Files
budget/views/two-factor.php
T
Ty Clifford 6686388834 - Implemented the complete first-run experience:
Account creation and guarded onboarding flow.
Current-cash starting balance with automatic rollover enabled.
Dynamic bill generation, shared/custom categories, recurring targets, 
and optional same-day onboarding transactions.
Optional dormant reserve and additional categories.
Mailgun email or authenticator-app 2FA configuration.
Responsive dark/light UI with no overflow at 390px.
Fixed administrator session-ID creation bug.
Core implementation: [OnboardingService.php (line 
59)](/Users/tyemeclifford/Documents/GH/budget/app/OnboardingService.php:59), 
[onboarding.php (line 
19)](/Users/tyemeclifford/Documents/GH/budget/views/onboarding.php:19), 
and [index.php (line 
143)](/Users/tyemeclifford/Documents/GH/budget/public/index.php:143).
Verification passed: financial self-test, onboarding integration test, 
full browser walkthrough, mobile layout, routing guards, and zero 
browser console errors. Live email delivery requires actual Mailgun 
credentials and was not sent during testing.
2026-06-15 14:51:44 -04:00

14 lines
752 B
PHP

<div class="auth-card">
<p class="eyebrow">Second step</p>
<h2>Authentication code</h2>
<p class="muted"><?= $twoFactorMethod === 'email'
? 'Enter the six-digit code sent to the administrator email. It expires in 10 minutes.'
: 'Enter the current six-digit code from your authenticator.' ?></p>
<form method="post" class="stack-form">
<?= csrf_field() ?>
<input type="hidden" name="action" value="verify_2fa">
<label>Six-digit code<input class="otp-input" type="text" name="code" required inputmode="numeric" pattern="[0-9]{6}" maxlength="6" autocomplete="one-time-code" autofocus></label>
<button class="button primary full" type="submit">Verify and continue</button>
</form>
</div>