pub async fn enable_2fa(
auth: AuthenticatedUser,
dto: Json<Enable2FADto>,
use_cases: Data<Arc<TwoFactorUseCases>>,
) -> HttpResponseExpand description
Enable 2FA after verifying TOTP code
After setup, the user must verify their TOTP code from their authenticator app to enable 2FA. This confirms they have successfully saved the secret.
§Security
- User must be authenticated
- Requires valid 6-digit TOTP code
- Failed attempts are logged for security monitoring
§Request Body
{
"totp_code": "123456"
}§Returns
- 200 OK: 2FA successfully enabled
- 400 Bad Request: Invalid TOTP code or already enabled
- 401 Unauthorized: Not authenticated
- 500 Internal Server Error: Enable failed