Closed internetbug256 closed 1 year ago
Hi.
this package does not handle redirection it self.
so make users redirect to 2FA page on their first login, you can create a custom middleware . then check whether user has 2FA entry by using $user->twoFa()
method
hope this helps
Thanks
@lahirulhr Sorry but I'm really struggling to get this working. I want to ensure that all users set up 2FA before they can access Nova. I've tried to follow your suggestion and added a new custom middleware in Nova. This is what it looks like right now.
Yet I can't seem to get it to work.
I wonder if I am misusing $user->twoFa()
? It seems a row is populate in the two fa table whether it's enabled or not. So I'm checking $user->twoFa->google2fa_enable
.
Some guidance would be very appreciated. I also think it would make sense for your package to have a means of forcing 2FA in order to access Nova.
Many thanks!
use Closure;
class EnsureTwoFa
{
public function handle($request, Closure $next)
{
// royd($request->path());
if($request->user()) {
// if($request->user()->twoFa && $request->user()->twoFa->google2fa_enable) {
// roy('2fa is enabled');
// // roy($request->user()->twoFa->toArray());
// } else {
// roy('2fa is not enabled');
// }
if ($request->user()->twoFa && !$request->user()->twoFa->google2fa_enable && $request->path() !== 'nova/nova-two-factor') {
return redirect('/nova/nova-two-factor');
}
}
return $next($request);
}
}
@vesper8 Here is an working example of middleware.
https://gist.github.com/lahirulhr/7295bb38991d784d0ddb8ad437dd8a08
as you suggest, the package need to have in built 2FA force feature.
Thank you for suggestions.
Unfortunately I had to abandon this one, and used another I found online: https://github.com/cube-agency/nova-google2fa/ The only con of this one is that only works with Google Authenticator. but it works as expected.
Yes, I think there is something with the use of ->twoFa or ->twoFa(). Also, the array of exception urls seems to not being avoided, no matter where I check them.
Hello I did all steps when setting up the 2FA component. However, when I login as some user for the first time, I am not being redirected to the 2FA form setup. Instead, I got to the default Nova dashboard as usual.
If I request explicitly the /nova/nova-two-factor page, then the next logins works as expected. But I cannot hit the nail with this. What I might be missing? I think I did all steps as required. I am getting no error at all though...
Thanks