2FA support completed

cp/app/Auth/Auth.php

@@ -128,7 +128,7 @@ class Auth
      * @throws \Pinga\Auth\AttemptCancelledException
      * @throws \Pinga\Auth\AuthError
      */
-    public static function login($email, $password, $remember=null){
+    public static function login($email, $password, $remember=null, $code=null){
         $auth = self::$auth;
         try {
             if ($remember !='') {
@@ -140,8 +140,28 @@ class Auth
                 $rememberDuration = null;
             }
 
-            $auth->login($email, $password,$rememberDuration);
-            return true;
+            $auth->login($email, $password, $rememberDuration);
+
+            global $container;
+            $db = $container->get('db');
+            $tfa = $db->selectRow('SELECT tfa_enabled, tfa_secret FROM users WHERE id = ?', [$auth->getUserId()]);
+
+            if ($tfa) {
+                if ($tfa['tfa_enabled'] == 1) {
+                    $tfaService = new \RobThree\Auth\TwoFactorAuth('Namingo');
+                        if ($tfaService->verifyCode($tfa['tfa_secret'], $code) === true) {
+                            return true;
+                        } else {
+                            self::$auth->logOut();
+                            redirect()->route('login')->with('error','Incorrect 2FA Code. Please check and enter the correct code. 2FA codes are time-sensitive. For continuous issues, contact support.');
+                        }
+                } elseif ($tfa['tfa_enabled'] == 0) {
+                    return true;
+                }
+            } else {
+                self::$auth->logOut();
+                redirect()->route('login')->with('error','Temporary Database Issue. Please try again shortly. If this problem persists, kindly reach out to our support team for assistance.');
+            }
         }
         catch (InvalidEmailException $e) {
             redirect()->route('login')->with('error','Wrong email address');

cp/app/Controllers/Auth/AuthController.php

@@ -39,7 +39,12 @@ class AuthController extends Controller
         }else{
             $remember = null;
         }
-        $login = Auth::login($data['email'], $data['password'], $remember);
+        if(isset($data['code'])){
+            $code = $data['code'];
+        }else{
+            $code = null;
+        }
+        $login = Auth::login($data['email'], $data['password'], $remember, $code);
         if($login===true)
             redirect()->route('home');
     }
@@ -48,8 +53,8 @@ class AuthController extends Controller
      * @throws \Pinga\Auth\AuthError
      */
     public function logout()
-	{
-		Auth::logout();
-		redirect()->route('login');
-	}
+    {
+        Auth::logout();
+        redirect()->route('login');
+    }
 }

cp/resources/views/admin/profile/profile.twig

@@ -102,7 +102,7 @@
                             {{ csrf.field | raw }}
                             <div class="card-body">
                                 <p>Set up 2FA for additional security. Scan the QR code with your authentication app and enter the provided code below to verify.</p>
-                                <!-- QR Code Placeholder -->
+                                <!-- QR Code -->
                                 <div class="mb-3">
                                     <img src="{{ qrcodeDataUri }}" alt="2FA QR Code" class="img-fluid">
                                 </div>
@@ -128,7 +128,13 @@
                             </form>
                             {% else %}
                             <div class="card-body">
-                                <p>2FA active</p>
+                                <div class="d-flex align-items-center">
+                                    <span class="badge bg-green text-green-fg me-3"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 3a12 12 0 0 0 8.5 3a12 12 0 0 1 -8.5 15a12 12 0 0 1 -8.5 -15a12 12 0 0 0 8.5 -3" /><path d="M12 11m-1 0a1 1 0 1 0 2 0a1 1 0 1 0 -2 0" /><path d="M12 12l0 2.5" /></svg></span>
+                                    <div>
+                                        <h5 class="card-title mb-1">Your account is secured with an additional layer of protection.</h5>
+                                        <p class="text-muted mb-2">2FA is currently <strong>enabled</strong> for your account. If you encounter any issues or need to disable 2FA, please contact our support team for assistance.</p>
+                                    </div>
+                                </div>
                             </div>
                             {% endif %}
                         </div>

cp/resources/views/auth/login.twig

@@ -35,7 +35,7 @@
               </div>
               <div class="mb-2">
                 <label class="form-label">2FA Code</label>
-                <input name="code" type="number" class="form-control" autocomplete="off">
+                <input name="code" type="text" class="form-control" autocomplete="off" placeholder="Enter 6-digit code" pattern="\d{6}" maxlength="6" minlength="6" inputmode="numeric">
               </div>
               <div class="mb-2">
                 <label class="form-check">