From e87c6187785c006bdf5992d821d5f6ef8e0ce8a5 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Mon, 19 Feb 2024 17:28:15 +1100
Subject: [PATCH] Updated 2FA error message response

---
 app/Http/Controllers/SmtpController.php      | 2 --
 app/Http/Controllers/TwoFactorController.php | 4 ++++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/SmtpController.php b/app/Http/Controllers/SmtpController.php
index 5588c668edb0..b28275e62fff 100644
--- a/app/Http/Controllers/SmtpController.php
+++ b/app/Http/Controllers/SmtpController.php
@@ -30,8 +30,6 @@ class SmtpController extends BaseController
         $user = auth()->user();
         $company = $user->company();
 
-
-
         config([
             'mail.mailers.smtp' => [
                 'transport' => 'smtp',
diff --git a/app/Http/Controllers/TwoFactorController.php b/app/Http/Controllers/TwoFactorController.php
index 083aea6ac011..282b41025879 100644
--- a/app/Http/Controllers/TwoFactorController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@@ -72,6 +72,10 @@ class TwoFactorController extends BaseController
             return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
         } elseif (! $secret || ! $google2fa->verifyKey($secret, $oneTimePassword)) {
             return response()->json(['message' => ctrans('texts.invalid_one_time_password')], 400);
+        }elseif (! $user->phone) {
+            return response()->json(['message' => ctrans('texts.set_phone_for_two_factor')], 400);
+        } elseif (! $user->isVerified()) {
+            return response()->json(['message' => 'Please confirm your account first'], 400);
         }
 
         return response()->json(['message' => 'No phone record or user is not confirmed'], 400);