pub async fn setup_2fa(
auth: AuthenticatedUser,
use_cases: Data<Arc<TwoFactorUseCases>>,
) -> HttpResponseExpand description
Setup 2FA for a user (returns QR code + backup codes)
This endpoint initiates 2FA setup by generating a TOTP secret, QR code, and backup codes.
The user must then verify a TOTP code via POST /2fa/enable to activate 2FA.
§Security
- User must be authenticated
- Secret is only returned once during setup
- Backup codes are only shown once (user must save them)
§Returns
- 200 OK: Setup successful with QR code and backup codes
- 400 Bad Request: 2FA already enabled
- 401 Unauthorized: Not authenticated
- 500 Internal Server Error: Setup failed
§Example Response
{
"secret": "JBSWY3DPEHPK3PXP...",
"qr_code_data_url": "data:image/png;base64,...",
"backup_codes": ["ABCD-EFGH", "IJKL-MNOP", ...],
"issuer": "KoproGo",
"account_name": "user@example.com"
}