b/app/Providers/FortifyServiceProvider.php
@@ -24,12 +24,12 @@ public function register(): void
      */
     public function boot(): void
     {
-        Fortify::twoFactorChallengeView(fn() => Inertia::render('auth/TwoFactorChallenge'));
+        Fortify::twoFactorChallengeView(fn () => Inertia::render('auth/TwoFactorChallenge'));
 
-        Fortify::confirmPasswordView(fn() => Inertia::render('auth/ConfirmPassword'));
+        Fortify::confirmPasswordView(fn () => Inertia::render('auth/ConfirmPassword'));
 
         RateLimiter::for(
             'two-factor',
-            fn(Request $request) => Limit::perMinute(5)->by($request->session()->get('login.id')));
+            fn (Request $request) => Limit::perMinute(5)->by($request->session()->get('login.id')));
     }
 }
diff --git a/tests/Feature/Auth/PasswordResetTest.php b/tests/Feature/Auth/PasswordResetTest.php
@@ -38,10 +38,17 @@ public function test_reset_password_screen_can_be_rendered()
 
         $this->post(route('password.email'), ['email' => $user->email]);
 
-        Notification::assertSentTo($user, ResetPassword::class, function ($notification) {
-            $response = $this->get(route('password.request', $notification->token));
-
-            $response->assertStatus(200);
+        Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) {
+            $response = $this->get(route('password.reset', $notification->token) . '?email=' . $user->email);
+
+            $response->assertStatus(200)
+                ->assertInertia(fn ($page) => $page
+                    ->component('auth/ResetPassword')
+                    ->has('email')
+                    ->has('token')
+                    ->where('email', $user->email)
+                    ->where('token', $notification->token)
+                );
 
             return true;
         });

Original file line number	Diff line number	Diff line change
`@@ -24,12 +24,12 @@ public function register(): void`
`24`	`24`	`*/`
`25`	`25`	`public function boot(): void`
`26`	`26`	`{`
`27`		`- Fortify::twoFactorChallengeView(fn() => Inertia::render('auth/TwoFactorChallenge'));`
	`27`	`+ Fortify::twoFactorChallengeView(fn () => Inertia::render('auth/TwoFactorChallenge'));`
`28`	`28`
`29`		`- Fortify::confirmPasswordView(fn() => Inertia::render('auth/ConfirmPassword'));`
	`29`	`+ Fortify::confirmPasswordView(fn () => Inertia::render('auth/ConfirmPassword'));`
`30`	`30`
`31`	`31`	`RateLimiter::for(`
`32`	`32`	`'two-factor',`
`33`		`- fn(Request $request) => Limit::perMinute(5)->by($request->session()->get('login.id')));`
	`33`	`+ fn (Request $request) => Limit::perMinute(5)->by($request->session()->get('login.id')));`
`34`	`34`	`}`
`35`	`35`	`}`