Build a Starter Kit With Inertia and Fortify
This episode is for members only

Sign up to access "Build a Starter Kit With Inertia and Fortify" right now.

Get started
Already a member? Sign in to continue
Playing
30. Disabling two factor authentication

Episodes

0%
Your progress
  • Total: 5h 21m
  • Played: 0m
  • Remaining: 5h 21m
Join or sign in to track your progress
01. Setting up
01. Introduction and demo
4m 30s
0%
02. Installing Inertia from scratch
11m 49s
0%
03. Installing Tailwind
3m 24s
0%
04. Layout and navigation
31m 15s
0%
05. Installing Fortify
6m 10s
0%
06. Exposing routes with Ziggy
6m 44s
0%
07. Global modals
23m 41s
0%
02. Authentication
08. Registering users
13m 56s
0%
09. Sharing the authenticated user globally
5m 48s
0%
10. Signing in
9m 27s
0%
11. Signing out
2m 39s
0%
12. Redirecting to the intended location
4m 58s
0%
03. Feature management
13. Adding feature management checks
3m 14s
0%
14. Client-side feature management
5m 53s
0%
04. Building a toast feature
15. Basic flash messages with Inertia
7m 51s
0%
16. Building a toast plugin
15m 38s
0%
17. Styling and transitioning the toast
4m 53s
0%
05. Profile management
18. Creating an account layout
13m 24s
0%
19. Detecting and highlighting current pages
5m 22s
0%
20. Updating profile details
9m 22s
0%
21. Profile photo output and swapping
9m 17s
0%
22. Storing a profile photo
13m
0%
23. Changing user passwords
9m 9s
0%
24. Account feature toggling
8m 19s
0%
06. Password confirmation
25. Using a modal for password confirmation
8m 16s
0%
26. Confirming user passwords
4m 23s
0%
07. Two factor authentication
27. Building the two factor modal
9m 7s
0%
28. Showing a QR code
7m 44s
0%
29. Enabling two factor authentication
6m 52s
0%
30. Disabling two factor authentication
1m 35s
0%
31. Showing recovery codes
4m 37s
0%
32. Fixing password confirm redirect
9m 42s
0%
33. Fixing password confirm flow when enabling
3m 26s
0%
34. Challenging the user when signing in
5m 58s
0%
08. Email verification
35. Mail setup and forcing email verification
4m 8s
0%
36. Adding a verification notice
3m 42s
0%
37. Resending the verification email
3m 27s
0%
09. Account recovery
38. Sending a recovery email
8m 45s
0%
39. Setting a new password
8m 22s
0%
10. Fixes and improvements
40. Closing the user navigation on click
2m 12s
0%

Transcript

00:00
So disabling two-factor authentication
00:01
is pretty straightforward. We just need to create another button and send a really simple delete request to Fortify. So let's go ahead and copy this entire button down.
00:10
And we're going to go ahead and change the function that we call over to disable. And in here, we want to show this button if it is enabled. So here, we're going to say disable
00:20
two-factor authentication. OK, so we've got that button now. And when we click on that, we just want to send a request through to Fortify.
00:27
So this is simpler than enable. Let's copy this down anyway because it's very similar. Change this to disable. We don't need to do anything on success
00:36
because it's just going to disable it and get rid of everything. So we can just get rid of all of that stuff inside of there. So we can kind of guess what the root name is going to be.
00:45
It's literally two-factor and then disable. Of course, we can check our root list, but let's roll with this. So that's it. We literally click on this button to disable it,
00:55
make a request to this, and that will be removed from the user's account. So let's click on disable. And sure enough, we've got an error.
01:03
So let's just check our Network tab here and see what we get. OK, so we're redirected back, but nothing is actually happening. Let's actually check that root name, so PHP artisan root list.
01:14
And we've got two-factor disable. Of course, we need to send a delete request through to this. There we go.
01:20
OK, click on that. It's disabled. That is it. So if we head over to the database now,
01:25
you can see that the two-factor secret, the recovery codes, and the confirmed is disabled. That's all we need to do to disable two-factor authentication.

Episode summary

In this episode, we walk you through how to disable two-factor authentication in your app using Fortify. It's a pretty straightforward process! First, we duplicate our existing enable button code and modify it to become a "Disable Two-Factor Authentication" button. We'll make sure this button only shows when two-factor is actually enabled.

When you click this new button, we send a simple DELETE request to Fortify. There's no need for any fancy confirmation or extra UI since disabling simply wipes out the user's two-factor data. We go over how to check the correct route using php artisan route:list to make sure our endpoint is accurate.

Once it's all hooked up, we test it out and verify by checking the database—the two-factor secret, recovery codes, and confirmation flag are all removed. And just like that, two-factor authentication is disabled for the user! Super easy and quick to implement.

Episode discussion

No comments, yet. Be the first!