Extend Laravel Sanctum scheme/provider to support 2FA

[sts-ryan-holton]

I'm trying to get 2FA working with my Laravel Sanctum provider in my project. Previously I was using the local scheme and had 2FA working by creating a custom scheme and adding a block of code after the main request to return a response, I will attach this now:

custom scheme for Local

import { LocalScheme } from '~auth/runtime'

export default class CustomScheme extends LocalScheme {

  async login(endpoint, reset = true) {
    if (!this.options.endpoints.login) {
      return
    }

    // Ditch any leftover local tokens before attempting to log in
    if (reset) {
      this.$auth.reset({ resetInterceptor: false })
    }

    // Add client id to payload if defined
    if (this.options.clientId) {
      endpoint.data.client_id = this.options.clientId
    }

    // Add grant type to payload if defined
    if (this.options.grantType) {
      endpoint.data.grant_type = this.options.grantType
    }

    // Add scope to payload if defined
    if (this.options.scope) {
      endpoint.data.scope = this.options.scope
    }

    // Make login request
    const response = await this.$auth.request(
      endpoint,
      this.options.endpoints.login
    )

    // 2FA enabled
    if (
      (response.data.google2fa_enabled != null && response.data.google2fa_enabled == true) ||
      response.data.google2fa_disabled != null
    ) {
      return response
    }

    // Update tokens
    this.updateTokens(response)

    // Initialize request interceptor if not initialized
    if (!this.requestHandler.interceptor) {
      this.initializeRequestInterceptor()
    }

    // Fetch user if `autoFetch` is enabled
    if (this.options.user.autoFetch) {
      await this.fetchUser()
    }

    return response
  }

}

However, Laravel Sanctum appears to be using the cookie scheme and calling the login method from the local scheme? But when I add the local scheme's login function to a new custom scheme that includes the cookie functionality it doesn't send the CSRF request and everything else needed, what am I doing wrong?

My attempt at creating a Laravel Sanctum override scheme

import { CookieScheme } from '~auth/runtime'

export default class CustomCookieScheme extends CookieScheme {
  async login(endpoint) {
    // Ditch any leftover local tokens before attempting to log in
    this.$auth.reset()

    // Make CSRF request if required
    if (this.options.endpoints.csrf) {
      await this.$auth.request(this.options.endpoints.csrf, {
        maxRedirects: 0
      })
    }

    console.log('custom cookie scheme running')

    // Log in
    if (!this.options.endpoints.login) {
      return
    }

    // Add client id to payload if defined
    if (this.options.clientId) {
      endpoint.data.client_id = this.options.clientId
    }

    // Add grant type to payload if defined
    if (this.options.grantType) {
      endpoint.data.grant_type = this.options.grantType
    }

    // Add scope to payload if defined
    if (this.options.scope) {
      endpoint.data.scope = this.options.scope
    }

    // Make login request
    const response = await this.$auth.request(
      endpoint,
      this.options.endpoints.login
    )

    // Update tokens
    this.updateTokens(response)

    // Initialize request interceptor if not initialized
    if (!this.requestHandler.interceptor) {
      this.initializeRequestInterceptor()
    }

    // Fetch user if `autoFetch` is enabled
    if (this.options.user.autoFetch) {
      await this.fetchUser()
    }

    return response
  }
}