Enter 2FA input token before save model

[jetwes]

At the moment it is impossible to verify that the user activated 2fa in his device.
It should be mandatory that the user has to confirm the activation with an actual 2fa code.
This is not possible at the moment because in "Laravel\Fortify\Actions\EnableTwoFactorAuthentication" the database field is filled on activation. The generation of the secret has to be done before and the secret has to be an option in the action so it is possible to check a valid code before the secret is saved to the database.

related to https://github.com/laravel/jetstream/issues/74

[driesvints]

Gonna mark this as a duplicate of laravel/jetstream#74 to keep the discussion focused.

[jetwes]

understood. But the implementation belongs to fortify in my opinion ;)
I implemented fortify in one of my apps and had to write my own action because with the actual design it's impossible to cache the secret before saving to the database.

[driesvints]

It probably will be. You're always free to attempt a pr if you like 👍

[jetwes]

ok - will look into this tonight