Google2FAAuthenticator::isDeviceTrusted() - Code Metrics - Inspection of "CS fixes" - NNTmux/newznab-tmux - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 5deb44...ec8b22 )

by Darko

created 2025-06-09 12:11 UTC

Google2FAAuthenticator::isDeviceTrusted() A

↳ Parent: Google2FAAuthenticator

Complexity

Conditions	6
Paths	9

Size

Total Lines	30
Code Lines	14

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	1	Features	0

Metric	Value
eloc	14
c	1
b	1
f	0
dl	0
loc	30
rs	9.2222
cc	6
nc	9
nop	0

<?php

namespace App\Support;

use PragmaRX\Google2FALaravel\Exceptions\InvalidSecretKey;
use PragmaRX\Google2FALaravel\Support\Authenticator;

class Google2FAAuthenticator extends Authenticator
{
    protected function canPassWithoutCheckingOTP(): bool
    {
        if (! $this->getUser()->passwordSecurity) {
            return true;
        }

        return
            ! $this->getUser()->passwordSecurity->google2fa_enable ||
            ! $this->isEnabled() ||
            $this->noUserIsAuthenticated() ||
            $this->twoFactorAuthStillValid() ||
            $this->isDeviceTrusted();
    }

    /**
     * Check if current device is trusted
     */
    protected function isDeviceTrusted(): bool
    {
        $cookie = request()->cookie('2fa_trusted_device');

        if (! $cookie) {
            return false;
        }

        try {
            $data = json_decode($cookie, true);
            $data = json_decode(/** @scrutinizer ignore-type */ $cookie, true);

            // Check if cookie contains the required data
            if (! isset($data['user_id'], $data['token'], $data['expires_at'])) {
                return false;
            }

            // Check if the token belongs to the current user
            if ((int) $data['user_id'] !== (int) $this->getUser()->id) {
                return false;
            }

            // Check if the token is expired
            if (time() > $data['expires_at']) {
                return false;
            }

            // Device is trusted and token is valid
            return true;
        } catch (\Exception $e) {
            return false;
        }
    }

    /**
     * @return mixed
     *
     * @throws InvalidSecretKey
     */
    protected function getGoogle2FASecretKey()
    {
        $secret = $this->getUser()->passwordSecurity->{$this->config('otp_secret_column')};

        if (empty($secret)) {
            throw new InvalidSecretKey('Secret key cannot be empty.');
        }

        return $secret;
    }
}


NNTmux / newznab-tmux

Push — master ( 5deb44...ec8b22 )

Google2FAAuthenticator::isDeviceTrusted() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like