From cc5c7d33e722f503886dfbdcd3a294b1d8723e4a Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Wed, 20 Mar 2019 01:14:58 -0700
Subject: [PATCH] Added comments

---
 app/Http/Controllers/Auth/LoginController.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index eca1e4d3d..b5353b643 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -209,6 +209,7 @@ class LoginController extends Controller
     public function getTwoFactorEnroll()
     {
 
+        // Make sure the user is logged in
         if (!Auth::check()) {
             return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
         }
@@ -217,6 +218,12 @@ class LoginController extends Controller
         $settings = Setting::getSettings();
         $user = Auth::user();
 
+        // We wouldn't normally see this page if 2FA isn't enforced via the
+        // \App\Http\Middleware\CheckForTwoFactor middleware AND if a device isn't enrolled,
+        // but let's check check anyway in case there's a browser history or back button thing.
+        // While you can access this page directly, enrolling a device when 2FA isn't enforced
+        // won't cause any harm.
+        
         if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
             return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.already_enrolled'));
         }