1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-14 07:02:34 +01:00
invoiceninja/app/Http/Controllers/TwilioController.php

232 lines
7.2 KiB
PHP
Raw Normal View History

2022-07-27 03:21:12 +02:00
<?php
/**
* Invoice Ninja (https://invoiceninja.com).
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
2023-01-28 23:21:40 +01:00
* @copyright Copyright (c) 2023. Invoice Ninja LLC (https://invoiceninja.com)
2022-07-27 03:21:12 +02:00
*
* @license https://www.elastic.co/licensing/elastic-license
*/
namespace App\Http\Controllers;
2022-10-27 07:11:55 +02:00
use App\Http\Requests\Twilio\Confirm2faRequest;
2022-07-27 03:21:12 +02:00
use App\Http\Requests\Twilio\ConfirmSmsRequest;
2022-10-27 07:11:55 +02:00
use App\Http\Requests\Twilio\Generate2faRequest;
2022-07-27 03:21:12 +02:00
use App\Http\Requests\Twilio\GenerateSmsRequest;
2023-10-26 04:57:44 +02:00
use App\Libraries\MultiDB;
use App\Models\User;
use Twilio\Rest\Client;
2022-07-27 03:21:12 +02:00
class TwilioController extends BaseController
{
2023-12-08 23:42:15 +01:00
2023-12-10 03:22:51 +01:00
private array $invalid_codes = [
'+21',
'+17152567760',
];
2022-07-27 03:21:12 +02:00
public function __construct()
{
parent::__construct();
}
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\JsonResponse;
2022-07-27 03:21:12 +02:00
*/
public function generate(GenerateSmsRequest $request)
{
/** @var \App\Models\User $user */
$user = auth()->user();
$account = $user->company()->account;
2022-07-27 03:21:12 +02:00
2023-12-10 03:22:51 +01:00
if(!$this->checkPhoneValidity($request->phone)) {
2023-12-08 23:42:15 +01:00
return response()->json(['message' => 'This phone number is not supported'], 400);
}
2023-02-16 02:36:09 +01:00
if (MultiDB::hasPhoneNumber($request->phone)) {
2022-07-27 03:21:12 +02:00
return response()->json(['message' => 'This phone number has already been verified with another account'], 400);
2023-02-16 02:36:09 +01:00
}
2022-07-27 03:21:12 +02:00
$sid = config('ninja.twilio_account_sid');
$token = config('ninja.twilio_auth_token');
$twilio = new Client($sid, $token);
2022-07-27 15:12:36 +02:00
try {
$verification = $twilio->verify
->v2
->services(config('ninja.twilio_verify_sid'))
->verifications
->create($request->phone, "sms");
2023-02-16 02:36:09 +01:00
} catch(\Exception $e) {
2022-07-28 03:24:50 +02:00
return response()->json(['message' => 'Invalid phone number please use + country code + number ie. +15552343334'], 400);
2022-07-27 15:12:36 +02:00
}
2022-07-27 03:21:12 +02:00
$account->account_sms_verification_code = $verification->sid;
$account->account_sms_verification_number = $request->phone;
$account->save();
return response()->json(['message' => 'Code sent.'], 200);
}
2023-12-10 03:22:51 +01:00
private function checkPhoneValidity($phone)
{
foreach($this->invalid_codes as $code){
if(stripos($phone, $code) !== false) {
return false;
}
return true;
}
}
2022-07-27 03:21:12 +02:00
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\JsonResponse;
2022-07-27 03:21:12 +02:00
*/
public function confirm(ConfirmSmsRequest $request)
{
/** @var \App\Models\User $user */
$user = auth()->user();
$account = $user->company()->account;
2022-07-27 03:21:12 +02:00
$sid = config('ninja.twilio_account_sid');
$token = config('ninja.twilio_auth_token');
$twilio = new Client($sid, $token);
$verification_check = $twilio->verify
->v2
->services(config('ninja.twilio_verify_sid'))
->verificationChecks
->create([
"to" => $account->account_sms_verification_number,
"code" => $request->code
]);
2023-02-16 02:36:09 +01:00
if ($verification_check->status == 'approved') {
2022-07-27 03:21:12 +02:00
$account->account_sms_verified = true;
$account->save();
/** @var \App\Models\User $user */
2022-11-02 07:36:17 +01:00
$user = auth()->user();
2022-11-02 07:36:17 +01:00
$user->phone = $account->account_sms_verification_number;
2022-11-09 12:22:52 +01:00
$user->verified_phone_number = true;
2022-11-02 07:36:17 +01:00
$user->save();
2022-07-27 03:21:12 +02:00
return response()->json(['message' => 'SMS verified'], 200);
}
return response()->json(['message' => 'SMS not verified'], 400);
2022-10-27 07:11:55 +02:00
}
/**
* generate2faResetCode
*
* @return \Illuminate\Http\JsonResponse;
*/
2022-10-27 07:11:55 +02:00
public function generate2faResetCode(Generate2faRequest $request)
{
$user = User::where('email', $request->email)->first();
2023-02-16 02:36:09 +01:00
if (!$user) {
2022-10-27 07:11:55 +02:00
return response()->json(['message' => 'Unable to retrieve user.'], 400);
2023-02-16 02:36:09 +01:00
}
2022-10-27 07:11:55 +02:00
if (!$user->phone || $user->phone == '') {
return response()->json(['message' => 'User found, but no valid phone number on file, please contact support.'], 400);
}
2022-10-27 07:11:55 +02:00
$sid = config('ninja.twilio_account_sid');
$token = config('ninja.twilio_auth_token');
$twilio = new Client($sid, $token);
try {
$verification = $twilio->verify
->v2
->services(config('ninja.twilio_verify_sid'))
->verifications
->create($user->phone, "sms");
2023-02-16 02:36:09 +01:00
} catch(\Exception $e) {
2022-10-27 07:11:55 +02:00
return response()->json(['message' => 'Invalid phone number on file, we are unable to reset. Please contact support.'], 400);
}
$user->sms_verification_code = $verification->sid;
$user->save();
return response()->json(['message' => 'Code sent.'], 200);
2022-07-27 03:21:12 +02:00
}
/**
* confirm2faResetCode
*
* @param Confirm2faRequest $request
* @return \Illuminate\Http\JsonResponse;
*/
2022-10-27 07:11:55 +02:00
public function confirm2faResetCode(Confirm2faRequest $request)
{
$user = User::where('email', $request->email)->first();
2023-02-16 02:36:09 +01:00
if (!$user) {
2022-10-27 07:11:55 +02:00
return response()->json(['message' => 'Unable to retrieve user.'], 400);
2023-02-16 02:36:09 +01:00
}
2022-10-27 07:11:55 +02:00
$sid = config('ninja.twilio_account_sid');
$token = config('ninja.twilio_auth_token');
$twilio = new Client($sid, $token);
$verification_check = $twilio->verify
->v2
->services(config('ninja.twilio_verify_sid'))
->verificationChecks
->create([
"to" => $user->phone,
"code" => $request->code
]);
2023-02-16 02:36:09 +01:00
if ($verification_check->status == 'approved') {
if ($request->query('validate_only') == 'true') {
2022-11-15 03:35:24 +01:00
$user->verified_phone_number = true;
$user->save();
2022-11-09 12:22:52 +01:00
return response()->json(['message' => 'SMS verified'], 200);
2022-11-15 03:35:24 +01:00
}
2022-11-09 12:22:52 +01:00
2022-10-27 07:11:55 +02:00
$user->google_2fa_secret = '';
$user->sms_verification_code = '';
$user->save();
return response()->json(['message' => 'SMS verified, 2FA disabled.'], 200);
}
return response()->json(['message' => 'SMS not verified.'], 400);
2023-02-16 02:36:09 +01:00
}
2022-10-27 07:11:55 +02:00
// public function validatePhoneNumber()
// {
// $sid = config('ninja.twilio_account_sid');
// $token = config('ninja.twilio_auth_token');
2022-10-27 08:24:49 +02:00
// $twilio = new Client($sid, $token);
2022-10-27 08:24:49 +02:00
// $phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")
// ->fetch(["countryCode" => "AU"]);
2022-10-27 08:24:49 +02:00
// print($phone_number);
// }
2022-07-27 03:21:12 +02:00
}