- aded npm packages @types/qrcode, qrcode and node-f2a

- corrected UsersController.ts and RoleController.ts with correct routes for settings
- added migration script and ui and Controller for 2 Factor Authentication
- npm updates

app/Controllers/Http/Admin/RoleController.ts

@@ -129,7 +129,7 @@ export default class RoleController {
         }
 
         session.flash('message', 'Role has been updated successfully');
-        return response.redirect().toRoute('role.index');
+        return response.redirect().toRoute('settings.role.index');
     }
 
     public async destroy({ request, response, session }: HttpContextContract) {

app/Controllers/Http/Admin/UsersController.ts

@@ -151,7 +151,7 @@ export default class UsersController {
         }
 
         session.flash('message', 'User has been updated successfully');
-        return response.redirect().toRoute('user.index');
+        return response.redirect().toRoute('settings.user.index');
     }
 
     public async destroy({ request, response, session }: HttpContextContract) {
@@ -222,13 +222,13 @@ export default class UsersController {
             const { old_password, new_password } = request.only(['old_password', 'new_password']);
 
             // if (!(old_password && new_password && confirm_password)) {
-            //     return response.status(400).send({ message: 'Old password and new password are required.' });
+            //     return response.status(400).send({ warning: 'Old password and new password are required.' });
             // }
 
             // Verify if the provided old password matches the user's current password
             const isSame = await Hash.verify(user.password, old_password);
             if (!isSame) {
-                return response.flash({ message: 'Old password is incorrect.' }).redirect().back();
+                return response.flash({ warning: 'Old password is incorrect.' }).redirect().back();
             }
 
             // Hash the new password before updating the user's password
@@ -237,7 +237,7 @@ export default class UsersController {
 
             // return response.status(200).send({ message: 'Password updated successfully.' });
             session.flash('Password updated successfully.');
-            return response.redirect().toRoute('settings.user');
+            return response.redirect().toRoute('settings.user.index');
         } catch (error) {
             // return response.status(500).send({ message: 'Internal server error.' });
             return response.flash('warning', `Invalid server state. Internal server error.`).redirect().back();

app/Controllers/Http/Auth/UserController.ts

@@ -0,0 +1,78 @@
+import type { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
+import User from 'App/Models/User';
+// import Hash from '@ioc:Adonis/Core/Hash';
+// import InvalidCredentialException from 'App/Exceptions/InvalidCredentialException';
+// import AuthValidator from 'App/Validators/AuthValidator';
+import { RenderResponse } from '@ioc:EidelLev/Inertia';
+import TwoFactorAuthProvider from 'App/Services/TwoFactorAuthProvider';
+
+// Here we are generating secret and recovery codes for the user that’s enabling 2FA and storing them to our database.
+export default class UserController {
+    /**
+     * Show the user a form to change their personal information & password.
+     *
+     * @return — \Inertia\Response
+     */
+    public async accountInfo({ inertia, auth }: HttpContextContract): RenderResponse {
+        // const user = auth.user;
+        const user = (await User.find(auth.user?.id)) as User;
+        // const id = request.param('id');
+        // const user = await User.query().where('id', id).firstOrFail();
+
+        return inertia.render('Auth/AccountInfo', {
+            user: user,
+            twoFactorEnabled: user.isTwoFactorEnabled,
+            code: await TwoFactorAuthProvider.generateQrCode(user),
+        });
+    }
+
+    public async enableTwoFactorAuthentication({ auth, response, session }: HttpContextContract): Promise<void> {
+        // const user: User | undefined = auth?.user;
+        const user = (await User.find(auth.user?.id)) as User;
+
+        user.twoFactorSecret = TwoFactorAuthProvider.generateSecret(user);
+        user.twoFactorRecoveryCodes = await TwoFactorAuthProvider.generateRecoveryCodes();
+        await user.save();
+
+        session.flash('message', 'Two factor authentication enabled.');
+        return response.redirect().back();
+        // return inertia.render('Auth/AccountInfo', {
+        //     // status: {
+        //     //     type: 'success',
+        //     //     message: 'Two factor authentication enabled.',
+        //     // },
+        //     user: user,
+        //     twoFactorEnabled: user.isTwoFactorEnabled,
+        //     code: await TwoFactorAuthProvider.generateQrCode(user),
+        //     recoveryCodes: user.twoFactorRecoveryCodes,
+        // });
+    }
+
+    public async disableTwoFactorAuthentication({ auth, response, session }): Promise<void> {
+        const user = auth?.user;
+
+        user.twoFactorSecret = null;
+        user.twoFactorRecoveryCodes = null;
+        await user.save();
+
+        session.flash('message', 'Two factor authentication disabled.');
+        return response.redirect().back();
+        // return inertia.render('Auth/AccountInfo', {
+        //     // status: {
+        //     //     type: 'success',
+        //     //     message: 'Two factor authentication disabled.',
+        //     // },
+        //     user: user,
+        //     twoFactorEnabled: user.isTwoFactorEnabled,
+        // });
+    }
+
+    // public async fetchRecoveryCodes({ auth, view }) {
+    //     const user = auth?.user;
+
+    //     return view.render('pages/settings', {
+    //         twoFactorEnabled: user.isTwoFactorEnabled,
+    //         recoveryCodes: user.twoFactorRecoveryCodes,
+    //     });
+    // }
+}