From 4ce827d3b30f101ebff966e206b61811b43fb516 Mon Sep 17 00:00:00 2001
From: Julien Coopmann <julien@coopmann.fr>
Date: Fri, 13 May 2022 15:15:33 +0200
Subject: [PATCH] ArchaicHammer 2022-05-13: Add enable when 2FA enforced

---
 CHANGELOG.md                            |  0
 LICENSE                                 |  0
 README.md                               |  0
 SECURITY.md                             |  0
 appinfo/info.xml                        |  0
 appinfo/routes.php                      |  0
 appinfo/signature.json                  | 48 ++++++++++++++++++
 l10n/de.js                              |  0
 l10n/de.json                            |  1 +
 l10n/fr.js                              |  3 ++
 l10n/fr.json                            |  1 +
 l10n/ru.js                              |  0
 l10n/ru.json                            |  1 +
 lib/AppInfo/Application.php             |  0
 lib/Controller/SettingsController.php   |  0
 lib/Exception/TransmissionException.php |  0
 lib/Exception/VerificationException.php |  0
 lib/Provider/AtLoginProvider.php        | 67 +++++++++++++++++++++++++
 lib/Provider/Email.php                  | 24 +++++++--
 lib/Provider/State.php                  |  0
 lib/Service/Email.php                   |  0
 lib/Service/SetupService.php            |  0
 lib/Service/StateStorage.php            |  0
 lib/Settings/PersonalSettings.php       |  0
 templates/challenge.php                 |  0
 templates/challenge_forFirstConfig.php  |  9 ++++
 templates/error.php                     |  0
 templates/error_email_empty.php         |  3 ++
 templates/personal_settings.php         |  0
 29 files changed, 152 insertions(+), 5 deletions(-)
 mode change 100644 => 100755 CHANGELOG.md
 mode change 100644 => 100755 LICENSE
 mode change 100644 => 100755 README.md
 mode change 100644 => 100755 SECURITY.md
 mode change 100644 => 100755 appinfo/info.xml
 mode change 100644 => 100755 appinfo/routes.php
 create mode 100755 appinfo/signature.json
 mode change 100644 => 100755 l10n/de.js
 create mode 100755 l10n/de.json
 mode change 100644 => 100755 l10n/fr.js
 create mode 100755 l10n/fr.json
 mode change 100644 => 100755 l10n/ru.js
 create mode 100755 l10n/ru.json
 mode change 100644 => 100755 lib/AppInfo/Application.php
 mode change 100644 => 100755 lib/Controller/SettingsController.php
 mode change 100644 => 100755 lib/Exception/TransmissionException.php
 mode change 100644 => 100755 lib/Exception/VerificationException.php
 create mode 100644 lib/Provider/AtLoginProvider.php
 mode change 100644 => 100755 lib/Provider/Email.php
 mode change 100644 => 100755 lib/Provider/State.php
 mode change 100644 => 100755 lib/Service/Email.php
 mode change 100644 => 100755 lib/Service/SetupService.php
 mode change 100644 => 100755 lib/Service/StateStorage.php
 mode change 100644 => 100755 lib/Settings/PersonalSettings.php
 mode change 100644 => 100755 templates/challenge.php
 create mode 100644 templates/challenge_forFirstConfig.php
 mode change 100644 => 100755 templates/error.php
 create mode 100644 templates/error_email_empty.php
 mode change 100644 => 100755 templates/personal_settings.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
old mode 100644
new mode 100755
diff --git a/LICENSE b/LICENSE
old mode 100644
new mode 100755
diff --git a/README.md b/README.md
old mode 100644
new mode 100755
diff --git a/SECURITY.md b/SECURITY.md
old mode 100644
new mode 100755
diff --git a/appinfo/info.xml b/appinfo/info.xml
old mode 100644
new mode 100755
diff --git a/appinfo/routes.php b/appinfo/routes.php
old mode 100644
new mode 100755
diff --git a/appinfo/signature.json b/appinfo/signature.json
new file mode 100755
index 0000000..6de4fa3
--- /dev/null
+++ b/appinfo/signature.json
@@ -0,0 +1,48 @@
+{
+    "hashes": {
+        "CHANGELOG.md": "71caee08512cb185c1315405e20f93659ccdb8f448b9dca9bf4cc313872397c714e6d204a9e1cb7422c659449d92790451ce99b702ce8499439124c26a81b044",
+        "LICENSE": "3a02a6ec14e9d076b79aea8301eab31053c6600b68dcfa6261e10edaa7296a87c8767e35f2411d234b90111fcaf6b4a55c49aa2790a1a0d015213218bb7549fc",
+        "README.md": "f888bdf7f4e597f17566aec931a5335c92afbb204cbe96ed62b4d9c2c03407f40bf73bd297ab0343cd1a3f445dce648591e136ad1e9b9a50ab70ac28f1bce37f",
+        "SECURITY.md": "d55f6164133c8e43b11da06bacabbbf1ffd532f91662210db30221e83f489afc4eb8e27861f0ee93285bc11c2f3f10a0833cdc8eea96c78a556a07d4e595ae5b",
+        "appinfo\/info.xml": "f5f61ac8ee2fa6c84d81eee3a03cda5fe7c6b099f0b2aaaa05dabc89f68e00a60d2f7a8f99b5451ddcc1d02af67a6066fb618b8b8d28c775ede832eedea94b8a",
+        "appinfo\/routes.php": "8d1e16b66fa445b12f50767e25bacd71d284223c70d6b5020e71354549a7e02987267c9822afee8c62d59e6f4a5ff4df502174dff44d822c7cab6c60f8a91b3d",
+        "img\/email-code-dark.svg": "b2647d9d630d73dd8e6228581d317aa17997de183b1ce78219edbde37e02ccf42b072253ee8e74c186a8a7b16b567da26d2c3e445aa2225eeed6e8893602b062",
+        "img\/email-code-light.svg": "284366d86ad0ca20907371e60f5879baaa4ea0b667700431bc06bb47fbb1fa9ef7f7488688c140b99b09a3f1ffccc9a8e46454ea110b6aedc1cbfa90d4d00b83",
+        "js\/2fa-email.js": "5a1e9a2ad135e3d9571d8a96509136982a0af1a0e6db2a1faa9ee1bd20c3c9e4a66db0614af9216ffb7f1c50e6df6f2c343bf36d970afc4bf923f23d83506fff",
+        "js\/2fa-email.js.LICENSE.txt": "e78ae8840b4dba1766e83928c203787a37ee5f7c1f4341d22e9ea90ea6a4d5b125c262e225d0779ac8f6bed08e20e994a0d25cb430e2b20cd77b5cce9baa315e",
+        "js\/2fa-email.js.map": "e93e44e6d1e72defd220cc6e2198b3626d23db1df3eedc05200a08d1dad3c522afb726a68a89a57ead2cc8bde642c5984812ccd796751cbba635f104b9e77901",
+        "l10n\/de.js": "8ef52069c54d624591746801b04221cd940387e19ec739cf3f45d3f0d5f0394b13da33c2486caf2defe0f968c905f1a6836f6405d6293bb52b01ece12f068f98",
+        "l10n\/de.json": "a25fc99de12f5375535c69aebb5879012001e599cb33418e0844198dd38d4094fafe05b5e93c4f4ae027fc1fecb99c25f78cf6a4db5e563014834f01bc386c81",
+        "l10n\/fr.js": "05b540c1312ed0bc9b37c1d8735254bd726b81079a8fadc679c5cc002b03d0493a38cf3ae0170476edc26a7b3e8b0e7c2004fc752e951a004adeb104dd56d1e6",
+        "l10n\/fr.json": "21aa3dab8394e7cdfcf71de8dd54e6f2c13a787983d072a3b1b6c08e05464e51e294a7df11cbe6764b3188f8181dc73a0103c48a8415986474c1dd401fcbc165",
+        "l10n\/ru.js": "565f93cd49f4a43e786f4e76f5f4462868e21df3df924a6f4ea3c18ad7bcc1ea06ea3803eef42be41cae5f2a12ce4bcaad5e727d6aa368468d0cc5c68186f985",
+        "l10n\/ru.json": "3d5ef6010743daa12fd4c44d7189ed5362a2b15b277763e98d571f87fa5b30fb8feb6f1cc7ac3ec10ec85c410540d963713b63dc44330eef0581eb78d6827060",
+        "lib\/AppInfo\/Application.php": "165e8b3d3df3e3d7e67165ab7ce456dab1fd92ac2eab8b5ed18b55926d728585977dc8f9044dad2e0c3cfa33a93f4ed6b89b74e65412d40697ca428683c1c134",
+        "lib\/Controller\/SettingsController.php": "92df342f7951ddca47e66ddbc63d3c669b5841e73042b4839ba502b4d118aab84ee573d62251cdf70d4e74946545abaf4649d5de6cb2e85452e5978a69dd89b5",
+        "lib\/Exception\/TransmissionException.php": "561aec481291f78fa5457a9873d84aa62e3d62b505470c57a2fcd6272e43be67a2eaa93fd9762ff72f2aa36d89436e8c2de8d72e81856dd130cdcd1e77d43384",
+        "lib\/Exception\/VerificationException.php": "4823247e42d2d595145d8172a89fef2a119e630987a0c64f8033315dc3baf4b0cd4f05c8452845f978d488bcdda273feb19d48e03ea11d9702c75c686981d009",
+        "lib\/Provider\/Email.php": "495941fdcac59d2b523016d83d82a63455ba2664ef30a7b8c4b9bf193bcc79ec21fa3f972212fb5ad6c819739b69766761a888c69093db2dfa3f5b95c18a9ff6",
+        "lib\/Provider\/State.php": "076d225cee0b3e0303df20890973649b0fdb7cab693b6a5c1be774712c25704d93252fce18219a56906107d923d82ea19576b4e82cb54629b65e75dbb0cca1be",
+        "lib\/Service\/Email.php": "c91f79c55d8c5d6d2087cfa4c00eebb7942fa3e4ac3513b724e9352043600857bfbabec81f2044aeab97d6b46b39fba3b43ccc7e8219391cf4cda087d1df8343",
+        "lib\/Service\/SetupService.php": "80f5fbd1109c28543b80b4af74d6c6ebe006aeeed7a3e30711427ff18c8bf82b7ca771b08b8d8008d85a810610cae6d6fb3f1bb2fd81471799f71890959ddcb8",
+        "lib\/Service\/StateStorage.php": "e6241d92739bcdac4f10fc7a573aae5da99651b9fb4d59cee9745e8268d39d5b379fcff669bc9881cfe93529b0e2d6ee7ad8688472a8ca64c27a8b35696169bc",
+        "lib\/Settings\/PersonalSettings.php": "7614524ab9868f39c4748f055b601602854392c5b14271d3c68dc2a3ad8d88f929f8d260cfb46a3072cb962ca0c8c7019306f4d883f474137c2430e7a330b77a",
+        "templates\/challenge.php": "627ef28c93e9b0a556b95dca4eecd16d86bb675697ccf8c9c071a7798a391581e9914f7d8ad93f2c816b7cdddd322d3571c775948da0d83ce62ea19c1a9896f3",
+        "templates\/error.php": "94f66e5be6395ff1c44177ba99cdd29ec72ff1b7723f83b90b3361f23ac095c1b2446820d9f2aaf69c39f736603f22c4173201976a1db8617a5f3f1c54a54d78",
+        "templates\/personal_settings.php": "899d6c214cf141f8b77f1500ca607f2258722d12048dc43e75824437870bc22edb0a610b258e459b22525beba68e460d3be42f75bfd494437c93eedb90217eb3",
+        "vendor\/autoload.php": "c6c79841881636d23bc6182696002264e879106a86d518170cea0b28bf04a9a4f5d8115a7028332797d351b53d606ea41dc95d7014f7c564ed4716a38758ebe6",
+        "vendor\/composer\/ClassLoader.php": "866e8cbde808b4e7774c5d9e2bdda44e84ff9bc84268785aff1a75277bd7918dc26ceeb27732718c9ea93756777ec0d16c09c15f9c1179be3cbb410c7914d295",
+        "vendor\/composer\/InstalledVersions.php": "5ec7d1dcf913dd2026fc8881e90d43cfdae307bfc879b1f3e279217a41308b97ba9b2ad6b093a3a33b9f5cf0b2c86d9d5f5aceca7734c3b6def7e1a973a08f8a",
+        "vendor\/composer\/LICENSE": "f3bb64009f41a425df5a9bbab53490f0eb9b74fa8d6aaa2f57efb928edc4ffff330260666edeaa04a91fed708c3663371cf01b284f3a08d6698aaef7a23f355a",
+        "vendor\/composer\/autoload_classmap.php": "a298b75d605ec9a330a5efe11769e79f02cf202f49d8b241afbd175c7fcfa0ac4db8e72a29aa1d839138e3b181fbfeca525181eb57e998a4a2c14ec9e457cf1a",
+        "vendor\/composer\/autoload_namespaces.php": "30324cf2dc20c214c5b5c8fdc2099b67772149ddea1d1d51969c711be9a83d036e43746c600f958a6b49969b16a10ef93e9b1e3d5af9714721ead916b9aef344",
+        "vendor\/composer\/autoload_psr4.php": "7703a219a8d7f2c47470d60eb6a63c4e88100f88f778c801c71611788b3d3714cbe2fbf5cebae62a1d877d8d39fc82f28f023d7788aa4f24454023658d7f961d",
+        "vendor\/composer\/autoload_real.php": "427f574e35af9eff7e1bcd6ba456c4797d8aca511d86c433b976192feee26e5f08fd41fc9b0e483849572415a458f7f5d2d57efbeb2c995c111b5cad03f3a4e8",
+        "vendor\/composer\/autoload_static.php": "f4b3c427670dc53dc58f90f1893a7205278cfc195710c85bb205452321f058092721737b73fd7150badf6c09dbad92fc768ee18e4ed5b67041a0111efc15cb4e",
+        "vendor\/composer\/installed.json": "0a3ed51f953eb945b970a8eb21957ca2beee4669c7d0d9be97b8259c391b60688f8abb78d4b1fae5e4e2ea5e3d8747f4d35f066a2605e9a76f5b45ec3f1da357",
+        "vendor\/composer\/installed.php": "7ac785d6bf2f70b7caba796436ad81b5d376d4dd4ef02182f45010afd478023a4af4373ade9de68fbf1245e75513e32a957ee6d2285bd9da5cddc70a1a1b2104",
+        "vendor\/composer\/platform_check.php": "bb7077d3d248b817b204edbc6859fc4b18e6b29e10e9562230f6472af0536479f552228a70ac4599d41d213314599374b233a3dae212c3a1193a79387f718476"
+    },
+    "signature": "LKs6Qscp7sdPyLPFQRKekDaZivXPIQ1zmML4BSlhcQrUma+pvCbVkV1lEiyqlqy4IHzLO0CrkWnbJ8grTjwS1j3SWyMHSNGn7QcTVqI+Cwe0+A7m6XP2s98pDqfBD97hLlpCXe0yQVfW2yx3E8Umi0SzPdqomlNGH3ret2mlTfh39U3f4hAHlXGByBFN2hdkTxXllEqqC55+KJpX8FBrPyeju\/Tb77eXobiKEf73dQK5tAgbc4NQYDO2U5ULDenn+7Yc+Wrev5QFPAWOk70fCo44t3\/LNgTHLPCZZVZwXCeEGbRTmABE61rSbwBQGMRYDHakMXzHN2pqTNsl34YLrDlpMuHNb64m17geCn1MetL6zO9NYozChVNi2k0\/Qvif+jyM9LDXaBAgXr5uCItL7iZQFZoJFtd5bzMBMCGqH\/fTPPwGWRU8DIaBtfaT8x6NxKVoxYU8n5wvw\/rH2iGTQchsKAy6ZnJF8x+qd38rcjDT7w6KoqEAWlPxH57noM6hxP0JGXGiXuQKtaY+WMK9XBeM5WdBCVuZLFMq8Nc98IiPJDegLZfMaZb2qdUB1vXHzWTUajYVxOjlaC3Pgppdt9OFZlegUZXcHtMSPxdmUZR4X5DqJeQQBKguBJ108ft8E2Do\/7QLASLFlCPmTE95zTkbZN1NwRQf7FfDUnrgG8g=",
+    "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIECjCCAvICAhGcMA0GCSqGSIb3DQEBCwUAMHsxCzAJBgNVBAYTAkRFMRswGQYD\r\nVQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxFzAVBgNVBAoMDk5leHRjbG91ZCBHbWJI\r\nMTYwNAYDVQQDDC1OZXh0Y2xvdWQgQ29kZSBTaWduaW5nIEludGVybWVkaWF0ZSBB\r\ndXRob3JpdHkwHhcNMjEwOTE2MjIxMzI0WhcNMzExMjIzMjIxMzI0WjAaMRgwFgYD\r\nVQQDDA90d29mYWN0b3JfZW1haWwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK\r\nAoICAQCzm6VG9OJG\/AkTWKofFncTuXaQEfhRSN+gGf6sXtdMSI\/LaaIuevoVpsNG\r\neVejUkFWhQYdDufOEeele\/tzKinAhQx+4J29Mhrkk1CpasY4W016srW1lpN0nGJI\r\nitkzHlXI0V18rcnDmIp4uwzsOJrpKcOwCwvy1vwfFbrWMJH5FFvokV7AbVs7Muf\/\r\nDbgOLgv+OeU1wnWcsfz337BoK6oIW7T8IPpyFAvA0MxSKlLjFegKCNNmqTeGzt3A\r\nIqSMG3wEyWeCJZh0pmY3yMn8Ju4H6m9nb4+ODlpWOh9zgal4HMwVJs+jhsP0mVBy\r\nci87xcwb1aiSjnlvVUCXVAmXOrHPYVlpxg+xKw4Ot87iKCL5UivQoc6MMzBJE23V\r\nNoGaiJOGMfL2IT39QmRK39kxM2n\/9KNNEJLxWZqRhbzngrkkSueAr5MoXHa1XhAd\r\nKQyecRQdz2O6Uyn\/DzLoo6mO6jNwwpRsBzQr7RMxke1YLWL8Jm0XmwLVV0HfI79r\r\n2wTOB5wGrTbPE4E8OMZqJ\/MiN\/1Xt2Jl8vEz8g9fp+T\/WlKC2+EsxxYdFanWXU0\/\r\nMlWEld4wHS7mkeHTSEpL4qxk3t4w2QhWQdzVWc\/C7MYZVw+0pO30m0vasXcbGfc7\r\noOS7uv3qfuDE7d4+nub09PPMHLP+UyuIcuLvvqH1mtpJtRCAVQIDAQABMA0GCSqG\r\nSIb3DQEBCwUAA4IBAQB22WCGEUJ+P9kckZln253O\/VoHgFEwa0LxmiOoYXYo5tkN\r\n5j6YaCXKVUn7Gto2rbL4e93qaEWdSbngpRRSjkOMRfgDR3yGaq6acvabokWPc1AX\r\n0nTOFSd4aNmn6mpgr8panQ5u7+lmFfLBijfiv5OB2Y502rzfw3pWajFZYyDtBUc8\r\nbaZyImdx1Rel86gb4tYB\/FSI2j\/ztHj9tt+w3zEV0Hds90+\/swNNT5canMq4qEBQ\r\n1ti3ih0zWqK7gZsHqENPwGlNBLgggpNL7CbL9PUIXeB48tM7TXraWw9eMCHvXGtO\r\n+PUPSefPDOAdEL4pKwnQZJ9O5Ssh3IBx5GyarWJg\r\n-----END CERTIFICATE-----"
+}
\ No newline at end of file
diff --git a/l10n/de.js b/l10n/de.js
old mode 100644
new mode 100755
diff --git a/l10n/de.json b/l10n/de.json
new file mode 100755
index 0000000..5208b93
--- /dev/null
+++ b/l10n/de.json
@@ -0,0 +1 @@
+{"generated_–_use_xx.js_instead!":"","translations":{"Email verification":"E-Mail Bestätigung","Send a code to your email address":"Sende einen Code an deine E-Mail-Adresse","Login attempt for %s":"Anmeldeversuch für %s","Your two-factor authentication code is: %s":"Dein Zwei-Faktor Authentifizierungscode lautet: %s","If you tried to login, please enter that code on %s. If you did not, somebody else did and knows your your email address or username – and your password!":"Gib diesen Code auf %s ein, falls du dich anmelden wolltest. Falls du das nicht warst kennt jemand deine E-Mail-Adresse oder deinen Benutzernamen – und dein Passwort!","You need to set an email address in 'Personal info' first.":"Du musst zuerst eine E-Mail-Adresse in 'Persönliche Informationen' hinterlegen.","Could not send a verification code via email. An Admin must set this up first.":"Prüfcode konnte nicht per E-Mail versendet werden. Ein Administrator muss dies zuerst einrichten.","Enable Two-Factor Email":"Zwei-Faktor E-Mail einschalten","The entered code does not match that sent to {emailAddress}.":"Der eigegebene Code unterscheidet sich von dem an {emailAddress} gesendeten.","A code has been sent to {emailAddress}.":"Ein Code wurde an {emailAddress} gesendet.","Verify code":"Code bestätigen","Cancel activation":"Einschalten abbrechen","Two-Factor Email is enabled. Codes are sent to {emailAddress}.":"Zwei-Faktor E-Mail ist eingeschaltet. Codes werden an {emailAddress} gesendet.","Disable Two-Factor Email":"Zwei-Faktor E-Mail ausschalten","Error while sending the email. Please try again later or ask your administrator.":"Fehler beim Versenden der E-Mail. Bitte probiere es später nochmal oder frage deinen Administrator.","Two-Factor Email app icon":"Zwei-Faktor E-Mail App-Symbol","A code has been sent to your email address.":"Ein Code wurde an deine E-Mail-Adresse gesendet","Authentication code":"Authentifizierungscode","Submit":"Übermitteln"},"pluralForm":""}
diff --git a/l10n/fr.js b/l10n/fr.js
old mode 100644
new mode 100755
index 877c77f..96633ca
--- a/l10n/fr.js
+++ b/l10n/fr.js
@@ -33,5 +33,8 @@ OC.L10N.register(
 	"A code has been sent to your email address." : "Un code a été envoyé à votre adresse mail.",
 	"Authentication code" : "Code d'authentification",
 	"Submit" : "Valider",
+
+	// templates/challenge_forFirstConfig.php
+	"This verify your email for setup and enable this 2FA for your account" : "Celui ci permet de vérifier votre adresse mail pour la première connexion et la configuration du 2FA pour votre compte",
 },
 "");
diff --git a/l10n/fr.json b/l10n/fr.json
new file mode 100755
index 0000000..af2e190
--- /dev/null
+++ b/l10n/fr.json
@@ -0,0 +1 @@
+{"generated_–_use_xx.js_instead!":"","translations":{"Email verification":"Vérification de l'email","Send a code to your email address":"Code envoyé à votre adresse mail","Login attempt for %s":"Tentative de connexion pour %s","Your two-factor authentication code is: %s":"Votre code d'authentification est %s","If you tried to login, please enter that code on %s. If you did not, somebody else did and knows your your email address or username – and your password!":"Si vous êtes à l'origine de cette tentative de connexion, veuillez entrer ce code pour %s, si vous n'êtes pas à l'origine, une personne a connaissance de votre adresse et de votre mot de passe, nous vous conseillons de les modifier !","You need to set an email address in 'Personal info' first.":"Vous devez définir votre adresse mail dans 'Info personnelle' en premier.","Could not send a verification code via email. An Admin must set this up first.":"Impossible d'envoyer l'email de vérification. L'administrateur doit d'abord configurer celui-ci.","Enable Two-Factor Email":"Activer la double authentification par email","The entered code does not match that sent to {emailAddress}.":"Le code que vous avez entré ne correspond pas au code fournis à l'adresse {emailAddress}.","A code has been sent to {emailAddress}.":"Un code a été envoyé à {emailAddress}.","Verify code":"Code de vérification","Cancel activation":"Annuler la connexion","Two-Factor Email is enabled. Codes are sent to {emailAddress}.":"La double authentification par email a été activée. Le code a été envoyé à {emailAddress}.","Disable Two-Factor Email":"Désactiver la double authentification par email","Error while sending the email. Please try again later or ask your administrator.":"Erreur lors de l'envoie de l'email. Veuillez rééssayer plus tard ou veuillez contacter votre administrateur.","Two-Factor Email app icon":"Icone d'application d'authentification double facteur par email","A code has been sent to your email address.":"Un code a été envoyé à votre adresse mail.","Authentication code":"Code d'authentification","Submit":"Valider"},"pluralForm":""}
diff --git a/l10n/ru.js b/l10n/ru.js
old mode 100644
new mode 100755
diff --git a/l10n/ru.json b/l10n/ru.json
new file mode 100755
index 0000000..cd347b8
--- /dev/null
+++ b/l10n/ru.json
@@ -0,0 +1 @@
+{"generated_–_use_xx.js_instead!":"","translations":{"Email verification":"Подтверждение по элетронной почте","Send a code to your email address":"Отправить код на ваш электронный адрес","Login attempt for %s":"Попытка входа для %s","Your two-factor authentication code is: %s":"Ваш код двухфакторной аутентификации: %s","If you tried to login, please enter that code on %s. If you did not, somebody else did and knows your your email address or username – and your password!":"Если вы пытались войти, введите этот код в %s. Если вы этого не делали, это значит что кто-то другой попытался выполнить вход и знает ваш адрес электронной почты или имя пользователя, а также ваш пароль!","You need to set an email address in 'Personal info' first.":"Сначала вам нужно установить адрес электронной почты в разделе «Личная информация».","Could not send a verification code via email. An Admin must set this up first.":"Не удалось отправить код подтверждения по электронной почте. Для начала администратор должен настроить сервис двухфакторной аутентификации.","Enable Two-Factor Email":"Включить двухфакторную аутентификацию по электронной почте","The entered code does not match that sent to {emailAddress}.":"Введенный код не совпадает с отправленным на {emailAddress}.","A code has been sent to {emailAddress}.":"Код подтверждения был отправлен на {emailAddress}.","Verify code":"Подтвердить код","Cancel activation":"Отменить активацию","Two-Factor Email is enabled. Codes are sent to {emailAddress}.":"Двухфакторная аутентификация по электроннаой почте включена. Коды подтверждения будут отправлены на {emailAddress}.","Disable Two-Factor Email":"Отключить двухфакторную аутентификацию по электронной почте","Error while sending the email. Please try again later or ask your administrator.":"Ошибка при отправке письма. Повторите попытку позже или обратитесь к администратору.","Two-Factor Email app icon":"Значок приложения двухфакторной аутентификации","A code has been sent to your email address.":"Код был отправлен на ваш адрес электронной почты.","Authentication code":"Код аутентификации","Submit":"Подтвердить"},"pluralForm":""}
diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php
old mode 100644
new mode 100755
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
old mode 100644
new mode 100755
diff --git a/lib/Exception/TransmissionException.php b/lib/Exception/TransmissionException.php
old mode 100644
new mode 100755
diff --git a/lib/Exception/VerificationException.php b/lib/Exception/VerificationException.php
old mode 100644
new mode 100755
diff --git a/lib/Provider/AtLoginProvider.php b/lib/Provider/AtLoginProvider.php
new file mode 100644
index 0000000..9e93076
--- /dev/null
+++ b/lib/Provider/AtLoginProvider.php
@@ -0,0 +1,67 @@
+<?php
+
+declare(strict_types = 1);
+
+namespace OCA\TwoFactorEmail\Provider;
+
+use OCA\TwoFactorEmail\Provider\Email as EmailProvider;
+use OCA\TwoFactorEmail\Service\StateStorage;
+use OCP\Authentication\TwoFactorAuth\ILoginSetupProvider;
+use OCP\Template;
+use OCP\IUser;
+use OCA\TwoFactorEmail\Service\Email as EmailService;
+use OCP\IConfig as OCCONFIG;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+
+class AtLoginProvider implements ILoginSetupProvider {
+
+	/** @var IUser */
+	private $myUser;
+
+	/** @var EmailService */
+	private $emailService;
+
+	/** @var OCCONFIG */
+	private $occonfig;
+
+	/** @var IRegistry */
+	private $registry;
+
+	/** @var Email */
+	private $provider;
+
+	private $mySecret;
+	private $stateStorage;
+
+	public function __construct(IUser $myUser, $mySecret, EmailService $EmailService, OCCONFIG $occonfig, IRegistry $registry, Email $provider, StateStorage $stateStorage) {
+		$this->myUser = $myUser;
+		$this->mySecret = $mySecret;
+		$this->emailService = $EmailService;
+		$this->occonfig = $occonfig;
+		$this->registry = $registry;
+		$this->provider = $provider;
+		$this->stateStorage = $stateStorage;
+	}
+
+	private function setEnabledActivity() {
+		$isEnforced = $this->occonfig->getSystemValue('twofactor_enforced');
+		if ($isEnforced) {
+			$this->registry->enableProviderFor($this->provider, $this->myUser);
+		}
+	}
+
+	public function getBody(): Template {
+		if($this->myUser->getEMailAddress() === null) {
+			return new Template('twofactor_email', 'error_email_empty');
+		}
+		try {
+			$this->emailService->send($this->myUser, $this->mySecret);
+		} catch (\Exception $ex) {
+			return new Template('twofactor_email', 'error');
+		}
+		$this->setEnabledActivity();
+		$tmpl = new Template('twofactor_email', 'challenge_forFirstConfig');
+		$tmpl->assign('emailAddress', $this->myUser->getEmailAddress());
+		return $tmpl;
+	}
+}
diff --git a/lib/Provider/Email.php b/lib/Provider/Email.php
old mode 100644
new mode 100755
index e6ed571..4f197f0
--- a/lib/Provider/Email.php
+++ b/lib/Provider/Email.php
@@ -8,7 +8,8 @@
 use OCA\TwoFactorEmail\Service\Email as EmailService;
 use OCA\TwoFactorEmail\Service\StateStorage;
 use OCA\TwoFactorEmail\Settings\PersonalSettings;
-
+use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
+use OCP\Authentication\TwoFactorAuth\ILoginSetupProvider;
 use OCP\Authentication\TwoFactorAuth\IPersonalProviderSettings;
 use OCP\Authentication\TwoFactorAuth\IProvider;
 use OCP\Authentication\TwoFactorAuth\IProvidesIcons;
@@ -20,8 +21,11 @@
 use OCP\IUser;
 use OCP\Security\ISecureRandom;
 use OCP\Template;
+use OCP\AppFramework\IAppContainer;
+use OCP\IConfig as OCCONFIG;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
 
-class Email implements IProvider, IProvidesIcons, IProvidesPersonalSettings {
+class Email implements IProvider, IProvidesIcons, IProvidesPersonalSettings, IActivatableAtLogin {
 	public const STATE_DISABLED = 0;
 	public const STATE_VERIFYING = 1;
 	public const STATE_ENABLED = 2;
@@ -53,7 +57,10 @@ public function __construct(EmailService $emailService,
 								ISecureRandom $secureRandom,
 								IL10N $l10n,
 								IInitialStateService $initialStateService,
-								IURLGenerator $urlGenerator) {
+								IURLGenerator $urlGenerator,
+								IAppContainer $container,
+								OCCONFIG $occonfig,
+								IRegistry $registry) {
 		$this->emailService = $emailService;
 		$this->stateStorage = $stateStorage;
 		$this->session = $session;
@@ -61,6 +68,9 @@ public function __construct(EmailService $emailService,
 		$this->l10n = $l10n;
 		$this->initialStateService = $initialStateService;
 		$this->urlGenerator = $urlGenerator;
+		$this->container = $container;
+		$this->occonfig = $occonfig;
+		$this->registry = $registry;
 	}
 
 	private function getSessionKey(): string {
@@ -142,10 +152,14 @@ public function getPersonalSettings(IUser $user): IPersonalProviderSettings {
 	}
 
 	public function getLightIcon(): String {
-		return $this->urlGenerator->imagePath(Application::APP_NAME, 'app.svg');
+		return $this->urlGenerator->imagePath(Application::APP_NAME, 'app.svg') ?? '';
 	}
 
 	public function getDarkIcon(): String {
-		return $this->urlGenerator->imagePath(Application::APP_NAME, 'app-dark.svg');
+		return $this->urlGenerator->imagePath(Application::APP_NAME, 'app-dark.svg') ?? '';
+	}
+
+	public function getLoginSetup(IUser $user): ILoginSetupProvider {
+		return new AtLoginProvider($user, $this->getSecret(), $this->emailService, $this->occonfig, $this->registry, $this, $this->stateStorage);
 	}
 }
diff --git a/lib/Provider/State.php b/lib/Provider/State.php
old mode 100644
new mode 100755
diff --git a/lib/Service/Email.php b/lib/Service/Email.php
old mode 100644
new mode 100755
diff --git a/lib/Service/SetupService.php b/lib/Service/SetupService.php
old mode 100644
new mode 100755
diff --git a/lib/Service/StateStorage.php b/lib/Service/StateStorage.php
old mode 100644
new mode 100755
diff --git a/lib/Settings/PersonalSettings.php b/lib/Settings/PersonalSettings.php
old mode 100644
new mode 100755
diff --git a/templates/challenge.php b/templates/challenge.php
old mode 100644
new mode 100755
diff --git a/templates/challenge_forFirstConfig.php b/templates/challenge_forFirstConfig.php
new file mode 100644
index 0000000..121fcff
--- /dev/null
+++ b/templates/challenge_forFirstConfig.php
@@ -0,0 +1,9 @@
+<img class="two-factor-icon" src="<?php print_unescaped(image_path('twofactor_email', 'email-code-light.svg')); ?>" alt="<?php p($l->t('Two-Factor Email app icon')); ?>">
+<p><?php p($l->t('A code has been sent to your email address.')) ?></p>
+<p><?php p($l->t('Verify your email address to enable Two-Factor Email (for your account)')) ?></p>
+<form method="POST" class="twofactor-email-form">
+	<input type="tel" minlength="6" maxlength="6" name="challenge" required="required" autofocus autocomplete="one-time-code" autocapitalize="off" placeholder="<?php p($l->t('Authentication code')) ?>">
+	<button class="primary two-factor-submit" type="submit">
+		<?php p($l->t('Submit')); ?>
+	</button>
+</form>
diff --git a/templates/error.php b/templates/error.php
old mode 100644
new mode 100755
diff --git a/templates/error_email_empty.php b/templates/error_email_empty.php
new file mode 100644
index 0000000..0127896
--- /dev/null
+++ b/templates/error_email_empty.php
@@ -0,0 +1,3 @@
+<fieldset class="warning">
+	<?php p($l->t('Error: you do not have an email address set. Please use a different 2FA method or ask your administrator to set up your email address for you.')); ?>
+</fieldset>
diff --git a/templates/personal_settings.php b/templates/personal_settings.php
old mode 100644
new mode 100755