diff --git a/app/Console/Commands/UserToggle2FA.php b/app/Console/Commands/UserToggle2FA.php index eed6843da..b6baf680c 100644 --- a/app/Console/Commands/UserToggle2FA.php +++ b/app/Console/Commands/UserToggle2FA.php @@ -30,7 +30,7 @@ class UserToggle2FA extends Command implements PromptsForMissingInput protected function promptForMissingArgumentsUsing() { return [ - 'username' => 'Which username should we disable 2FA for?', + 'username' => 'Which username should we disable MFA for?', ]; } @@ -46,16 +46,16 @@ class UserToggle2FA extends Command implements PromptsForMissingInput exit; } - if(!$user->{'2fa_enabled'}) { - $this->info('User did not have 2FA enabled!'); + if(!$user->mfa_enabled) { + $this->info('User did not have MFA enabled!'); return; } - $user->{'2fa_enabled'} = false; - $user->{'2fa_secret'} = null; - $user->{'2fa_backup_codes'} = null; + $user->mfa_enabled = false; + $user->mfa_secret = null; + $user->mfa_backup_codes = null; $user->save(); - $this->info('Successfully disabled 2FA on this account!'); + $this->info('Successfully disabled MFA on this account!'); } } diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php index 3c478bab5..2036b2bf4 100644 --- a/app/Http/Controllers/AccountController.php +++ b/app/Http/Controllers/AccountController.php @@ -533,7 +533,7 @@ class AccountController extends Controller $user = Auth::user(); $code = $request->input('code'); $google2fa = new Google2FA; - $verify = $google2fa->verifyKey($user->{'2fa_secret'}, $code); + $verify = $google2fa->verifyKey($user->mfa_secret, $code); if ($verify) { $request->session()->push('2fa.session.active', true); @@ -564,13 +564,13 @@ class AccountController extends Controller protected function twoFactorBackupCheck($request, $code, User $user) { - $backupCodes = $user->{'2fa_backup_codes'}; + $backupCodes = $user->mfa_backup_codes; if ($backupCodes) { $codes = json_decode($backupCodes, true); foreach ($codes as $c) { if (hash_equals($c, $code)) { $codes = array_flatten(array_diff($codes, [$code])); - $user->{'2fa_backup_codes'} = json_encode($codes); + $user->mfa_backup_codes = json_encode($codes); $user->save(); $request->session()->push('2fa.session.active', true); diff --git a/app/Http/Controllers/Admin/AdminDirectoryController.php b/app/Http/Controllers/Admin/AdminDirectoryController.php index a5923894b..df47d0dd5 100644 --- a/app/Http/Controllers/Admin/AdminDirectoryController.php +++ b/app/Http/Controllers/Admin/AdminDirectoryController.php @@ -30,7 +30,7 @@ trait AdminDirectoryController $res['countries'] = collect((new ISO3166)->all())->pluck('name'); $res['admins'] = User::whereIsAdmin(true) - ->where('2fa_enabled', true) + ->where('mfa_enabled', true) ->get()->map(function ($user) { return [ 'uid' => (string) $user->id, diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php index 6181b8b01..0ec25bc76 100644 --- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php +++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php @@ -388,8 +388,8 @@ class ApiV1Dot1Controller extends Controller } $res = [ - 'active' => (bool) $user->{'2fa_enabled'}, - 'setup_at' => $user->{'2fa_setup_at'}, + 'active' => (bool) $user->mfa_enabled, + 'setup_at' => $user->mfa_setup_at, ]; return $this->json($res); diff --git a/app/Http/Controllers/Settings/SecuritySettings.php b/app/Http/Controllers/Settings/SecuritySettings.php index 604a1e90b..edceab367 100644 --- a/app/Http/Controllers/Settings/SecuritySettings.php +++ b/app/Http/Controllers/Settings/SecuritySettings.php @@ -43,7 +43,7 @@ trait SecuritySettings public function securityTwoFactorSetup(Request $request) { $user = Auth::user(); - if($user->{'2fa_enabled'} && $user->{'2fa_secret'}) { + if($user->mfa_enabled && $user->mfa_secret) { return redirect(route('account.security')); } $backups = $this->generateBackupCodes(); @@ -65,8 +65,8 @@ trait SecuritySettings ) ); $qrcode = $writer->writeString($qrcode); - $user->{'2fa_secret'} = $key; - $user->{'2fa_backup_codes'} = json_encode($backups); + $user->mfa_secret = $key; + $user->mfa_backup_codes = json_encode($backups); $user->save(); return view('settings.security.2fa.setup', compact('user', 'qrcode', 'backups')); } @@ -84,7 +84,7 @@ trait SecuritySettings public function securityTwoFactorSetupStore(Request $request) { $user = Auth::user(); - if($user->{'2fa_enabled'} && $user->{'2fa_secret'}) { + if($user->mfa_enabled && $user->mfa_secret) { abort(403, 'Two factor auth is already setup.'); } $this->validate($request, [ @@ -92,10 +92,10 @@ trait SecuritySettings ]); $code = $request->input('code'); $google2fa = new Google2FA(); - $verify = $google2fa->verifyKey($user->{'2fa_secret'}, $code); + $verify = $google2fa->verifyKey($user->mfa_secret, $code); if($verify) { - $user->{'2fa_enabled'} = true; - $user->{'2fa_setup_at'} = Carbon::now(); + $user->mfa_enabled = true; + $user->mfa_setup_at = Carbon::now(); $user->save(); return response()->json(['msg'=>'success']); } else { @@ -107,7 +107,7 @@ trait SecuritySettings { $user = Auth::user(); - if(!$user->{'2fa_enabled'} || !$user->{'2fa_secret'}) { + if(!$user->mfa_enabled || !$user->mfa_secret) { abort(403); } @@ -118,10 +118,10 @@ trait SecuritySettings { $user = Auth::user(); - if(!$user->{'2fa_enabled'} || !$user->{'2fa_secret'} || !$user->{'2fa_backup_codes'}) { + if(!$user->mfa_enabled || !$user->mfa_secret || !$user->mfa_backup_codes) { abort(403); } - $codes = json_decode($user->{'2fa_backup_codes'}, true); + $codes = json_decode($user->mfa_backup_codes, true); return view('settings.security.2fa.recovery-codes', compact('user', 'codes')); } @@ -129,11 +129,11 @@ trait SecuritySettings { $user = Auth::user(); - if(!$user->{'2fa_enabled'} || !$user->{'2fa_secret'}) { + if(!$user->mfa_enabled || !$user->mfa_secret) { abort(403); } $backups = $this->generateBackupCodes(); - $user->{'2fa_backup_codes'} = json_encode($backups); + $user->mfa_backup_codes = json_encode($backups); $user->save(); return redirect(route('settings.security.2fa.recovery')); } @@ -142,7 +142,7 @@ trait SecuritySettings { $user = Auth::user(); - if(!$user->{'2fa_enabled'} || !$user->{'2fa_secret'} || !$user->{'2fa_backup_codes'}) { + if(!$user->mfa_enabled || !$user->mfa_secret || !$user->mfa_backup_codes) { abort(403); } @@ -154,14 +154,14 @@ trait SecuritySettings abort(403); } - $user->{'2fa_enabled'} = false; - $user->{'2fa_secret'} = null; - $user->{'2fa_backup_codes'} = null; - $user->{'2fa_setup_at'} = null; + $user->mfa_enabled = false; + $user->mfa_secret = null; + $user->mfa_backup_codes = null; + $user->mfa_setup_at = null; $user->save(); return response()->json([ - 'msg' => 'Successfully removed 2fa device' + 'msg' => 'Successfully removed MFA device' ], 200); } } diff --git a/app/Http/Middleware/TwoFactorAuth.php b/app/Http/Middleware/TwoFactorAuth.php index ff3244575..90434198b 100644 --- a/app/Http/Middleware/TwoFactorAuth.php +++ b/app/Http/Middleware/TwoFactorAuth.php @@ -18,7 +18,7 @@ class TwoFactorAuth { if($request->user()) { $user = $request->user(); - $enabled = (bool) $user->{'2fa_enabled'}; + $enabled = (bool) $user->mfa_enabled; if($enabled != false) { $checkpoint = 'i/auth/checkpoint'; if($request->session()->has('2fa.session.active') !== true && !$request->is($checkpoint) && !$request->is('logout')) diff --git a/app/Http/Resources/AdminUser.php b/app/Http/Resources/AdminUser.php index 390c5c00e..40499db66 100644 --- a/app/Http/Resources/AdminUser.php +++ b/app/Http/Resources/AdminUser.php @@ -25,7 +25,7 @@ class AdminUser extends JsonResource 'is_admin' => (bool) $this->is_admin, 'email' => $this->email, 'email_verified_at' => $this->email_verified_at, - 'two_factor_enabled' => (bool) $this->{'2fa_enabled'}, + 'two_factor_enabled' => (bool) $this->mfa_enabled, 'register_source' => $this->register_source, 'app_register_ip' => $this->app_register_ip, 'has_interstitial' => (bool) $this->has_interstitial, diff --git a/app/Jobs/DeletePipeline/DeleteAccountPipeline.php b/app/Jobs/DeletePipeline/DeleteAccountPipeline.php index f3f335e8c..f5f37dd96 100644 --- a/app/Jobs/DeletePipeline/DeleteAccountPipeline.php +++ b/app/Jobs/DeletePipeline/DeleteAccountPipeline.php @@ -219,10 +219,10 @@ class DeleteAccountPipeline implements ShouldQueue $user->remember_token = null; $user->is_admin = false; $user->expo_token = null; - $user->{'2fa_enabled'} = false; - $user->{'2fa_secret'} = null; - $user->{'2fa_backup_codes'} = null; - $user->{'2fa_setup_at'} = null; + $user->mfa_enabled = false; + $user->mfa_secret = null; + $user->mfa_backup_codes = null; + $user->mfa_setup_at = null; $user->save(); }); } diff --git a/app/User.php b/app/User.php index d6dee4558..a1d74fe7a 100644 --- a/app/User.php +++ b/app/User.php @@ -26,7 +26,7 @@ class User extends Authenticatable return [ 'deleted_at' => 'datetime', 'email_verified_at' => 'datetime', - '2fa_setup_at' => 'datetime', + 'mfa_setup_at' => 'datetime', 'last_active_at' => 'datetime', ]; } @@ -60,8 +60,8 @@ class User extends Authenticatable */ protected $hidden = [ 'email', 'password', 'is_admin', 'remember_token', - 'email_verified_at', '2fa_enabled', '2fa_secret', - '2fa_backup_codes', '2fa_setup_at', 'deleted_at', + 'email_verified_at', 'mfa_enabled', 'mfa_secret', + 'mfa_backup_codes', 'mfa_setup_at', 'deleted_at', 'updated_at', ]; diff --git a/database/migrations/2025_11_13_012725_rename_2fa_columns_to_mfa_in_users_table.php b/database/migrations/2025_11_13_012725_rename_2fa_columns_to_mfa_in_users_table.php new file mode 100644 index 000000000..d1139d283 --- /dev/null +++ b/database/migrations/2025_11_13_012725_rename_2fa_columns_to_mfa_in_users_table.php @@ -0,0 +1,34 @@ +renameColumn('2fa_enabled', 'mfa_enabled'); + $table->renameColumn('2fa_secret', 'mfa_secret'); + $table->renameColumn('2fa_backup_codes', 'mfa_backup_codes'); + $table->renameColumn('2fa_setup_at', 'mfa_setup_at'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('users', function (Blueprint $table) { + $table->renameColumn('mfa_enabled', '2fa_enabled'); + $table->renameColumn('mfa_secret', '2fa_secret'); + $table->renameColumn('mfa_backup_codes', '2fa_backup_codes'); + $table->renameColumn('mfa_setup_at', '2fa_setup_at'); + }); + } +}; diff --git a/resources/assets/components/admin/AdminDirectory.vue b/resources/assets/components/admin/AdminDirectory.vue index 53eade198..476e834ec 100644 --- a/resources/assets/components/admin/AdminDirectory.vue +++ b/resources/assets/components/admin/AdminDirectory.vue @@ -337,7 +337,7 @@

No admin(s) found

@@ -506,7 +506,7 @@
  • No analytics or 3rd party trackers*
  • User data is not sold to any 3rd parties
  • Data is stored securely in accordance with industry standards
    • -
  • Admin accounts are protected with 2FA
    • +
  • Admin accounts are protected with MFA
  • Follow strict support procedures to keep your accounts safe
  • Give at least 6 months warning in the event we shut down
    • diff --git a/resources/views/auth/checkpoint.blade.php b/resources/views/auth/checkpoint.blade.php index fd99073dc..8edfe36cf 100644 --- a/resources/views/auth/checkpoint.blade.php +++ b/resources/views/auth/checkpoint.blade.php @@ -14,12 +14,12 @@ -

    2FA Checkpoint

    +

    MFA Checkpoint

    - Enter the 2FA code from your device. + Enter the MFA code from your device.

    - If you lose access to your 2FA device, contact the admins. + If you lose access to your MFA device, contact the admins.

    @@ -30,7 +30,7 @@
    - +

    {{__('settings.security.two_factor_authentication')}}

    - @if($user->{'2fa_enabled'}) + @if($user->mfa_enabled) {{__('settings.security.enabled')}} @endif
    - @if($user->{'2fa_enabled'}) + @if($user->mfa_enabled) @include('settings.security.2fa.partial.edit-panel') @else @include('settings.security.2fa.partial.disabled-panel') diff --git a/resources/views/settings/security/2fa/edit.blade.php b/resources/views/settings/security/2fa/edit.blade.php index a55ea1842..7076642d2 100644 --- a/resources/views/settings/security/2fa/edit.blade.php +++ b/resources/views/settings/security/2fa/edit.blade.php @@ -24,7 +24,7 @@

    - Added {{$user->{'2fa_setup_at'}->diffForHumans()}} + Added {{$user->mfa_setup_at->diffForHumans()}}

    diff --git a/resources/views/settings/security/2fa/setup.blade.php b/resources/views/settings/security/2fa/setup.blade.php index 1ac247d59..821d86f3f 100644 --- a/resources/views/settings/security/2fa/setup.blade.php +++ b/resources/views/settings/security/2fa/setup.blade.php @@ -54,7 +54,7 @@

    OTP Secret

    - +
    @@ -76,7 +76,7 @@
    -

    Please store the following codes in a safe place, each backup code can be used only once if you do not have access to your 2FA mobile app.

    +

    Please store the following codes in a safe place, each backup code can be used only once if you do not have access to your MFA mobile app.

    @foreach($backups as $code)