invoiceninja/app/Http/Controllers/TwoFactorController.php

<?php

namespace App\Http\Controllers;

use PragmaRX\Google2FA\Google2FA;
use Crypt;

class TwoFactorController extends Controller
{
    public function setupTwoFactor()
    {
        $user = auth()->user();

        if ($user->google_2fa_secret || ! $user->phone || ! $user->confirmed) {
            return redirect('/settings/user_details');
        }

        $google2fa = new Google2FA();

        if ($secret = session('2fa:secret')) {
            // do nothing
        } else {
            $secret = $google2fa->generateSecretKey();
            session(['2fa:secret' => $secret]);
        }

        $qrCode = $google2fa->getQRCodeGoogleUrl(
            APP_NAME,
            $user->email,
            $secret
        );

        $data = [
            'secret' => $secret,
            'qrCode' => $qrCode,
        ];

        return view('users.two_factor', $data);
    }

    public function enableTwoFactor()
    {
        $user = auth()->user();
        $secret = session('2fa:secret');
        $oneTimePassword = request('one_time_password');

        if (! $secret || ! \Google2FA::verifyKey($secret, $oneTimePassword)) {
            return redirect('settings/enable_two_factor')->withError(trans('texts.invalid_one_time_password'));
        } elseif (! $user->google_2fa_secret && $user->phone && $user->confirmed) {
            $user->google_2fa_secret = Crypt::encrypt($secret);
            $user->save();

            session()->forget('2fa:secret');
            session()->flash('message', trans('texts.enabled_two_factor'));
        }

        return redirect('settings/user_details');
    }
}
Request for fail2ban log support and two factor authentication support (2FA) #1657 2017-11-01 20:22:29 +01:00			`<?php`

			`namespace App\Http\Controllers;`

			`use PragmaRX\Google2FA\Google2FA;`
			`use Crypt;`

Improve 2FA setup 2017-11-02 09:43:36 +01:00			`class TwoFactorController extends Controller`
Request for fail2ban log support and two factor authentication support (2FA) #1657 2017-11-01 20:22:29 +01:00			`{`
Improve 2FA setup 2017-11-02 09:43:36 +01:00			`public function setupTwoFactor()`
Request for fail2ban log support and two factor authentication support (2FA) #1657 2017-11-01 20:22:29 +01:00			`{`
			`$user = auth()->user();`

Check user is confirmed for 2FA 2017-11-05 10:54:32 +01:00			`if ($user->google_2fa_secret \|\| ! $user->phone \|\| ! $user->confirmed) {`
Request for fail2ban log support and two factor authentication support (2FA) #1657 2017-11-01 20:22:29 +01:00			`return redirect('/settings/user_details');`
			`}`

			`$google2fa = new Google2FA();`

Don't change secret if enter wrong 2FA password 2017-12-31 10:22:21 +01:00			`if ($secret = session('2fa:secret')) {`
			`// do nothing`
			`} else {`
			`$secret = $google2fa->generateSecretKey();`
			`session(['2fa:secret' => $secret]);`
			`}`
Request for fail2ban log support and two factor authentication support (2FA) #1657 2017-11-01 20:22:29 +01:00
			`$qrCode = $google2fa->getQRCodeGoogleUrl(`
			`APP_NAME,`
			`$user->email,`
			`$secret`
			`);`

			`$data = [`
			`'secret' => $secret,`
			`'qrCode' => $qrCode,`
			`];`

			`return view('users.two_factor', $data);`
			`}`
Improve 2FA setup 2017-11-02 09:43:36 +01:00
			`public function enableTwoFactor()`
			`{`
			`$user = auth()->user();`
Don't change secret if enter wrong 2FA password 2017-12-31 10:22:21 +01:00			`$secret = session('2fa:secret');`
Require OTP to enable 2FA 2017-11-24 10:13:34 +01:00			`$oneTimePassword = request('one_time_password');`
Improve 2FA setup 2017-11-02 09:43:36 +01:00
Require OTP to enable 2FA 2017-11-24 10:13:34 +01:00			`if (! $secret \|\| ! \Google2FA::verifyKey($secret, $oneTimePassword)) {`
Don't change secret if enter wrong 2FA password 2017-12-31 10:22:21 +01:00			`return redirect('settings/enable_two_factor')->withError(trans('texts.invalid_one_time_password'));`
Require OTP to enable 2FA 2017-11-24 10:13:34 +01:00			`} elseif (! $user->google_2fa_secret && $user->phone && $user->confirmed) {`
Improve 2FA setup 2017-11-02 09:43:36 +01:00			`$user->google_2fa_secret = Crypt::encrypt($secret);`
			`$user->save();`

Don't change secret if enter wrong 2FA password 2017-12-31 10:22:21 +01:00			`session()->forget('2fa:secret');`
Improve 2FA setup 2017-11-02 09:43:36 +01:00			`session()->flash('message', trans('texts.enabled_two_factor'));`
			`}`

			`return redirect('settings/user_details');`
			`}`
Request for fail2ban log support and two factor authentication support (2FA) #1657 2017-11-01 20:22:29 +01:00			`}`