AccountTwoFactorController::generateTotpBackups() - Code Metrics - Inspection of "Merge branch 'release/v3.0.2'" - rinvex/cortex-auth - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 78de56...a458a2 )

by Abdelrahman

created 2019-08-02 21:34 UTC

AccountTwoFactorController::generateTotpBackups() A

↳ Parent: AccountTwoFactorController

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	10
rs	9.9332
c	0
b	0
f	0
cc	2
nc	2
nop	0

<?php

declare(strict_types=1);

namespace Cortex\Auth\Http\Controllers\Managerarea;

use Illuminate\Http\Request;
use PragmaRX\Google2FA\Google2FA;
use Cortex\Foundation\Http\Controllers\AuthenticatedController;
use Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorPhoneRequest;
use Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpBackupRequest;
use Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpProcessRequest;

class AccountTwoFactorController extends AuthenticatedController
{
    /**
     * Show the account security form.
     *
     * @param \Illuminate\Http\Request $request
     *
     * @return \Illuminate\View\View
     */
    public function index(Request $request)
    {
        $twoFactor = $request->user($this->getGuard())->getTwoFactor();

        return view('cortex/auth::managerarea.pages.account-twofactor', compact('twoFactor'));
    }

    /**
     * Enable TwoFactor TOTP authentication.
     *
     * @param \Illuminate\Http\Request      $request
     * @param \PragmaRX\Google2FA\Google2FA $totpProvider
     *
     * @return \Illuminate\View\View
     */
    public function enableTotp(Request $request, Google2FA $totpProvider)
    {
        $currentUser = $request->user($this->getGuard());
        $twoFactor = $currentUser->getTwoFactor();

        if (! $secret = array_get($twoFactor, 'totp.secret')) {

            $twoFactor['totp'] = [
                'enabled' => false,
                'secret' => $secret = $totpProvider->generateSecretKey(),
            ];

            $currentUser->fill(['two_factor' => $twoFactor])->forceSave();
        }

        $qrCode = $totpProvider->getQRCodeInline(config('app.name'), $currentUser->email, $secret);


        return view('cortex/auth::managerarea.pages.account-twofactor-totp', compact('secret', 'qrCode', 'twoFactor'));
    }

    /**
     * Disable TwoFactor TOTP authentication.
     *
     * @param \Illuminate\Http\Request $request
     *
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
     */
    public function disableTotp(Request $request)
    {
        $currentUser = $request->user($this->getGuard());
        $twoFactor = $currentUser->getTwoFactor();
        $twoFactor['totp'] = [];

        $currentUser->fill(['two_factor' => $twoFactor])->forceSave();

        return intend([
            'back' => true,
            'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.totp.disabled')],
        ]);
    }

    /**
     * Process the TwoFactor TOTP enable form.
     *
     * @param \Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpProcessRequest $request
     * @param \PragmaRX\Google2FA\Google2FA                                             $totpProvider
     *
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
     */
    public function updateTotp(AccountTwoFactorTotpProcessRequest $request, Google2FA $totpProvider)
    {
        $currentUser = $request->user($this->getGuard());
        $twoFactor = $currentUser->getTwoFactor();
        $secret = array_get($twoFactor, 'totp.secret');

        $backup = array_get($twoFactor, 'totp.backup');

        $backupAt = array_get($twoFactor, 'totp.backup_at');


        if ($totpProvider->verifyKey($secret, $request->get('token'))) {
            $twoFactor['totp'] = [
                'enabled' => true,
                'secret' => $secret,
                'backup' => $backup ?? $this->generateTotpBackups(),
                'backup_at' => $backupAt ?? now()->toDateTimeString(),
            ];

            // Update TwoFactor settings
            $currentUser->fill(['two_factor' => $twoFactor])->forceSave();

            return intend([
                'back' => true,
                'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.totp.enabled')],
            ]);
        }

        return intend([
            'back' => true,
            'withErrors' => ['token' => trans('cortex/auth::messages.verification.twofactor.totp.invalid_token')],
        ]);
    }

    /**
     * Process the TwoFactor OTP backup.
     *
     * @param \Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpBackupRequest $request
     *
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
     */
    public function backupTotp(AccountTwoFactorTotpBackupRequest $request)
    {
        $currentUser = $request->user($this->getGuard());
        $twoFactor = $currentUser->getTwoFactor();
        $twoFactor['totp']['backup'] = $this->generateTotpBackups();
        $twoFactor['totp']['backup_at'] = now()->toDateTimeString();

        $currentUser->fill(['two_factor' => $twoFactor])->forceSave();

        return intend([
            'back' => true,
            'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.totp.rebackup')],
        ]);
    }

    /**
     * Enable TwoFactor Phone authentication.
     *
     * @param \Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorPhoneRequest $request
     *
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
     */
    public function enablePhone(AccountTwoFactorPhoneRequest $request)
    {
        $currentUser = $request->user($this->getGuard());
        $currentUser->routeNotificationForAuthy();
        $twoFactor = $currentUser->getTwoFactor();
        $twoFactor['phone']['enabled'] = true;

        $currentUser->fill(['two_factor' => $twoFactor])->forceSave();

        return intend([
            'back' => true,
            'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.phone.enabled')],
        ]);
    }

    /**
     * Disable TwoFactor Phone authentication.
     *
     * @param \Illuminate\Http\Request $request
     *
     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
     */
    public function disablePhone(Request $request)
    {
        $currentUser = $request->user($this->getGuard());
        $twoFactor = $currentUser->getTwoFactor();
        $twoFactor['phone']['enabled'] = false;

        $currentUser->fill(['two_factor' => $twoFactor])->forceSave();

        return intend([
            'back' => true,
            'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.phone.disabled')],
        ]);
    }

    /**
     * Generate TwoFactor OTP backup codes.
     *
     * @return array
     */
    protected function generateTotpBackups(): array
    {
        $backup = [];

        for ($x = 0; $x <= 9; $x++) {
            $backup[] = str_pad((string) random_int(0, 9999999999), 10, '0', STR_PAD_BOTH);
        }

        return $backup;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Cortex\Auth\Http\Controllers\Managerarea;
6
7			use Illuminate\Http\Request;
8			use PragmaRX\Google2FA\Google2FA;
9			use Cortex\Foundation\Http\Controllers\AuthenticatedController;
10			use Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorPhoneRequest;
11			use Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpBackupRequest;
12			use Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpProcessRequest;
13
14			class AccountTwoFactorController extends AuthenticatedController
15			{
16			/**
17			* Show the account security form.
18			*
19			* @param \Illuminate\Http\Request $request
20			*
21			* @return \Illuminate\View\View
22			*/
23			public function index(Request $request)
24			{
25			$twoFactor = $request->user($this->getGuard())->getTwoFactor();
26
27			return view('cortex/auth::managerarea.pages.account-twofactor', compact('twoFactor'));
28			}
29
30			/**
31			* Enable TwoFactor TOTP authentication.
32			*
33			* @param \Illuminate\Http\Request $request
34			* @param \PragmaRX\Google2FA\Google2FA $totpProvider
35			*
36			* @return \Illuminate\View\View
37			*/
38			public function enableTotp(Request $request, Google2FA $totpProvider)
39			{
40			$currentUser = $request->user($this->getGuard());
41			$twoFactor = $currentUser->getTwoFactor();
42
43			if (! $secret = array_get($twoFactor, 'totp.secret')) {
			0 ignored issues – show Deprecated Code introduced 2019-08-02 21:42 UTC by Report Bug Copy Issue Report The function `array_get()` has been deprecated with message: Arr::get() should be used directly instead. Will be removed in Laravel 6.0. This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
44			$twoFactor['totp'] = [
45			'enabled' => false,
46			'secret' => $secret = $totpProvider->generateSecretKey(),
47			];
48
49			$currentUser->fill(['two_factor' => $twoFactor])->forceSave();
50			}
51
52			$qrCode = $totpProvider->getQRCodeInline(config('app.name'), $currentUser->email, $secret);
			0 ignored issues – show Bug introduced 2019-08-02 21:42 UTC by Report Bug Copy Issue Report The method `getQRCodeInline()` does not seem to exist on `object<PragmaRX\Google2FA\Google2FA>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
53
54			return view('cortex/auth::managerarea.pages.account-twofactor-totp', compact('secret', 'qrCode', 'twoFactor'));
55			}
56
57			/**
58			* Disable TwoFactor TOTP authentication.
59			*
60			* @param \Illuminate\Http\Request $request
61			*
62			* @return \Illuminate\Http\JsonResponse\|\Illuminate\Http\RedirectResponse
63			*/
64			public function disableTotp(Request $request)
65			{
66			$currentUser = $request->user($this->getGuard());
67			$twoFactor = $currentUser->getTwoFactor();
68			$twoFactor['totp'] = [];
69
70			$currentUser->fill(['two_factor' => $twoFactor])->forceSave();
71
72			return intend([
73			'back' => true,
74			'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.totp.disabled')],
75			]);
76			}
77
78			/**
79			* Process the TwoFactor TOTP enable form.
80			*
81			* @param \Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpProcessRequest $request
82			* @param \PragmaRX\Google2FA\Google2FA $totpProvider
83			*
84			* @return \Illuminate\Http\JsonResponse\|\Illuminate\Http\RedirectResponse
85			*/
86			public function updateTotp(AccountTwoFactorTotpProcessRequest $request, Google2FA $totpProvider)
87			{
88			$currentUser = $request->user($this->getGuard());
89			$twoFactor = $currentUser->getTwoFactor();
90			$secret = array_get($twoFactor, 'totp.secret');
			0 ignored issues – show Deprecated Code introduced 2019-08-02 21:42 UTC by Report Bug Copy Issue Report The function `array_get()` has been deprecated with message: Arr::get() should be used directly instead. Will be removed in Laravel 6.0. This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
91			$backup = array_get($twoFactor, 'totp.backup');
			0 ignored issues – show Deprecated Code introduced 2019-08-02 21:42 UTC by Report Bug Copy Issue Report The function `array_get()` has been deprecated with message: Arr::get() should be used directly instead. Will be removed in Laravel 6.0. This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
92			$backupAt = array_get($twoFactor, 'totp.backup_at');
			0 ignored issues – show Deprecated Code introduced 2019-08-02 21:42 UTC by Report Bug Copy Issue Report The function `array_get()` has been deprecated with message: Arr::get() should be used directly instead. Will be removed in Laravel 6.0. This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
93
94			if ($totpProvider->verifyKey($secret, $request->get('token'))) {
95			$twoFactor['totp'] = [
96			'enabled' => true,
97			'secret' => $secret,
98			'backup' => $backup ?? $this->generateTotpBackups(),
99			'backup_at' => $backupAt ?? now()->toDateTimeString(),
100			];
101
102			// Update TwoFactor settings
103			$currentUser->fill(['two_factor' => $twoFactor])->forceSave();
104
105			return intend([
106			'back' => true,
107			'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.totp.enabled')],
108			]);
109			}
110
111			return intend([
112			'back' => true,
113			'withErrors' => ['token' => trans('cortex/auth::messages.verification.twofactor.totp.invalid_token')],
114			]);
115			}
116
117			/**
118			* Process the TwoFactor OTP backup.
119			*
120			* @param \Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorTotpBackupRequest $request
121			*
122			* @return \Illuminate\Http\JsonResponse\|\Illuminate\Http\RedirectResponse
123			*/
124			public function backupTotp(AccountTwoFactorTotpBackupRequest $request)
125			{
126			$currentUser = $request->user($this->getGuard());
127			$twoFactor = $currentUser->getTwoFactor();
128			$twoFactor['totp']['backup'] = $this->generateTotpBackups();
129			$twoFactor['totp']['backup_at'] = now()->toDateTimeString();
130
131			$currentUser->fill(['two_factor' => $twoFactor])->forceSave();
132
133			return intend([
134			'back' => true,
135			'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.totp.rebackup')],
136			]);
137			}
138
139			/**
140			* Enable TwoFactor Phone authentication.
141			*
142			* @param \Cortex\Auth\Http\Requests\Managerarea\AccountTwoFactorPhoneRequest $request
143			*
144			* @return \Illuminate\Http\JsonResponse\|\Illuminate\Http\RedirectResponse
145			*/
146			public function enablePhone(AccountTwoFactorPhoneRequest $request)
147			{
148			$currentUser = $request->user($this->getGuard());
149			$currentUser->routeNotificationForAuthy();
150			$twoFactor = $currentUser->getTwoFactor();
151			$twoFactor['phone']['enabled'] = true;
152
153			$currentUser->fill(['two_factor' => $twoFactor])->forceSave();
154
155			return intend([
156			'back' => true,
157			'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.phone.enabled')],
158			]);
159			}
160
161			/**
162			* Disable TwoFactor Phone authentication.
163			*
164			* @param \Illuminate\Http\Request $request
165			*
166			* @return \Illuminate\Http\JsonResponse\|\Illuminate\Http\RedirectResponse
167			*/
168			public function disablePhone(Request $request)
169			{
170			$currentUser = $request->user($this->getGuard());
171			$twoFactor = $currentUser->getTwoFactor();
172			$twoFactor['phone']['enabled'] = false;
173
174			$currentUser->fill(['two_factor' => $twoFactor])->forceSave();
175
176			return intend([
177			'back' => true,
178			'with' => ['success' => trans('cortex/auth::messages.verification.twofactor.phone.disabled')],
179			]);
180			}
181
182			/**
183			* Generate TwoFactor OTP backup codes.
184			*
185			* @return array
186			*/
187			protected function generateTotpBackups(): array
188			{
189			$backup = [];
190
191			for ($x = 0; $x <= 9; $x++) {
192			$backup[] = str_pad((string) random_int(0, 9999999999), 10, '0', STR_PAD_BOTH);
193			}
194
195			return $backup;
196			}
197			}
198

rinvex / cortex-auth

Push — master ( 78de56...a458a2 )

AccountTwoFactorController::generateTotpBackups() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like