From 6c582282ac6d1b87ece4a0d13c4e23f6292f8f79 Mon Sep 17 00:00:00 2001
From: debesocial <debesocial@gmail.com>
Date: Thu, 21 May 2026 21:58:26 +0700
Subject: [PATCH] feat: live-verify SMTP configuration by sending verification
 test mail before enabling Email 2FA

---
 app/Http/Controllers/TwoFactorController.php | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/TwoFactorController.php b/app/Http/Controllers/TwoFactorController.php
index 5f583bd..97421ef 100644
--- a/app/Http/Controllers/TwoFactorController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@@ -104,9 +104,6 @@ class TwoFactorController extends Controller
         return back()->with('success', 'Two-Factor Authentication has been disabled.');
     }
 
-    /**
-     * Enable/Disable Email 2FA.
-     */
     public function toggleEmail(Request $request)
     {
         $request->validate([
@@ -116,6 +113,19 @@ class TwoFactorController extends Controller
 
         $user = auth()->user();
         if ($request->enabled) {
+            // Live-verify SMTP configuration by sending a test validation email
+            try {
+                \Illuminate\Support\Facades\Mail::to($user->email)->send(
+                    new \App\Mail\Send2FACode('123456')
+                );
+            } catch (\Exception $e) {
+                \Illuminate\Support\Facades\Log::error("SMTP verification failed: " . $e->getMessage());
+                
+                return back()->withErrors([
+                    'password' => 'Cannot enable Email 2FA: Your SMTP mail configuration is invalid or not working. We tried to send a validation email but failed. Error: ' . $e->getMessage()
+                ]);
+            }
+
             $user->update([
                 'email_2fa_enabled' => true,
                 'two_factor_secret' => null,