|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Thecodework\TwoFactorAuthentication\Http\Controllers; |
|
4
|
|
|
|
|
5
|
|
|
use App\Http\Controllers\Controller; |
|
6
|
|
|
use App\User; |
|
7
|
|
|
use Base32\Base32; |
|
8
|
|
|
use Illuminate\Http\Request; |
|
9
|
|
|
use OTPHP\TOTP; |
|
10
|
|
|
use Thecodework\TwoFactorAuthentication\AuthenticatesUsersWith2FA; |
|
11
|
|
|
use Thecodework\TwoFactorAuthentication\Contracts\TwoFactorAuthenticationInterface; |
|
12
|
|
|
|
|
13
|
|
|
class TwoFactorAuthenticationController extends Controller implements TwoFactorAuthenticationInterface |
|
14
|
|
|
{ |
|
15
|
|
|
use AuthenticatesUsersWith2FA; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* Setup two factor authentication. |
|
19
|
|
|
* |
|
20
|
|
|
* @param \Illuminate\Http\Request |
|
21
|
|
|
* @param \Illuminate\Http\Response |
|
22
|
|
|
*/ |
|
23
|
|
|
public function setupTwoFactorAuthentication(Request $request) |
|
24
|
|
|
{ |
|
25
|
|
|
$user = User::find($request->user()->id); |
|
26
|
|
|
$user->two_factor_secret_key !== '' ? $secret_key = $user->two_factor_secret_key : $secret_key = $this->base32EncodedString(config('2fa-config.number_of_digits')); |
|
27
|
|
|
$user->two_factor_secret_key = $secret_key; |
|
28
|
|
|
$user->update(); |
|
29
|
|
|
$totp = new TOTP( |
|
30
|
|
|
config('2fa-config.account_name'), |
|
31
|
|
|
$secret_key, |
|
32
|
|
|
10, |
|
33
|
|
|
config('2fa-config.digest_algorithm'), |
|
34
|
|
|
config('2fa-config.number_of_digits') |
|
35
|
|
|
); |
|
36
|
|
|
|
|
37
|
|
|
$barcode = $totp->getQrCodeUri(); |
|
38
|
|
|
|
|
39
|
|
|
return view('2fa::setup', compact('barcode','user')); |
|
40
|
|
|
} |
|
41
|
|
|
|
|
42
|
|
|
/** |
|
43
|
|
|
* Disable 2FA. |
|
44
|
|
|
* |
|
45
|
|
|
* @param \Illuminate\Http\Request |
|
46
|
|
|
* |
|
47
|
|
|
* @return \Illuminate\Http\RedirectResponse |
|
48
|
|
|
*/ |
|
49
|
|
View Code Duplication |
public function enableTwoFactorAuthentication(Request $request) |
|
|
|
|
|
|
50
|
|
|
{ |
|
51
|
|
|
$user = User::find($request->user()->id); |
|
52
|
|
|
$user->is_two_factor_enabled = 1; |
|
53
|
|
|
$user->update(); |
|
54
|
|
|
|
|
55
|
|
|
return redirect('home'); |
|
56
|
|
|
} |
|
57
|
|
|
|
|
58
|
|
|
/** |
|
59
|
|
|
* Enable 2FA. |
|
60
|
|
|
* |
|
61
|
|
|
* @param \Illuminate\Http\Request |
|
62
|
|
|
* |
|
63
|
|
|
* @return \Illuminate\Http\RedirectResponse |
|
64
|
|
|
*/ |
|
65
|
|
View Code Duplication |
public function disableTwoFactorAuthentication(Request $request) |
|
|
|
|
|
|
66
|
|
|
{ |
|
67
|
|
|
$user = User::find($request->user()->id); |
|
68
|
|
|
$user->is_two_factor_enabled = 0; |
|
69
|
|
|
$user->two_factor_secret_key = ''; |
|
70
|
|
|
$user->update(); |
|
71
|
|
|
|
|
72
|
|
|
return redirect('home'); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* Verify Two Factor Authentication. |
|
77
|
|
|
* |
|
78
|
|
|
* @param \Illuminate\Http\Request $request |
|
79
|
|
|
*/ |
|
80
|
|
|
public function verifyTwoFactorAuthentication(Request $request) |
|
81
|
|
|
{ |
|
82
|
|
|
if ($request->session()->has('2fa:user:id')) { |
|
83
|
|
|
$secret = getenv('HMAC_SECRET'); |
|
84
|
|
|
$signature = hash_hmac('sha256', decrypt($request->session()->get('2fa:user:id')), $secret); |
|
85
|
|
|
|
|
86
|
|
|
if (md5($signature) !== md5($request->signature)) { |
|
87
|
|
|
return redirect()->intended('login'); |
|
88
|
|
|
} |
|
89
|
|
|
|
|
90
|
|
|
return view('2fa::verify'); |
|
91
|
|
|
} |
|
92
|
|
|
|
|
93
|
|
|
return redirect()->back(); //shoud be configurabel |
|
94
|
|
|
} |
|
95
|
|
|
|
|
96
|
|
|
/** |
|
97
|
|
|
* Encode Random String to 32 Base Transfer Encoding. |
|
98
|
|
|
* |
|
99
|
|
|
* @param int $length Length of the encoded string. |
|
100
|
|
|
* |
|
101
|
|
|
* @return string |
|
102
|
|
|
*/ |
|
103
|
|
|
private function base32EncodedString($length = 30): |
|
104
|
|
|
string |
|
105
|
|
|
{ |
|
106
|
|
|
return Base32::encode($this->strRandom($length)); |
|
107
|
|
|
} |
|
108
|
|
|
|
|
109
|
|
|
/** |
|
110
|
|
|
* Generate a more truly "random" alpha-numeric string. |
|
111
|
|
|
* |
|
112
|
|
|
* @param int $length |
|
113
|
|
|
* |
|
114
|
|
|
* @return string |
|
115
|
|
|
*/ |
|
116
|
|
|
private function strRandom($length = 30): |
|
117
|
|
|
string |
|
118
|
|
|
{ |
|
119
|
|
|
$string = ''; |
|
120
|
|
|
|
|
121
|
|
|
while (($len = strlen($string)) < $length) { |
|
122
|
|
|
$size = $length - $len; |
|
123
|
|
|
|
|
124
|
|
|
$bytes = random_bytes($size); |
|
125
|
|
|
|
|
126
|
|
|
$string .= substr(str_replace(['/', '+', '='], '', base64_encode($bytes)), 0, $size); |
|
127
|
|
|
} |
|
128
|
|
|
|
|
129
|
|
|
return $string; |
|
130
|
|
|
} |
|
131
|
|
|
} |
|
132
|
|
|
|
thecodework /
two-factor-authentication
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.