mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-15 07:33:04 +01:00
64 lines
1.9 KiB
PHP
64 lines
1.9 KiB
PHP
|
<?php
|
||
|
/**
|
||
|
* Invoice Ninja (https://invoiceninja.com).
|
||
|
*
|
||
|
* @link https://github.com/invoiceninja/invoiceninja source repository
|
||
|
*
|
||
|
* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
|
||
|
*
|
||
|
* @license https://opensource.org/licenses/AAL
|
||
|
*/
|
||
|
|
||
|
namespace App\Http\Controllers;
|
||
|
|
||
|
use PragmaRX\Google2FA\Google2FA;
|
||
|
use Crypt;
|
||
|
|
||
|
class TwoFactorController extends BaseController
|
||
|
{
|
||
|
public function setupTwoFactor()
|
||
|
{
|
||
|
$user = auth()->user();
|
||
|
|
||
|
if ($user->google_2fa_secret)
|
||
|
return response()->json(['message' => '2FA already enabled'], 400);
|
||
|
elseif(! $user->phone)
|
||
|
return response()->json(['message' => ctrans('texts.set_phone_for_two_factor')], 400);
|
||
|
elseif(! $user->confirmed)
|
||
|
return response()->json(['message' => 'Please confirm your account first'], 400);
|
||
|
|
||
|
$google2fa = new Google2FA();
|
||
|
$secret = $google2fa->generateSecretKey();
|
||
|
|
||
|
$qr_code = $google2fa->getQRCodeGoogleUrl(
|
||
|
config('ninja.app_name')
|
||
|
$user->email,
|
||
|
$secret
|
||
|
);
|
||
|
|
||
|
$data = [
|
||
|
'secret' => $secret,
|
||
|
'qrCode' => $qrCode,
|
||
|
];
|
||
|
|
||
|
return response()->json(['data' => $data], 200);
|
||
|
|
||
|
}
|
||
|
|
||
|
public function enableTwoFactor()
|
||
|
{
|
||
|
$user = auth()->user();
|
||
|
$secret = request()->input('secret');
|
||
|
$oneTimePassword = request()->input('one_time_password');
|
||
|
|
||
|
if (! $secret || ! \Google2FA::verifyKey($secret, $oneTimePassword)) {
|
||
|
return response()->json('message' > ctrans('texts.invalid_one_time_password'));
|
||
|
} elseif (! $user->google_2fa_secret && $user->phone && $user->confirmed) {
|
||
|
$user->google_2fa_secret = encrypt($secret);
|
||
|
$user->save();
|
||
|
}
|
||
|
|
||
|
return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
|
||
|
}
|
||
|
}
|