add optional method parameter when confirming 2fa

emargareten · emargareten · commit 82af1f13ab32 · 2023-03-02T14:31:52.000+02:00
diff --git a/README.md b/README.md
@@ -78,8 +78,9 @@ class TwoFactorAuthenticationController extends Controller
 }
 ```
 
-After enabling two-factor authentication,
-the user must still "confirm" their two-factor authentication configuration by providing a valid two-factor authentication code. You should provide a way for the user to do this. For example, you could provide a view that displays the QR code and secret key for the user to scan into their authenticator app:
+### Confirming Two-Factor Authentication
+
+After enabling two-factor authentication, the user must still "confirm" their two-factor authentication configuration by providing a valid two-factor authentication code. You should provide a way for the user to do this. For example, you could provide a view that displays the QR code and secret key for the user to scan into their authenticator app:
 ```php
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
@@ -135,6 +136,10 @@ $user->getCurrentOtp();
 > **Note**
 > When sending the one-time-password via SMS/email, you should set the window config to a higher value, to allow the user to enter the one-time password after it has been sent.
 
+The `confirmTwoFactorAuthentication` method takes an optional second parameter to specify the two-factor method, this is totally optional, it can be useful if you have multiple methods for receiving the one-time password.
+
+### Disabling Two-Factor Authentication
+
 You should also provide a way for the user to disable two-factor authentication. This can be done by calling the `disableTwoFactorAuthentication` method on the user model:
 
 ```php
diff --git a/database/migrations/add_two_factor_columns_to_users_table.php b/database/migrations/add_two_factor_columns_to_users_table.php
@@ -16,6 +16,7 @@ public function up(): void
                 $table->text('two_factor_secret')->nullable();
                 $table->text('two_factor_recovery_codes')->nullable();
                 $table->timestamp('two_factor_confirmed_at')->nullable();
+                $table->string('two_factor_method')->nullable();
             });
         });
     }
diff --git a/src/Actions/ConfirmTwoFactorAuthentication.php b/src/Actions/ConfirmTwoFactorAuthentication.php
@@ -22,7 +22,7 @@ public function __construct(protected TwoFactorProvider $provider)
      *
      * @param  \App\Models\User  $user
      */
-    public function __invoke($user, string $code): void
+    public function __invoke($user, string $code, ?string $method): void
     {
         if (empty($user->two_factor_secret)
             || empty($code)
@@ -35,6 +35,7 @@ public function __invoke($user, string $code): void
 
         $user->forceFill([
             'two_factor_confirmed_at' => now(),
+            'two_factor_method' => $method,
         ])->save();
 
         TwoFactorAuthenticationConfirmed::dispatch($user);
diff --git a/src/Actions/DisableTwoFactorAuthentication.php b/src/Actions/DisableTwoFactorAuthentication.php
@@ -13,13 +13,17 @@ class DisableTwoFactorAuthentication
      */
     public function __invoke($user): void
     {
-        if (! is_null($user->two_factor_secret) ||
-            ! is_null($user->two_factor_recovery_codes) ||
-            ! is_null($user->two_factor_confirmed_at)) {
+        if (
+            ! is_null($user->two_factor_secret)
+            || ! is_null($user->two_factor_recovery_codes)
+            || ! is_null($user->two_factor_confirmed_at)
+            || ! is_null($user->two_factor_method)
+        ) {
             $user->forceFill([
                 'two_factor_secret' => null,
                 'two_factor_recovery_codes' => null,
                 'two_factor_confirmed_at' => null,
+                'two_factor_method' => null,
             ])->save();
 
             TwoFactorAuthenticationDisabled::dispatch($user);
diff --git a/src/TwoFactorAuthenticatable.php b/src/TwoFactorAuthenticatable.php
@@ -103,9 +103,9 @@ public function disableTwoFactorAuthentication(): void
     /**
      * Confirm two-factor authentication for the user.
      */
-    public function confirmTwoFactorAuthentication(string $code): void
+    public function confirmTwoFactorAuthentication(string $code, ?string $method): void
     {
-        app(ConfirmTwoFactorAuthentication::class)($this, $code);
+        app(ConfirmTwoFactorAuthentication::class)($this, $code, $method);
     }
 
     /**
diff --git a/tests/TestUser.php b/tests/TestUser.php
@@ -16,6 +16,7 @@
  * @property \Illuminate\Support\Carbon|null $updated_at
  * @property string|null $two_factor_secret
  * @property array|null $two_factor_recovery_codes
+ * @property string|null $two_factor_method
  * @property \Illuminate\Support\Carbon|null $two_factor_confirmed_at
  *
  * @method static TestUser create(array $attributes = [])

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,7 @@ public function up(): void`
`16`	`16`	`$table->text('two_factor_secret')->nullable();`
`17`	`17`	`$table->text('two_factor_recovery_codes')->nullable();`
`18`	`18`	`$table->timestamp('two_factor_confirmed_at')->nullable();`
	`19`	`+ $table->string('two_factor_method')->nullable();`
`19`	`20`	`});`
`20`	`21`	`});`
`21`	`22`	`}`
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,7 @@ public function __construct(protected TwoFactorProvider $provider)`
`22`	`22`	`*`
`23`	`23`	`* @param \App\Models\User $user`
`24`	`24`	`*/`
`25`		`- public function __invoke($user, string $code): void`
	`25`	`+ public function __invoke($user, string $code, ?string $method): void`
`26`	`26`	`{`
`27`	`27`	`if (empty($user->two_factor_secret)`
`28`	`28`	`\|\| empty($code)`
`@@ -35,6 +35,7 @@ public function __invoke($user, string $code): void`
`35`	`35`
`36`	`36`	`$user->forceFill([`
`37`	`37`	`'two_factor_confirmed_at' => now(),`
	`38`	`+ 'two_factor_method' => $method,`
`38`	`39`	`])->save();`
`39`	`40`
`40`	`41`	`TwoFactorAuthenticationConfirmed::dispatch($user);`
Original file line number	Diff line number	Diff line change
`@@ -103,9 +103,9 @@ public function disableTwoFactorAuthentication(): void`
`103`	`103`	`/**`
`104`	`104`	`* Confirm two-factor authentication for the user.`
`105`	`105`	`*/`
`106`		`- public function confirmTwoFactorAuthentication(string $code): void`
	`106`	`+ public function confirmTwoFactorAuthentication(string $code, ?string $method): void`
`107`	`107`	`{`
`108`		`- app(ConfirmTwoFactorAuthentication::class)($this, $code);`
	`108`	`+ app(ConfirmTwoFactorAuthentication::class)($this, $code, $method);`
`109`	`109`	`}`
`110`	`110`
`111`	`111`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,7 @@`
`16`	`16`	`* @property \Illuminate\Support\Carbon\|null $updated_at`
`17`	`17`	`* @property string\|null $two_factor_secret`
`18`	`18`	`* @property array\|null $two_factor_recovery_codes`
	`19`	`+ * @property string\|null $two_factor_method`
`19`	`20`	`* @property \Illuminate\Support\Carbon\|null $two_factor_confirmed_at`
`20`	`21`	`*`
`21`	`22`	`* @method static TestUser create(array $attributes = [])`