refactor: new digits length rule for 2FA setup (#145)

ArkEcosystemArchive · Jun 22, 2021 · a24ffa0 · a24ffa0
1 parent ca9d6a5
commit a24ffa0
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 2 deletions.
diff --git a/resources/views/auth/two-factor-challenge.blade.php b/resources/views/auth/two-factor-challenge.blade.php
@@ -50,7 +50,7 @@ class="w-full"
                         :errors="$errors"
                         autocomplete="one-time-code"
                         input-mode="numeric"
-                        pattern="[0-9]*"
+                        pattern="[0-9]{6}"
                     />
                 </div>
             </div>

diff --git a/resources/views/profile/two-factor-authentication-form.blade.php b/resources/views/profile/two-factor-authentication-form.blade.php
@@ -45,6 +45,7 @@
                         name="state.otp"
                         :label="trans('fortify::pages.user-settings.one_time_password')"
                         :errors="$errors"
+                        pattern="[0-9]{6}"
                     />
                 </div>
             </div>
@@ -83,6 +84,7 @@
                                 name="state.otp"
                                 :label="trans('fortify::pages.user-settings.one_time_password')"
                                 :errors="$errors"
+                                pattern="[0-9]{6}""
                             />
                         </div>
                     </div>
@@ -96,6 +98,7 @@
                         name="state.otp"
                         :label="trans('fortify::pages.user-settings.one_time_password')"
                         :errors="$errors"
+                        pattern="[0-9]{6}"
                     />
                 </div>
             </div>

diff --git a/src/Components/TwoFactorAuthenticationForm.php b/src/Components/TwoFactorAuthenticationForm.php
@@ -28,6 +28,10 @@ class TwoFactorAuthenticationForm extends Component
     use InteractsWithUser;
     use HasModal;
 
+    protected $messages = [
+        'state.otp.digits' => 'One Time Password must be :digits digits.',
+    ];
+
     public bool $showingQrCode = false;
 
     public array $state = [];
@@ -51,7 +55,7 @@ public function render(): View
     public function enableTwoFactorAuthentication(): void
     {
         $this->validate([
-            'state.otp' => ['required', new OneTimePassword($this->state['two_factor_secret'])],
+            'state.otp' => ['required', 'digits:6', new OneTimePassword($this->state['two_factor_secret'])],
         ]);
 
         app(EnableTwoFactorAuthentication::class)(Auth::user(), $this->state['two_factor_secret']);

diff --git a/tests/Components/TwoFactorAuthenticationFormTest.php b/tests/Components/TwoFactorAuthenticationFormTest.php
@@ -22,6 +22,9 @@
         ->set('state.two_factor_secret', $two_factor_secret)
         ->assertSet('enabled', false)
         ->assertSee($two_factor_secret)
+        ->set('state.otp', '8437339')
+        ->call('enableTwoFactorAuthentication')
+        ->assertHasErrors(['state.otp' => 'digits'])
         ->set('state.otp', '843733')
         ->call('enableTwoFactorAuthentication')
         ->assertSee('Two-Factor Authentication Recovery Codes')