Completed
Push — master ( 620f01...b7a431 )
by Antonio Carlos
02:08 queued 11s
created

Authenticator::canPassWithoutCheckingOTP()   A

Complexity

Conditions 4
Paths 4

Size

Total Lines 8

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 5
CRAP Score 4

Importance

Changes 0
Metric Value
cc 4
nc 4
nop 0
dl 0
loc 8
ccs 5
cts 5
cp 1
crap 4
rs 10
c 0
b 0
f 0
1
<?php
2
3
namespace PragmaRX\Google2FALaravel\Support;
4
5
use Illuminate\Http\Request as IlluminateRequest;
6
use PragmaRX\Google2FALaravel\Events\EmptyOneTimePasswordReceived;
7
use PragmaRX\Google2FALaravel\Events\LoginFailed;
8
use PragmaRX\Google2FALaravel\Events\LoginSucceeded;
9
use PragmaRX\Google2FALaravel\Exceptions\InvalidOneTimePassword;
10
use PragmaRX\Google2FALaravel\Google2FA;
11
12
class Authenticator extends Google2FA
13
{
14
    use ErrorBag, Input, Response, Session;
15
16
    /**
17
     * The current password.
18
     *
19
     * @var
20
     */
21
    protected $password;
22
23
    /**
24
     * Authenticator constructor.
25
     *
26
     * @param \Illuminate\Http\Request $request
27
     */
28 9
    public function __construct(IlluminateRequest $request)
29
    {
30 9
        parent::__construct($request);
31 9
    }
32
33
    /**
34
     * Authenticator boot.
35
     *
36
     * @param $request
37
     *
38
     * @return Google2FA
39
     */
40 9
    public function boot($request)
41
    {
42 9
        parent::boot($request);
43
44 9
        return $this;
45
    }
46
47
    /**
48
     * Authenticator boot for API usage.
49
     *
50
     * @param $request
51
     *
52
     * @return Google2FA
53
     */
54 1
    public function bootStateless($request)
55
    {
56 1
        $this->boot($request);
57
58 1
        $this->setStateless();
59
60 1
        return $this;
61
    }
62
63
    /**
64
     * Fire login (success or failed).
65
     *
66
     * @param $succeeded
67
     */
68 4
    private function fireLoginEvent($succeeded)
69
    {
70 4
        event(
71 4
            $succeeded
72 4
                ? new LoginSucceeded($this->getUser())
73 4
                : new LoginFailed($this->getUser())
74
        );
75
76 4
        return $succeeded;
77
    }
78
79
    /**
80
     * Get the OTP from user input.
81
     *
82
     * @throws InvalidOneTimePassword
83
     *
84
     * @return mixed
85
     */
86 5
    protected function getOneTimePassword()
87
    {
88 5
        $password = $this->getInputOneTimePassword();
89 5
        if (is_null($password) || empty($password)) {
90
            event(new EmptyOneTimePasswordReceived());
91
92
            if ($this->config('throw_exceptions', true)) {
93
                throw new InvalidOneTimePassword(config('google2fa.error_messages.cannot_be_empty'));
94
            }
95
        }
96
97 5
        return $password;
98
    }
99
100
    /**
101
     * Check if the current use is authenticated via OTP.
102
     *
103
     * @return bool
104
     */
105 9
    public function isAuthenticated()
106
    {
107 9
        return $this->canPassWithoutCheckingOTP() || ($this->checkOTP() === Constants::OTP_VALID);
108
    }
109
110
    /**
111
     * Check if it is already logged in or passable without checking for an OTP.
112
     *
113
     * @return bool
114
     */
115 9
    protected function canPassWithoutCheckingOTP()
116
    {
117
        return
118 9
            !$this->isEnabled() ||
119 9
            $this->noUserIsAuthenticated() ||
120 9
            !$this->isActivated() ||
121 9
            $this->twoFactorAuthStillValid();
122
    }
123
124
    /**
125
     * Check if the input OTP is valid. Returns one of the possible OTP_STATUS codes:
126
     * 'empty', 'valid' or 'invalid'.
127
     *
128
     * @return string
129
     */
130 9
    protected function checkOTP()
131
    {
132 9
        if (!$this->inputHasOneTimePassword() || empty($this->getInputOneTimePassword())) {
133 7
            return Constants::OTP_EMPTY;
134
        }
135
136 5
        $isValid = $this->verifyOneTimePassword();
137
138 5
        if ($isValid) {
139 4
            $this->login();
140 4
            $this->fireLoginEvent($isValid);
141
142 4
            return Constants::OTP_VALID;
143
        }
144
145 1
        return Constants::OTP_INVALID;
146
    }
147
148
    /**
149
     * Verify the OTP.
150
     *
151
     * @throws InvalidOneTimePassword
152
     *
153
     * @return mixed
154
     */
155 5
    protected function verifyOneTimePassword()
156
    {
157 5
        return $this->verifyAndStoreOneTimePassword($this->getOneTimePassword());
158
    }
159
}
160