2FA setup key

routes/routes.php

@@ -17,6 +17,7 @@
 use Laravel\Fortify\Http\Controllers\TwoFactorAuthenticatedSessionController;
 use Laravel\Fortify\Http\Controllers\TwoFactorAuthenticationController;
 use Laravel\Fortify\Http\Controllers\TwoFactorQrCodeController;
+use Laravel\Fortify\Http\Controllers\TwoFactorSetupKeyController;
 use Laravel\Fortify\Http\Controllers\VerifyEmailController;
 
 Route::group(['middleware' => config('fortify.middleware', ['web'])], function () {
@@ -154,6 +155,10 @@
             ->middleware($twoFactorMiddleware)
             ->name('two-factor.qr-code');
 
+        Route::get('/user/two-factor-setup-key', [TwoFactorSetupKeyController::class, 'show'])
+            ->middleware($twoFactorMiddleware)
+            ->name('two-factor.setup-key');
+
         Route::get('/user/two-factor-recovery-codes', [RecoveryCodeController::class, 'index'])
             ->middleware($twoFactorMiddleware)
             ->name('two-factor.recovery-codes');

src/Http/Controllers/TwoFactorSetupKeyController.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace Laravel\Fortify\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Routing\Controller;
+
+class TwoFactorSetupKeyController extends Controller
+{
+    /**
+     * Get the current user's two factor authentication setup key.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Symfony\Component\HttpFoundation\Response
+     */
+    public function show(Request $request)
+    {
+        if (is_null($request->user()->two_factor_secret)) {
+            abort(404, 'Two factor authentication has not been enabled.');
+        }
+
+        return response()->json([
+            'setupKey' => decrypt($request->user()->two_factor_secret),
+        ]);
+    }
+}