Fixed issue with 2fa not enabling

Added in disable button for 2fa

app/controllers/application_controller.rb

@@ -240,7 +240,7 @@ class ApplicationController < ActionController::Base
 
   def check_2fa_requirement
     if two_factor_authentication_required? && current_user && !current_user.two_factor_enabled && !skip_two_factor?
-      redirect_to new_profile_two_factor_auth_path
+      redirect_to profile_account_path
     end
   end
 

app/controllers/profiles/accounts_controller.rb

@@ -1,4 +1,6 @@
 class Profiles::AccountsController < Profiles::ApplicationController
+  skip_before_action :check_2fa_requirement
+  
   def show
     unless current_user.otp_secret
       current_user.otp_secret = User.generate_otp_secret(32)
@@ -10,6 +12,15 @@ class Profiles::AccountsController < Profiles::ApplicationController
 
     current_user.save! if current_user.changed?
 
+    if two_factor_authentication_required?
+      if two_factor_grace_period_expired?
+        flash.now[:alert] = 'You must enable Two-factor Authentication for your account.'
+      else
+        grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours
+        flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}."
+      end
+    end
+
     @user = current_user
 
     @qr_code = build_qr_code

app/controllers/profiles/two_factor_auths_controller.rb

@@ -2,26 +2,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
   skip_before_action :check_2fa_requirement
 
   def new
-    unless current_user.otp_secret
-      current_user.otp_secret = User.generate_otp_secret(32)
-    end
-
-    unless current_user.otp_grace_period_started_at && two_factor_grace_period
-      current_user.otp_grace_period_started_at = Time.current
-    end
-
-    current_user.save! if current_user.changed?
-
-    if two_factor_authentication_required?
-      if two_factor_grace_period_expired?
-        flash.now[:alert] = 'You must enable Two-factor Authentication for your account.'
-      else
-        grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours
-        flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}."
-      end
-    end
-
-    @qr_code = build_qr_code
+    redirect_to profile_account_path
   end
 
   def create
@@ -32,10 +13,9 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
 
       render 'create'
     else
-      @error = 'Invalid pin code'
-      @qr_code = build_qr_code
+      error = 'Invalid pin code'
 
-      render 'new'
+      redirect_to profile_account_path, flash: { error: error }
     end
   end
 

app/views/profiles/accounts/show.html.haml

@@ -57,12 +57,18 @@
               = current_user.otp_secret.scan(/.{4}/).join(' ')
             %p.two-factor-new-manual-content
               Time based: Yes
-      = form_for @user, url: "", method: :put do |f|
+      = form_for @user, url: profile_two_factor_auth_path, method: :post do |f|
+        - if flash[:error]
+          .alert.alert-danger
+            = flash[:error]
         .form-group
           = label_tag :pin_code, nil, class: "label-light"
           = text_field_tag :pin_code, nil, class: "form-control", required: true
         .prepend-top-default
           = submit_tag 'Enable two-factor authentication', class: 'btn btn-success'
+    - else
+      = link_to 'Disable Two-factor Authentication', profile_two_factor_auth_path, method: :delete, class: 'btn btn-danger',
+              data: { confirm: 'Are you sure?' }
 %hr
 - if button_based_providers.any?
   .row.prepend-top-default