In this episode, we're finally tackling the moment where the two-factor authentication (2FA) prompt appears during user sign-in! 🎉
First, we make sure 2FA is enabled, then sign out and start working through the process: when someone tries to log in, we're aiming for a modal pop-up that asks for their authentication code. If you remember from earlier, we used custom callbacks in Fortify for things like "Confirm Password"—turns out, the two-factor challenge view works almost the same way. We'll just return an Inertia modal for the 2FA prompt.
We get hands-on: creating out the 2FA challenge modal, tweaking the form so it's ready to accept a code, and updating the button and errors as needed. There are some Fortify routes behind the scenes that need to be wire up correctly, so we go through the process of copying over the right pieces and ensuring we're checking whether 2FA is enabled. Once that's sorted, the modal appears as expected after sign-in!
The final step is hooking up the modal to actually submit the entered 2FA code. We find the appropriate route, wire up the form, and test the flow: entering a fake code shows errors properly, while entering a real code successfully signs us in.
By the end, our app now challenges users with a 2FA prompt at login, giving us that extra security layer without too much fuss. Pretty satisfying to see it all come together!