2021-02-20 01:45:20 +01:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Invoice Ninja (https://invoiceninja.com).
|
|
|
|
*
|
|
|
|
* @link https://github.com/invoiceninja/invoiceninja source repository
|
|
|
|
*
|
2023-01-28 23:21:40 +01:00
|
|
|
* @copyright Copyright (c) 2023. Invoice Ninja LLC (https://invoiceninja.com)
|
2021-02-20 01:45:20 +01:00
|
|
|
*
|
2021-06-16 08:58:16 +02:00
|
|
|
* @license https://www.elastic.co/licensing/elastic-license
|
2021-02-20 01:45:20 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
|
2021-06-23 06:55:12 +02:00
|
|
|
use App\Models\User;
|
2023-05-30 23:51:48 +02:00
|
|
|
use App\Utils\Ninja;
|
2021-06-23 06:55:12 +02:00
|
|
|
use PragmaRX\Google2FA\Google2FA;
|
2023-05-30 23:51:48 +02:00
|
|
|
use App\Transformers\UserTransformer;
|
|
|
|
use App\Http\Requests\TwoFactor\EnableTwoFactorRequest;
|
2021-02-20 01:45:20 +01:00
|
|
|
|
|
|
|
class TwoFactorController extends BaseController
|
|
|
|
{
|
2021-06-23 06:55:12 +02:00
|
|
|
protected $entity_type = User::class;
|
|
|
|
|
|
|
|
protected $entity_transformer = UserTransformer::class;
|
2022-06-21 11:57:17 +02:00
|
|
|
|
2021-02-20 01:45:20 +01:00
|
|
|
public function setupTwoFactor()
|
|
|
|
{
|
2023-05-30 23:51:48 +02:00
|
|
|
/** @var \App\Models\User $user */
|
2021-02-20 01:45:20 +01:00
|
|
|
$user = auth()->user();
|
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($user->google_2fa_secret) {
|
2021-02-20 01:45:20 +01:00
|
|
|
return response()->json(['message' => '2FA already enabled'], 400);
|
2023-05-30 23:51:48 +02:00
|
|
|
} elseif(Ninja::isSelfHost()){
|
|
|
|
|
|
|
|
}
|
|
|
|
elseif (! $user->phone) {
|
2021-02-20 01:45:20 +01:00
|
|
|
return response()->json(['message' => ctrans('texts.set_phone_for_two_factor')], 400);
|
2022-06-21 11:57:17 +02:00
|
|
|
} elseif (! $user->isVerified()) {
|
2021-02-20 01:45:20 +01:00
|
|
|
return response()->json(['message' => 'Please confirm your account first'], 400);
|
2022-06-21 11:57:17 +02:00
|
|
|
}
|
2021-02-20 01:45:20 +01:00
|
|
|
|
|
|
|
$google2fa = new Google2FA();
|
|
|
|
$secret = $google2fa->generateSecretKey();
|
2022-06-21 11:57:17 +02:00
|
|
|
|
2021-03-08 21:46:30 +01:00
|
|
|
$qr_code = $google2fa->getQRCodeUrl(
|
2021-02-24 00:00:51 +01:00
|
|
|
config('ninja.app_name'),
|
2021-02-20 01:45:20 +01:00
|
|
|
$user->email,
|
|
|
|
$secret
|
|
|
|
);
|
|
|
|
|
|
|
|
$data = [
|
|
|
|
'secret' => $secret,
|
2021-03-09 11:53:25 +01:00
|
|
|
'qrCode' => $qr_code,
|
2021-02-20 01:45:20 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
return response()->json(['data' => $data], 200);
|
|
|
|
}
|
|
|
|
|
2022-12-01 05:33:40 +01:00
|
|
|
public function enableTwoFactor(EnableTwoFactorRequest $request)
|
2021-02-20 01:45:20 +01:00
|
|
|
{
|
2021-03-14 22:40:07 +01:00
|
|
|
$google2fa = new Google2FA();
|
|
|
|
|
2021-02-20 01:45:20 +01:00
|
|
|
$user = auth()->user();
|
2022-12-01 05:33:40 +01:00
|
|
|
$secret = $request->input('secret');
|
|
|
|
$oneTimePassword = $request->input('one_time_password');
|
2021-02-20 01:45:20 +01:00
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at) {
|
2021-02-20 01:45:20 +01:00
|
|
|
$user->google_2fa_secret = encrypt($secret);
|
|
|
|
$user->save();
|
2021-03-15 23:33:55 +01:00
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
|
2021-03-15 23:33:55 +01:00
|
|
|
} elseif (! $secret || ! $google2fa->verifyKey($secret, $oneTimePassword)) {
|
2021-03-16 14:40:58 +01:00
|
|
|
return response()->json(['message' => ctrans('texts.invalid_one_time_password')], 400);
|
2022-06-21 11:57:17 +02:00
|
|
|
}
|
2021-03-15 23:33:55 +01:00
|
|
|
|
2021-03-16 14:40:58 +01:00
|
|
|
return response()->json(['message' => 'No phone record or user is not confirmed'], 400);
|
2021-02-20 01:45:20 +01:00
|
|
|
}
|
2022-06-21 11:57:17 +02:00
|
|
|
|
2022-12-01 05:33:40 +01:00
|
|
|
/*
|
|
|
|
* @param App\Models\User $user
|
|
|
|
* @param App\Models\User auth()->user()
|
|
|
|
*/
|
|
|
|
|
2021-06-06 11:21:05 +02:00
|
|
|
public function disableTwoFactor()
|
|
|
|
{
|
|
|
|
$user = auth()->user();
|
|
|
|
$user->google_2fa_secret = null;
|
|
|
|
$user->save();
|
|
|
|
|
|
|
|
return $this->itemResponse($user);
|
|
|
|
}
|
2021-02-20 01:45:20 +01:00
|
|
|
}
|