Two factor (#47)

* init 2fa

* fix code style

resources/views/auth/reset-password.blade.php

@@ -1,14 +1,14 @@
 <x-guest-layout>
-    <form method="POST" action="{{ route('password.store') }}">
+    <form method="POST" action="{{ route('password.update') }}">
         @csrf
 
         <!-- Password Reset Token -->
-        <input type="hidden" name="token" value="{{ $request->route('token') }}">
+        <input type="hidden" name="token" value="{{ $token }}">
 
         <!-- Email Address -->
         <div>
             <x-input-label for="email" :value="__('Email')" />
-            <x-text-input id="email" class="block mt-1 w-full" type="email" name="email" :value="old('email', $request->email)" required autofocus autocomplete="username" />
+            <x-text-input id="email" class="block mt-1 w-full" type="email" name="email" :value="old('email', $email)" required autofocus autocomplete="username" />
             <x-input-error :messages="$errors->get('email')" class="mt-2" />
         </div>
 

resources/views/auth/two-factor-challenge.blade.php

@@ -0,0 +1,50 @@
+<x-guest-layout>
+    <div x-data="{recover: @if($errors->has('recovery_code')) true @else false @endif}">
+        <div x-show="recover">
+            <form method="POST">
+                @csrf
+                <div class="mb-4 text-sm text-gray-600 dark:text-gray-400">
+                    {{ __('Please enter your recovery code') }}
+                </div>
+
+                <div>
+                    <x-input-label for="recovery_code" :value="__('Recovery Code')" />
+                    <x-text-input id="recovery_code" class="block mt-1 w-full" type="text" name="recovery_code" required autofocus autocomplete="recovery_code" />
+                    <x-input-error :messages="$errors->get('recovery_code')" class="mt-2" />
+                </div>
+
+                <div class="flex items-center justify-end mt-4">
+                    <x-secondary-button class="mr-2" x-on:click="recover = false">
+                        {{  __('Login') }}
+                    </x-secondary-button>
+                    <x-primary-button type="submit">
+                        {{ __('Recover') }}
+                    </x-primary-button>
+                </div>
+            </form>
+        </div>
+        <div x-show="!recover">
+            <form method="POST">
+                @csrf
+                <div class="mb-4 text-sm text-gray-600 dark:text-gray-400">
+                    {{ __('Please confirm access to your account by entering the authentication code provided by your authenticator application.') }}
+                </div>
+
+                <div>
+                    <x-input-label for="code" :value="__('Code')" />
+                    <x-text-input id="code" class="block mt-1 w-full" type="text" name="code" required autofocus autocomplete="code" />
+                    <x-input-error :messages="$errors->get('code')" class="mt-2" />
+                </div>
+
+                <div class="flex items-center justify-end mt-4">
+                    <x-secondary-button class="mr-2" x-on:click="recover = true">
+                        {{  __('Recover') }}
+                    </x-secondary-button>
+                    <x-primary-button type="submit">
+                        {{ __('Login') }}
+                    </x-primary-button>
+                </div>
+            </form>
+        </div>
+    </div>
+</x-guest-layout>

resources/views/livewire/profile/two-factor-authentication.blade.php

@@ -0,0 +1,60 @@
+<x-card>
+    <x-slot name="title">
+        {{ __('Two Factor Authentication') }}
+    </x-slot>
+
+    <x-slot name="description">
+        {{ __('Here you can activate 2FA to secure your account') }}
+    </x-slot>
+
+    @if(! auth()->user()->two_factor_secret)
+        {{-- Enable 2FA --}}
+        <form method="POST" action="{{ route('two-factor.enable') }}">
+            @csrf
+
+            <x-primary-button type="submit">
+                {{ __('Enable Two-Factor') }}
+            </x-primary-button>
+        </form>
+    @else
+        {{-- Disable 2FA --}}
+        <form method="POST" action="{{ route('two-factor.disable') }}">
+            @csrf
+            @method('DELETE')
+
+            <x-danger-button type="submit">
+                {{ __('Disable Two-Factor') }}
+            </x-danger-button>
+        </form>
+
+        @if(session('status') == 'two-factor-authentication-enabled')
+            <div class="mt-5">
+                {{ __('Two factor authentication is now enabled. Scan the following QR code using your phone\'s authenticator application.') }}
+            </div>
+
+            <div class="mt-5">
+                {!! auth()->user()->twoFactorQrCodeSvg() !!}
+            </div>
+        @endif
+
+        {{-- Show 2FA Recovery Codes --}}
+        <div class="mt-5">
+            {{ __('Store these recovery codes in a secure password manager. They can be used to recover access to your account if your two factor authentication device is lost.') }}
+        </div>
+
+        <div class="mt-5 p-2 rounded-md border border-gray-100 dark:border-gray-700">
+            @foreach (json_decode(decrypt(auth()->user()->two_factor_recovery_codes), true) as $code)
+                <div class="mt-2">{{ $code }}</div>
+            @endforeach
+        </div>
+
+        {{-- Regenerate 2FA Recovery Codes --}}
+        <form class="mt-5" method="POST" action="{{ route('two-factor.recovery-codes') }}">
+            @csrf
+
+            <x-primary-button type="submit">
+                {{ __('Regenerate Recovery Codes') }}
+            </x-primary-button>
+        </form>
+        @endif
+</x-card>

resources/views/profile/index.blade.php

@@ -4,4 +4,6 @@
     <livewire:profile.update-profile-information />
 
     <livewire:profile.update-password />
+
+    <livewire:profile.two-factor-authentication />
 </x-profile-layout>