Allow overwriting/extending of the 2FA logic

[AlexWinder]

This is perhaps both a Jetstream and a Fortify request, but figured I should post it in here following on from Taylor's YouTube stream.

In Jetstream in it's current state you have the ability to overwrite the majority of the default installation features, they are published to app/Actions/Fortify/*, such as when a user is created it is put in CreateNewUser.php. Or when a user is deleted it is in app/Actions/Fortify/Jetstream/DeleteUser.php, allowing you to do other processes other than just removing a user from the system.

This is extremely useful for customising as per your requirements of your application, however there is no feature to allow for overwriting the 2FA. Let's say you want to throw an event to email a user when they add/remove their 2FA codes there is no simple or easy method to do so, not in the same way as has been done with things such as overwriting the new user.

[taylorotwell]

When do you want to notify them? When 2FA is enabled or disabled? When new recovery codes are generated? We could add events for these things.

[AlexWinder]

Ideally for when 2FA is enabled/disabled. The intention was mainly from a security POV so that if an account gets compromised users can be notified that they have had 2FA enabled/disabled on their account.

Realistically the recovery codes would only be generated when 2FA is enabled, wouldn't they? I didn't see the option to allow 2FA codes to be regenerated without first disabling it, so apologies if this is in there and I missed it.

[m1guelpf]

This would be better solved by listening to some events instead of extracting the core logic I think

[taylorotwell]

Would be solved using an event if someone wants to add it.