adding isChannelEnabledInConfig

Author: anwarx4u

config/mfa.php

@@ -5,15 +5,15 @@
     'code_ttl_seconds' => 300,
 
     'email' => [
-        'enabled'      => env('MFA_EMAIL_ENABLED', true),
+        'enabled'      => (bool)env('MFA_EMAIL_ENABLED', true),
         'from_address' => env('MFA_EMAIL_FROM_ADDRESS', env('MAIL_FROM_ADDRESS')),
         'from_name'    => env('MFA_EMAIL_FROM_NAME', env('MAIL_FROM_NAME', 'Laravel')),
         'subject'      => env('MFA_EMAIL_SUBJECT', 'Your verification code'),
         'channel'      => env('MFA_EMAIL_CHANNEL', \CodingLibs\MFA\Channels\EmailChannel::class),
     ],
 
     'sms' => [
-        'enabled' => env('MFA_SMS_ENABLED', true),
+        'enabled' => (bool)env('MFA_SMS_ENABLED', true),
         'driver'  => env('MFA_SMS_DRIVER', 'log'), // log|null
         'from'    => env('MFA_SMS_FROM', ''),
         'channel' => env('MFA_SMS_CHANNEL', \CodingLibs\MFA\Channels\SmsChannel::class),
@@ -27,7 +27,7 @@
     ],
 
     'remember' => [
-        'enabled'       => env('MFA_REMEMBER_ENABLED', true),
+        'enabled'       => (bool)env('MFA_REMEMBER_ENABLED', true),
         'cookie'        => env('MFA_REMEMBER_COOKIE', 'mfa_rd'),
         'lifetime_days' => (int)env('MFA_REMEMBER_LIFETIME_DAYS', 30),
         'path'          => env('MFA_REMEMBER_PATH', '/'),
@@ -38,7 +38,7 @@
     ],
 
     'recovery' => [
-        'enabled'           => env('MFA_RECOVERY_ENABLED', true),
+        'enabled'           => (bool)env('MFA_RECOVERY_ENABLED', true),
         'codes_count'       => (int)env('MFA_RECOVERY_CODES_COUNT', 10),
         'code_length'       => (int)env('MFA_RECOVERY_CODE_LENGTH', 10),
         'regenerate_on_use' => env('MFA_RECOVERY_REGENERATE_ON_USE', false),

src/Facades/MFA.php

@@ -37,6 +37,7 @@
  * @method static bool verifyRecoveryCode(\Illuminate\Contracts\Auth\Authenticatable $user, string $code)
  * @method static int getRemainingRecoveryCodesCount(\Illuminate\Contracts\Auth\Authenticatable $user)
  * @method static int clearRecoveryCodes(\Illuminate\Contracts\Auth\Authenticatable $user)
+ * @method static array getEnabledChannels(\Illuminate\Contracts\Auth\Authenticatable $user)
  *
  * @mixin \CodingLibs\MFA\MFA
  * @see \CodingLibs\MFA\MFA

src/MFA.php

@@ -561,5 +561,46 @@ protected function hashRecoveryCode(string $code): string
         $algo = (string) Arr::get($this->config, 'recovery.hash_algo', 'sha256');
         return hash($algo, $code);
     }
+
+    /**
+     * Get all channels that are enabled both by the client and by configuration.
+     * 
+     * @param Authenticatable $user The user to check enabled methods for
+     * @return array<string, MfaChannel> Array of channel name => channel instance
+     */
+    public function getEnabledChannels(Authenticatable $user): array
+    {
+        $enabledChannels = [];
+        
+        foreach ($this->registry->all() as $name => $channel) {
+            // Check if channel is enabled in config
+            $configEnabled = $this->isChannelEnabledInConfig($name);
+            
+            // Check if method is enabled by client
+            $clientEnabled = $this->isEnabled($user, $name);
+            
+            if ($configEnabled && $clientEnabled) {
+                $enabledChannels[$name] = $channel;
+            }
+        }
+        
+        return $enabledChannels;
+    }
+
+    /**
+     * Check if a channel is enabled in the configuration.
+     * 
+     * @param string $channelName The channel name to check
+     * @return bool True if the channel is enabled in config
+     */
+    protected function isChannelEnabledInConfig(string $channelName): bool
+    {
+        $channelName = strtolower($channelName);
+        
+        // Check if the channel has an 'enabled' property in config
+        $enabled = Arr::get($this->config, "{$channelName}.enabled", true);
+        
+        return (bool) $enabled;
+    }
 }
 

tests/Feature/MFATest.php

@@ -161,4 +161,61 @@ public function send(Authenticatable $user, string $code, array $options = []):
 	expect($skipAgain)->toBeFalse();
 });
 
+it('returns only channels enabled by both client and config', function () {
+	$user = new MFATestFakeUser(2001, 'user@example.com');
+	$mfa = app(MFA::class);
+
+	// Initially, no channels should be enabled by client
+	$enabledChannels = $mfa->getEnabledChannels($user);
+	expect($enabledChannels)->toBeEmpty();
+
+	// Enable email method for the user
+	$mfa->enableMethod($user, 'email');
+	
+	// Now email should be in enabled channels (if config allows it)
+	$enabledChannels = $mfa->getEnabledChannels($user);
+	expect($enabledChannels)->toHaveKey('email');
+	expect($enabledChannels['email'])->toBeInstanceOf(MfaChannel::class);
+
+	// Enable SMS method for the user
+	$mfa->enableMethod($user, 'sms');
+	
+	// Now both email and sms should be in enabled channels (if config allows them)
+	$enabledChannels = $mfa->getEnabledChannels($user);
+	expect($enabledChannels)->toHaveKeys(['email', 'sms']);
+	expect($enabledChannels['email'])->toBeInstanceOf(MfaChannel::class);
+	expect($enabledChannels['sms'])->toBeInstanceOf(MfaChannel::class);
+
+	// Disable email method for the user
+	$mfa->disableMethod($user, 'email');
+	
+	// Now only sms should be in enabled channels
+	$enabledChannels = $mfa->getEnabledChannels($user);
+	expect($enabledChannels)->not->toHaveKey('email');
+	expect($enabledChannels)->toHaveKey('sms');
+	expect($enabledChannels['sms'])->toBeInstanceOf(MfaChannel::class);
+});
+
+it('excludes channels disabled in config even if enabled by client', function () {
+	$user = new MFATestFakeUser(2002, 'user@example.com');
+	
+	// Create MFA instance with custom config where email is disabled
+	$config = config('mfa');
+	$config['email']['enabled'] = false;
+	$mfa = new MFA($config);
+
+	// Enable email method for the user
+	$mfa->enableMethod($user, 'email');
+	
+	// Email should not be in enabled channels because it's disabled in config
+	$enabledChannels = $mfa->getEnabledChannels($user);
+	expect($enabledChannels)->not->toHaveKey('email');
+	
+	// But SMS should still be there if enabled in config and by client
+	$mfa->enableMethod($user, 'sms');
+	$enabledChannels = $mfa->getEnabledChannels($user);
+	expect($enabledChannels)->toHaveKey('sms');
+	expect($enabledChannels)->not->toHaveKey('email');
+});
+