user(); if ($user === null || ! config('security.mfa.required')) { return $next($request); } if (! $user->hasMfaEnabled()) { if ($request->routeIs('mfa.setup', 'mfa.enable', 'logout')) { return $next($request); } return redirect()->route('mfa.setup'); } if (! $request->session()->get('mfa.verified', false)) { if ($request->routeIs('mfa.challenge', 'mfa.verify', 'logout')) { return $next($request); } return redirect()->route('mfa.challenge'); } return $next($request); } }