Skip to content

Commit 37bb525

Browse files
dpslwkdpslwk
committed
2fa: protect all user routes
1 parent ee591e1 commit 37bb525

File tree

1 file changed

+10
-7
lines changed

1 file changed

+10
-7
lines changed

routes/web.php

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -53,8 +53,8 @@
5353
Route::post('register-interest', 'RegisterInterestController@registerInterest');
5454
});
5555

56-
// Routes in the following group can only be access once logged-in
57-
Route::middleware(['auth'])->group(function () {
56+
// Routes in the following group can only be access once logged-in and if enabled valid 2fa
57+
Route::middleware(['auth', '2fa'])->group(function () {
5858
Route::view('registration-complete', 'pages.registrationComplete')->name('registrationComplete');
5959

6060
// Users (show, edit, update) to allow users to update there email if they can't verify it
@@ -67,17 +67,20 @@
6767
);
6868
});
6969

70-
// Routes in the following group can only be access once logged-in and have verified your email address
71-
Route::middleware(['auth', 'verified', '2fa'])->group(function () {
72-
Route::get('home', 'HomeController@index')->name('home');
73-
Route::get('access-codes', 'HomeController@accessCodes')->name('accessCodes');
74-
70+
// Routes in the following group can only be access once logged-in and have verified your email address but do not require 2fa
71+
Route::middleware(['auth', 'verified'])->group(function () {
7572
// 2fa Auth
7673
Route::get('2fa', 'Auth\TwoFactorAuthenticationController@show2faForm')->name('2fa');
7774
Route::post('2fa/generate2faSecret', 'Auth\TwoFactorAuthenticationController@generate2faSecret')
7875
->name('2fa.generate2faSecret');
7976
Route::post('2fa', 'Auth\TwoFactorAuthenticationController@enable2fa')->name('2fa.enable2fa');
8077
Route::post('2fa/disable2fa', 'Auth\TwoFactorAuthenticationController@disable2fa')->name('2fa.disable2fa');
78+
});
79+
80+
// Routes in the following group can only be access once logged-in and have verified your email address and if enabled valid 2fa
81+
Route::middleware(['auth', 'verified', '2fa'])->group(function () {
82+
Route::get('home', 'HomeController@index')->name('home');
83+
Route::get('access-codes', 'HomeController@accessCodes')->name('accessCodes');
8184

8285
// ROLE
8386
Route::get('roles', 'RoleController@index')->name('roles.index');

0 commit comments

Comments
 (0)