|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/* |
|
4
|
|
|
* @copyright 2018 Hilmi Erdem KEREN |
|
5
|
|
|
* @license MIT |
|
6
|
|
|
*/ |
|
7
|
|
|
|
|
8
|
|
|
namespace Erdemkeren\TemporaryAccess\Http\Middleware; |
|
9
|
|
|
|
|
10
|
|
|
use Closure; |
|
11
|
|
|
use Illuminate\Contracts\Auth\Guard; |
|
12
|
|
|
use Erdemkeren\TemporaryAccess\Token; |
|
13
|
|
|
use Illuminate\Http\RedirectResponse; |
|
14
|
|
|
use Illuminate\Contracts\Auth\Authenticatable; |
|
15
|
|
|
use Erdemkeren\TemporaryAccess\TemporaryAccessFacade as TemporaryAccess; |
|
16
|
|
|
|
|
17
|
|
|
class OtpAccess |
|
18
|
|
|
{ |
|
19
|
|
|
/** |
|
20
|
|
|
* Handle an incoming request. |
|
21
|
|
|
* |
|
22
|
|
|
* @param \Illuminate\Http\Request $request |
|
23
|
|
|
* @param \Closure $next |
|
24
|
|
|
* @param null|string $guard |
|
25
|
|
|
* |
|
26
|
|
|
* @return mixed |
|
27
|
|
|
*/ |
|
28
|
|
|
public function handle($request, Closure $next, $guard = null) |
|
29
|
|
|
{ |
|
30
|
|
|
if (! $user = $this->getAuthUser($guard)) { |
|
31
|
|
|
throw new \LogicException( |
|
32
|
|
|
'The otp access control middleware requires user authentication via laravel guards.' |
|
33
|
|
|
); |
|
34
|
|
|
} |
|
35
|
|
|
|
|
36
|
|
|
if (! $request->hasCookie('otp_token')) { |
|
37
|
|
|
$this->sendNewOtpToUser($request->user()); |
|
38
|
|
|
|
|
39
|
|
|
return $this->redirectToOtpPage(); |
|
40
|
|
|
} |
|
41
|
|
|
|
|
42
|
|
|
$token = TemporaryAccess::retrieveByCipherText( |
|
43
|
|
|
$user->getAuthIdentifier(), |
|
44
|
|
|
$request->cookie('otp_token') |
|
|
|
|
|
|
45
|
|
|
); |
|
46
|
|
|
|
|
47
|
|
|
if (! $token || $token->expired()) { |
|
48
|
|
|
$this->sendNewOtpToUser($request->user()); |
|
49
|
|
|
|
|
50
|
|
|
return $this->redirectToOtpPage(); |
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
$request->macro('otpToken', function () use ($token): Token { |
|
54
|
|
|
return $token; |
|
55
|
|
|
}); |
|
56
|
|
|
|
|
57
|
|
|
return $next($request); |
|
58
|
|
|
} |
|
59
|
|
|
|
|
60
|
|
|
/** |
|
61
|
|
|
* Get the redirect url if check do not pass. |
|
62
|
|
|
* |
|
63
|
|
|
* @return RedirectResponse |
|
64
|
|
|
*/ |
|
65
|
|
|
protected function redirectToOtpPage(): RedirectResponse |
|
66
|
|
|
{ |
|
67
|
|
|
session([ |
|
68
|
|
|
'otp_requested' => true, |
|
69
|
|
|
'otp_redirect_url' => url()->current(), |
|
70
|
|
|
]); |
|
71
|
|
|
|
|
72
|
|
|
return redirect()->route('otp.create'); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* Get the guard by the given name. |
|
77
|
|
|
* |
|
78
|
|
|
* @param string $guard |
|
79
|
|
|
* |
|
80
|
|
|
* @return Guard |
|
81
|
|
|
*/ |
|
82
|
|
|
private function getGuard($guard): Guard |
|
83
|
|
|
{ |
|
84
|
|
|
return auth()->guard($guard); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
/** |
|
88
|
|
|
* Get the authenticated user from |
|
89
|
|
|
* the guard by the given name. |
|
90
|
|
|
* |
|
91
|
|
|
* @param string $guard |
|
92
|
|
|
* |
|
93
|
|
|
* @return null|Authenticatable |
|
94
|
|
|
*/ |
|
95
|
|
|
private function getAuthUser($guard): ?Authenticatable |
|
96
|
|
|
{ |
|
97
|
|
|
return $this->getGuard($guard)->user(); |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
/** |
|
101
|
|
|
* Create a new otp and notify the user. |
|
102
|
|
|
* |
|
103
|
|
|
* @param Authenticatable $user |
|
104
|
|
|
*/ |
|
105
|
|
|
private function sendNewOtpToUser(Authenticatable $user): void |
|
106
|
|
|
{ |
|
107
|
|
|
$token = TemporaryAccess::create($user, 6); |
|
108
|
|
|
|
|
109
|
|
|
$user->notify($token->toNotification()); |
|
|
|
|
|
|
110
|
|
|
} |
|
111
|
|
|
} |
|
112
|
|
|
|
erdemkeren /
laravel-otp
Loading history...
This check looks at variables that are passed out again to other methods.
If the outgoing method call has stricter type requirements than the method itself, an issue is raised.
An additional type check may prevent trouble.