Started moving MFA and email confirmation to new login flow

Instead of being soley middleware based.

app/Http/Middleware/Authenticate.php

@@ -7,17 +7,11 @@ use Illuminate\Http\Request;
 
 class Authenticate
 {
-    use ChecksForEmailConfirmation;
-
     /**
      * Handle an incoming request.
      */
     public function handle(Request $request, Closure $next)
     {
-        if ($this->awaitingEmailConfirmation()) {
-            return $this->emailConfirmationErrorResponse($request);
-        }
-
         if (!hasAppAccess()) {
             if ($request->ajax()) {
                 return response('Unauthorized.', 401);

app/Http/Middleware/ChecksForEmailConfirmation.php

@@ -1,36 +0,0 @@
-<?php
-
-namespace BookStack\Http\Middleware;
-
-use BookStack\Exceptions\UnauthorizedException;
-
-trait ChecksForEmailConfirmation
-{
-    /**
-     * Check if the current user has a confirmed email if the instance deems it as required.
-     * Throws if confirmation is required by the user.
-     *
-     * @throws UnauthorizedException
-     */
-    protected function ensureEmailConfirmedIfRequested()
-    {
-        if ($this->awaitingEmailConfirmation()) {
-            throw new UnauthorizedException(trans('errors.email_confirmation_awaiting'));
-        }
-    }
-
-    /**
-     * Check if email confirmation is required and the current user is awaiting confirmation.
-     */
-    protected function awaitingEmailConfirmation(): bool
-    {
-        if (auth()->check()) {
-            $requireConfirmation = (setting('registration-confirmation') || setting('registration-restrict'));
-            if ($requireConfirmation && !auth()->user()->email_confirmed) {
-                return true;
-            }
-        }
-
-        return false;
-    }
-}

app/Http/Middleware/EnforceMfaRequirements.php

@@ -1,48 +0,0 @@
-<?php
-
-namespace BookStack\Http\Middleware;
-
-use BookStack\Auth\Access\Mfa\MfaSession;
-use Closure;
-
-class EnforceMfaRequirements
-{
-    protected $mfaSession;
-
-    /**
-     * EnforceMfaRequirements constructor.
-     */
-    public function __construct(MfaSession $mfaSession)
-    {
-        $this->mfaSession = $mfaSession;
-    }
-
-    /**
-     * Handle an incoming request.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @return mixed
-     */
-    public function handle($request, Closure $next)
-    {
-        if (
-            !$this->mfaSession->isVerified()
-            && !$request->is('mfa/verify*', 'uploads/images/user/*')
-            && $this->mfaSession->requiredForCurrentUser()
-        ) {
-//            return redirect('/mfa/verify');
-        }
-
-        // TODO - URI wildcard exceptions above allow access to the 404 page of this user
-        //  which could then expose content. Either need to lock that down (Tricky to do image thing)
-        //  or prevent any level of auth until verified.
-
-        // TODO - Need to redirect to setup if not configured AND ONLY IF NO OPTIONS CONFIGURED
-        //    Might need to change up such routes to start with /configure/ for such identification.
-        //    (Can't allow access to those if already configured)
-        // TODO - Store mfa_pass into session for future requests?
-
-        return $next($request);
-    }
-}