This episode is for members only

Sign up to access "Build a Starter Kit With Inertia and Fortify" right now.

Get started
Already a member? Sign in to continue
Playing
30. Disabling two factor authentication

Episodes

0%
Your progress
  • Total: 5h 21m
  • Played: 0m
  • Remaining: 5h 21m
Join or sign in to track your progress

Transcript

00:00
So disabling two-factor authentication
00:01
is pretty straightforward. We just need to create another button and send a really simple delete request to Fortify. So let's go ahead and copy this entire button down.
00:10
And we're going to go ahead and change the function that we call over to disable. And in here, we want to show this button if it is enabled. So here, we're going to say disable
00:20
two-factor authentication. OK, so we've got that button now. And when we click on that, we just want to send a request through to Fortify.
00:27
So this is simpler than enable. Let's copy this down anyway because it's very similar. Change this to disable. We don't need to do anything on success
00:36
because it's just going to disable it and get rid of everything. So we can just get rid of all of that stuff inside of there. So we can kind of guess what the root name is going to be.
00:45
It's literally two-factor and then disable. Of course, we can check our root list, but let's roll with this. So that's it. We literally click on this button to disable it,
00:55
make a request to this, and that will be removed from the user's account. So let's click on disable. And sure enough, we've got an error.
01:03
So let's just check our Network tab here and see what we get. OK, so we're redirected back, but nothing is actually happening. Let's actually check that root name, so PHP artisan root list.
01:14
And we've got two-factor disable. Of course, we need to send a delete request through to this. There we go.
01:20
OK, click on that. It's disabled. That is it. So if we head over to the database now,
01:25
you can see that the two-factor secret, the recovery codes, and the confirmed is disabled. That's all we need to do to disable two-factor authentication.

Episode summary

In this episode, we walk you through how to disable two-factor authentication in your app using Fortify. It's a pretty straightforward process! First, we duplicate our existing enable button code and modify it to become a "Disable Two-Factor Authentication" button. We'll make sure this button only shows when two-factor is actually enabled.

When you click this new button, we send a simple DELETE request to Fortify. There's no need for any fancy confirmation or extra UI since disabling simply wipes out the user's two-factor data. We go over how to check the correct route using php artisan route:list to make sure our endpoint is accurate.

Once it's all hooked up, we test it out and verify by checking the database—the two-factor secret, recovery codes, and confirmation flag are all removed. And just like that, two-factor authentication is disabled for the user! Super easy and quick to implement.

Episode discussion

No comments, yet. Be the first!