'Laravel after login Two factor not working

When I log in after activating two factor, the field where I enter the verification key does not open. Login directly. What could my problem be caused by?

FortifyServiceProvider.php


 public function boot()
    {
        Fortify::createUsersUsing(CreateNewUser::class);
        Fortify::updateUserProfileInformationUsing(UpdateUserProfileInformation::class);
        Fortify::updateUserPasswordsUsing(UpdateUserPassword::class);
        Fortify::resetUserPasswordsUsing(ResetUserPassword::class);

        RateLimiter::for('login', function (Request $request) {
            return Limit::perMinute(5)->by($request->email.$request->ip());
        });

        RateLimiter::for('two-factor', function (Request $request) {
            return Limit::perMinute(5)->by($request->session()->get('login.id'));
        });

        Fortify::confirmPasswordView(function (){
            return view('user.pages.confirm-password');
        });

        Fortify::twoFactorChallengeView(function (){
           return view('user.pages.two-factor-challenge');
        });



    }

fortify.php

 'features' => [
        Features::registration(),
        Features::resetPasswords(),
        // Features::emailVerification(),
        Features::updateProfileInformation(),
        Features::updatePasswords(),

        Features::twoFactorAuthentication([
            'confirmPassword' => true,
        ]),
    ],

route.php

Route::group(['middleware' => ['auth', 'roles:0'], 'prefix' => 'live'], function () {
    Route::get('/dashboard', [DashboardController::class, 'index'])->name('user.dashboard');

Modals/User.php

namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;

use Laravel\Fortify\TwoFactorAuthenticatable;
class User extends Authenticatable 
{
    use Notifiable;
    use TwoFactorAuthenticatable;
phplaravelfortify


Solution 1:[1]

I updated wep.php with routes to fortify and not Auth:

//Auth::routes(['register' => false]);

Route::group(['middleware' => ['guest', 'throttle:'.config('fortify.limiters.login')]], function() {
    Route::get('/login', [AuthenticatedSessionController::class, 'create'])->name('login');
    Route::post('/login', [AuthenticatedSessionController::class, 'store']);
});

Route::post('/logout', [AuthenticatedSessionController::class, 'destroy']) ->name('logout');

Solution 2:[2]

I had the same problem after integrating Laravel Fortify into an existing application. For guidance, I used Laravel Jetstream and implemented all the routes by hand. The guest routes looked like this:

Route::middleware('guest')->group(function () {
    Route::get('register', [RegisteredUserController::class, 'create'])
                ->name('register');

    Route::post('register', [RegisteredUserController::class, 'store']);

    Route::get('login', [AuthenticatedSessionController::class, 'create'])
                ->name('login');

    Route::post('login', [AuthenticatedSessionController::class, 'store']);

    Route::get('forgot-password', [PasswordResetLinkController::class, 'create'])
                ->name('password.request');

    Route::post('forgot-password', [PasswordResetLinkController::class, 'store'])
                ->name('password.email');

    Route::get('reset-password/{token}', [NewPasswordController::class, 'create'])
                ->name('password.reset');

    Route::post('reset-password', [NewPasswordController::class, 'store'])
                ->name('password.update');
});

The problem is probably a conflict between an automatically published login route and my manual login route. After I commented out this route, the two-factor challenge view was also displayed.

// If this route is active, it overwrites the two factor mechanism.
// Route::post('login', [AuthenticatedSessionController::class, 'store']);

You can control with the command php artisan route:list that a POST /login route still exists and that it is linked with the same controller.

Solution 3:[3]

i have found a solution using custom piple line in the fortify service provider

use Laravel\Fortify\Actions\AttemptToAuthenticate;
use Laravel\Fortify\Actions\EnsureLoginIsNotThrottled;
use Laravel\Fortify\Actions\PrepareAuthenticatedSession;
use Laravel\Fortify\Actions\RedirectIfTwoFactorAuthenticatable;
use Laravel\Fortify\Fortify;
use Illuminate\Http\Request;

Fortify::authenticateThrough(function (Request $request) {
return array_filter([
        config('fortify.limiters.login') ? null : EnsureLoginIsNotThrottled::class,
        Features::enabled(Features::twoFactorAuthentication()) ? RedirectIfTwoFactorAuthenticatable::class : null,
        AttemptToAuthenticate::class,
        PrepareAuthenticatedSession::class,
 ]);
});

Just add this code to you the fortify service provider

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 makhag
Solution 2 rpanske
Solution 3 Abdallah

Related Questions