Fix enable/disable tfa

src/Http/Controllers/AuthController.php

@@ -40,7 +40,7 @@ class AuthController extends Controller
             // Log the user in for one request.
             Auth::once($loginData);
             // Do we have Two Factor Auth enabled?
-            if (Auth::user()->hasEnabled2FA) {
+            if (Auth::user()->hasTwoFactor) {
                 // Temporarily store the user.
                 Session::put('2fa_id', Auth::user()->id);
 

src/Http/Controllers/DashUserController.php

@@ -33,11 +33,19 @@ class DashUserController extends Controller
     {
         $items = Binput::all();
 
+        $passwordChange = array_get($items, 'password');
         $enable2FA = (bool) array_pull($items, 'google2fa');
 
         // Let's enable/disable auth
-        $authSecret = $enable2FA && ! Auth::user()->hasEnabled2FA ? Google2FA::generateSecretKey() : '';
-        $items['google_2fa_secret'] = $authSecret;
+        if ($enable2FA && ! Auth::user()->hasTwoFactor) {
+            $items['google_2fa_secret'] = Google2FA::generateSecretKey();
+        } elseif (! $enable2FA) {
+            $items['google_2fa_secret'] = '';
+        }
+
+        if (trim($passwordChange) === '') {
+            unset($items['password']);
+        }
 
         $updated = Auth::user()->update($items);
 

src/Http/Controllers/SetupController.php

@@ -127,10 +127,10 @@ class SetupController extends Controller
             $userDetails = array_pull($postData, 'user');
 
             $user = User::create([
-                'username'          => $userDetails['username'],
-                'email'             => $userDetails['email'],
-                'password'          => $userDetails['password'],
-                'level'             => 1,
+                'username' => $userDetails['username'],
+                'email'    => $userDetails['email'],
+                'password' => $userDetails['password'],
+                'level'    => 1,
             ]);
 
             Auth::login($user);