Add custom validation rule with translation.

[bskl]

With custom validation rule we can easily to redirect form page when the pin code is invalid.

[DarkGhostHunter]

It will fail if the user is not an instance of 2FA. It also confirms the code instead of just validating it.

Instead, you could make a rule to just check if the code is valid. If the user is not 2FA, it should return false.

[bskl]

Ok, I'll make the changes soon.

[DarkGhostHunter]

The idea is to make the rule enforceable anywhere. The rule should be called totp_code, since its the name of the implementation.

It should only succeed if the string is, well, a string, the user is an instance of TwoFactorAuthenticatable and the code is correct.

public function __construct(Authenticatable $user = null)
{
    $this->user = $user
}

public function passes()
{
    if ($this->user instanceof TwoFactorAuthenticatable) {
        // ... check if the code is a string and is correct.
    }

    return false;
}

Of course this would bypass safe devices. You could use this validation rule to set manually the device as "safe" in any part of your code:

public function setSafeDevice(Request $request, Authenticatable $user)
{
    $request->validate('required|totp_code');

    $user->addSafeDevice($request);

    session()->flash('message', "This device has been added as safe and the app won't ask for codes");
}

[bskl]

I made some updates for translations.

[DarkGhostHunter]

Closing pending inactivity.

[bskl]

Hi,
Was a different change necessary? I implemented it as you wrote in your last comment.

[DarkGhostHunter]

It's all good.

[DarkGhostHunter]

Sorry about the latter, I didn't hit F5 enough times.

I arranged your code and made the implementation on 2.0. You rock.