From ec6bf52b4303ce796cec453401987847ed4a9f54 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sun, 6 Jun 2021 19:21:05 +1000
Subject: [PATCH] Add specific route for disabling 2FA

---
 app/Http/Controllers/TwoFactorController.php | 8 ++++++++
 app/Models/User.php                          | 2 +-
 app/Utils/HtmlEngine.php                     | 1 +
 routes/api.php                               | 1 +
 4 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/TwoFactorController.php b/app/Http/Controllers/TwoFactorController.php
index 6ba1444de3bb..5afd15264d57 100644
--- a/app/Http/Controllers/TwoFactorController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@@ -71,4 +71,12 @@ class TwoFactorController extends BaseController
         
     }
     
+    public function disableTwoFactor()
+    {
+        $user = auth()->user();
+        $user->google_2fa_secret = null;
+        $user->save();
+
+        return $this->itemResponse($user);
+    }
 }
diff --git a/app/Models/User.php b/app/Models/User.php
index a4a02e1ac421..115a4b951033 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -81,7 +81,7 @@ class User extends Authenticatable implements MustVerifyEmail
         'custom_value3',
         'custom_value4',
         'is_deleted',
-        'google_2fa_secret',
+        // 'google_2fa_secret',
     ];
 
     /**
diff --git a/app/Utils/HtmlEngine.php b/app/Utils/HtmlEngine.php
index 2e0f6c13ee0d..26c0283495e7 100644
--- a/app/Utils/HtmlEngine.php
+++ b/app/Utils/HtmlEngine.php
@@ -252,6 +252,7 @@ class HtmlEngine
         $data['$client.address2'] = &$data['$address2'];
         $data['$client_address'] = ['value' => $this->client->present()->address() ?: '&nbsp;', 'label' => ctrans('texts.address')];
         $data['$client.address'] = &$data['$client_address'];
+        $data['$client.postal_code'] = $this->client->postal_code;
         $data['$client.id_number'] = &$data['$id_number'];
         $data['$client.vat_number'] = &$data['$vat_number'];
         $data['$client.website'] = &$data['$website'];
diff --git a/routes/api.php b/routes/api.php
index 1a8a3e11387e..58aa8e1e798c 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -163,6 +163,7 @@ Route::group(['middleware' => ['api_db', 'token_auth', 'locale'], 'prefix' => 'a
 
     Route::get('settings/enable_two_factor', 'TwoFactorController@setupTwoFactor');
     Route::post('settings/enable_two_factor', 'TwoFactorController@enableTwoFactor');
+    Route::post('settings/disable_two_factor', 'TwoFactorController@disableTwoFactor');
 
     Route::resource('vendors', 'VendorController'); // name = (vendors. index / create / show / update / destroy / edit
     Route::post('vendors/bulk', 'VendorController@bulk')->name('vendors.bulk');