Started on some MFA access-time checks

Discovered some difficult edge cases: - User image loading in header bar when using local_secure storage - 404s showing user-specific visible content due to content listing on 404 page since user is in semi-logged in state. Maybe need to go through and change up how logins are handled to centralise and provide us better control at login time to prevent any auth level.
2025-07-31 15:24:31 +03:00 · 2021-07-16 23:23:36 +01:00
parent f696aa5eea
commit 78f9c01519
6 changed files with 120 additions and 5 deletions
--- a/resources/views/mfa/verify.blade.php
+++ b/resources/views/mfa/verify.blade.php
@ -0,0 +1,31 @@
+@extends('simple-layout')
+
+@section('body')
+    <div class="container small py-xl">
+
+        <div class="card content-wrap auto-height">
+            <h1 class="list-heading">Verify Access</h1>
+            <p class="mb-none">
+                Your user account requires you to confirm your identity via an additional level
+                of verification before you're granted access.
+                Verify using one of your configure methods to continue.
+            </p>
+
+            <div class="setting-list">
+                <div class="grid half gap-xl">
+                    <div>
+                        <div class="setting-list-label">METHOD A</div>
+                        <p class="small">
+                            ...
+                        </p>
+                    </div>
+                    <div class="pt-m">
+                            <a href="{{ url('/mfa/verify/totp') }}" class="button outline">BUTTON</a>
+                    </div>
+                </div>
+
+            </div>
+
+        </div>
+    </div>
+@stop