invoiceninja/app/Http/Controllers/TwilioController.php

<?php
/**
 * Invoice Ninja (https://invoiceninja.com).
 *
 * @link https://github.com/invoiceninja/invoiceninja source repository
 *
 * @copyright Copyright (c) 2023. Invoice Ninja LLC (https://invoiceninja.com)
 *
 * @license https://www.elastic.co/licensing/elastic-license
 */

namespace App\Http\Controllers;

use App\Http\Requests\Twilio\Confirm2faRequest;
use App\Http\Requests\Twilio\ConfirmSmsRequest;
use App\Http\Requests\Twilio\Generate2faRequest;
use App\Http\Requests\Twilio\GenerateSmsRequest;
use App\Libraries\MultiDB;
use App\Models\User;
use Twilio\Rest\Client;

class TwilioController extends BaseController
{
    private array $invalid_codes = [
        '+21',
        '+17152567760',
    ];

    public function __construct()
    {
        parent::__construct();
    }

    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\JsonResponse;
     */
    public function generate(GenerateSmsRequest $request)
    {
        /** @var \App\Models\User $user */
        $user = auth()->user();

        if(!$user->email_verified_at) {
            return response()->json(['message' => 'Please verify your email address before verifying your phone number'], 400);
        }

        $account = $user->company()->account;

        if(!$this->checkPhoneValidity($request->phone)) {
            return response()->json(['message' => 'This phone number is not supported'], 400);
        }

        if (MultiDB::hasPhoneNumber($request->phone)) {
            return response()->json(['message' => 'This phone number has already been verified with another account'], 400);
        }

        $sid = config('ninja.twilio_account_sid');
        $token = config('ninja.twilio_auth_token');

        $twilio = new Client($sid, $token);


        try {
            $verification = $twilio->verify
                                   ->v2
                                   ->services(config('ninja.twilio_verify_sid'))
                                   ->verifications
                                   ->create($request->phone, "sms");
        } catch(\Exception $e) {
            return response()->json(['message' => 'Invalid phone number please use + country code + number ie. +15552343334'], 400);
        }

        $account->account_sms_verification_code = $verification->sid;
        $account->account_sms_verification_number = $request->phone;
        $account->save();

        return response()->json(['message' => 'Code sent.'], 200);
    }

    private function checkPhoneValidity($phone)
    {
        foreach($this->invalid_codes as $code) {

            if(stripos($phone, $code) !== false) {
                return false;
            }

            return true;

        }
    }

    /**
     * Show the form for creating a new resource.
     *
     * @return \Illuminate\Http\JsonResponse;
     */
    public function confirm(ConfirmSmsRequest $request)
    {
        /** @var \App\Models\User $user */
        $user = auth()->user();

        $account = $user->company()->account;

        $sid = config('ninja.twilio_account_sid');
        $token = config('ninja.twilio_auth_token');

        $twilio = new Client($sid, $token);

        $verification_check = $twilio->verify
                                     ->v2
                                     ->services(config('ninja.twilio_verify_sid'))
                                     ->verificationChecks
                                     ->create([
                                             "to" => $account->account_sms_verification_number,
                                             "code" => $request->code
                                       ]);


        if ($verification_check->status == 'approved') {
            $account->account_sms_verified = true;
            $account->save();

            /** @var \App\Models\User $user */
            $user = auth()->user();

            $user->phone = $account->account_sms_verification_number;
            $user->verified_phone_number = true;
            $user->save();

            return response()->json(['message' => 'SMS verified'], 200);
        }


        return response()->json(['message' => 'SMS not verified'], 400);
    }

    /**
     * generate2faResetCode
     *
     * @return \Illuminate\Http\JsonResponse;
     */
    public function generate2faResetCode(Generate2faRequest $request)
    {
        nlog($request->all());
        nlog($request->headers());

        $user = User::where('email', $request->email)->first();

        if (!$user) {
            return response()->json(['message' => 'Unable to retrieve user.'], 400);
        }

        if(!$user->email_verified_at) {
            return response()->json(['message' => 'Please verify your email address before verifying your phone number'], 400);
        }


        if(!$user->first_name || !$user->last_name) {
            return response()->json(['message' => 'Please update your first and/or last name in the User Details before verifying your number.'], 400);
        }

        if (!$user->phone || $user->phone == '') {
            return response()->json(['message' => 'User found, but no valid phone number on file, please contact support.'], 400);
        }

        $sid = config('ninja.twilio_account_sid');
        $token = config('ninja.twilio_auth_token');

        $twilio = new Client($sid, $token);

        try {
            $verification = $twilio->verify
                                   ->v2
                                   ->services(config('ninja.twilio_verify_sid'))
                                   ->verifications
                                   ->create($user->phone, "sms");
        } catch(\Exception $e) {
            return response()->json(['message' => 'Invalid phone number on file, we are unable to reset. Please contact support.'], 400);
        }

        $user->sms_verification_code = $verification->sid;
        $user->save();

        return response()->json(['message' => 'Code sent.'], 200);
    }

    /**
     * confirm2faResetCode
     *
     * @param  Confirm2faRequest $request
     * @return \Illuminate\Http\JsonResponse;
     */
    public function confirm2faResetCode(Confirm2faRequest $request)
    {
        $user = User::where('email', $request->email)->first();

        if (!$user) {
            return response()->json(['message' => 'Unable to retrieve user.'], 400);
        }

        $sid = config('ninja.twilio_account_sid');
        $token = config('ninja.twilio_auth_token');

        $twilio = new Client($sid, $token);

        $verification_check = $twilio->verify
                                     ->v2
                                     ->services(config('ninja.twilio_verify_sid'))
                                     ->verificationChecks
                                     ->create([
                                             "to" => $user->phone,
                                             "code" => $request->code
                                       ]);

        if ($verification_check->status == 'approved') {
            if ($request->query('validate_only') == 'true') {
                $user->verified_phone_number = true;
                $user->save();
                return response()->json(['message' => 'SMS verified'], 200);
            }

            $user->google_2fa_secret = '';
            $user->sms_verification_code = '';
            $user->save();

            return response()->json(['message' => 'SMS verified, 2FA disabled.'], 200);
        }

        return response()->json(['message' => 'SMS not verified.'], 400);
    }

    // public function validatePhoneNumber()
    // {
    //     $sid = config('ninja.twilio_account_sid');
    //     $token = config('ninja.twilio_auth_token');

    //     $twilio = new Client($sid, $token);

    //     $phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")
    //                                         ->fetch(["countryCode" => "AU"]);

    //     print($phone_number);
    // }
}
Integrate twilio 2022-07-27 03:21:12 +02:00			`<?php`
			`/**`
			`* Invoice Ninja (https://invoiceninja.com).`
			`*`
			`* @link https://github.com/invoiceninja/invoiceninja source repository`
			`*`
Update copyright year 2023-01-28 23:21:40 +01:00			`* @copyright Copyright (c) 2023. Invoice Ninja LLC (https://invoiceninja.com)`
Integrate twilio 2022-07-27 03:21:12 +02:00			`*`
			`* @license https://www.elastic.co/licensing/elastic-license`
			`*/`

			`namespace App\Http\Controllers;`

2FA reset 2022-10-27 07:11:55 +02:00			`use App\Http\Requests\Twilio\Confirm2faRequest;`
Integrate twilio 2022-07-27 03:21:12 +02:00			`use App\Http\Requests\Twilio\ConfirmSmsRequest;`
2FA reset 2022-10-27 07:11:55 +02:00			`use App\Http\Requests\Twilio\Generate2faRequest;`
Integrate twilio 2022-07-27 03:21:12 +02:00			`use App\Http\Requests\Twilio\GenerateSmsRequest;`
php cs fixes 2023-10-26 04:57:44 +02:00			`use App\Libraries\MultiDB;`
			`use App\Models\User;`
			`use Twilio\Rest\Client;`
Integrate twilio 2022-07-27 03:21:12 +02:00
			`class TwilioController extends BaseController`
			`{`
Updates for readme 2023-12-10 03:22:51 +01:00			`private array $invalid_codes = [`
			`'+21',`
			`'+17152567760',`
			`];`

Integrate twilio 2022-07-27 03:21:12 +02:00			`public function __construct()`
			`{`
			`parent::__construct();`
			`}`

			`/**`
			`* Display a listing of the resource.`
			`*`
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`* @return \Illuminate\Http\JsonResponse;`
Integrate twilio 2022-07-27 03:21:12 +02:00			`*/`
			`public function generate(GenerateSmsRequest $request)`
			`{`
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`/** @var \App\Models\User $user */`
			`$user = auth()->user();`

Updates for SMS verification 2023-12-21 07:47:35 +01:00			`if(!$user->email_verified_at) {`
			`return response()->json(['message' => 'Please verify your email address before verifying your phone number'], 400);`
			`}`

Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`$account = $user->company()->account;`
Integrate twilio 2022-07-27 03:21:12 +02:00
Updates for readme 2023-12-10 03:22:51 +01:00			`if(!$this->checkPhoneValidity($request->phone)) {`
Twilio 2023-12-08 23:42:15 +01:00			`return response()->json(['message' => 'This phone number is not supported'], 400);`
			`}`

php-cs-fixer 2023-02-16 02:36:09 +01:00			`if (MultiDB::hasPhoneNumber($request->phone)) {`
Integrate twilio 2022-07-27 03:21:12 +02:00			`return response()->json(['message' => 'This phone number has already been verified with another account'], 400);`
php-cs-fixer 2023-02-16 02:36:09 +01:00			`}`
Integrate twilio 2022-07-27 03:21:12 +02:00
			`$sid = config('ninja.twilio_account_sid');`
			`$token = config('ninja.twilio_auth_token');`

			`$twilio = new Client($sid, $token);`

Fixes for Twilio 2022-07-27 15:12:36 +02:00
			`try {`
			`$verification = $twilio->verify`
			`->v2`
			`->services(config('ninja.twilio_verify_sid'))`
			`->verifications`
			`->create($request->phone, "sms");`
php-cs-fixer 2023-02-16 02:36:09 +01:00			`} catch(\Exception $e) {`
Fixes for tests 2022-07-28 03:24:50 +02:00			`return response()->json(['message' => 'Invalid phone number please use + country code + number ie. +15552343334'], 400);`
Fixes for Twilio 2022-07-27 15:12:36 +02:00			`}`
Integrate twilio 2022-07-27 03:21:12 +02:00
			`$account->account_sms_verification_code = $verification->sid;`
			`$account->account_sms_verification_number = $request->phone;`
			`$account->save();`

			`return response()->json(['message' => 'Code sent.'], 200);`
			`}`

Updates for readme 2023-12-10 03:22:51 +01:00			`private function checkPhoneValidity($phone)`
			`{`
cs fixer 2024-01-14 05:05:00 +01:00			`foreach($this->invalid_codes as $code) {`
Updates for readme 2023-12-10 03:22:51 +01:00
			`if(stripos($phone, $code) !== false) {`
			`return false;`
			`}`

			`return true;`

			`}`
			`}`

Integrate twilio 2022-07-27 03:21:12 +02:00			`/**`
			`* Show the form for creating a new resource.`
			`*`
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`* @return \Illuminate\Http\JsonResponse;`
Integrate twilio 2022-07-27 03:21:12 +02:00			`*/`
			`public function confirm(ConfirmSmsRequest $request)`
			`{`
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`/** @var \App\Models\User $user */`
			`$user = auth()->user();`

			`$account = $user->company()->account;`
Integrate twilio 2022-07-27 03:21:12 +02:00
			`$sid = config('ninja.twilio_account_sid');`
			`$token = config('ninja.twilio_auth_token');`

			`$twilio = new Client($sid, $token);`

			`$verification_check = $twilio->verify`
			`->v2`
			`->services(config('ninja.twilio_verify_sid'))`
			`->verificationChecks`
			`->create([`
			`"to" => $account->account_sms_verification_number,`
			`"code" => $request->code`
			`]);`
cs fixer 2024-01-14 05:05:00 +01:00
Integrate twilio 2022-07-27 03:21:12 +02:00
php-cs-fixer 2023-02-16 02:36:09 +01:00			`if ($verification_check->status == 'approved') {`
Integrate twilio 2022-07-27 03:21:12 +02:00			`$account->account_sms_verified = true;`
			`$account->save();`

Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`/** @var \App\Models\User $user */`
Updated lock file 2022-11-02 07:36:17 +01:00			`$user = auth()->user();`
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00
Updated lock file 2022-11-02 07:36:17 +01:00			`$user->phone = $account->account_sms_verification_number;`
Fixes for 2FA 2022-11-09 12:22:52 +01:00			`$user->verified_phone_number = true;`
Updated lock file 2022-11-02 07:36:17 +01:00			`$user->save();`

Integrate twilio 2022-07-27 03:21:12 +02:00			`return response()->json(['message' => 'SMS verified'], 200);`
			`}`


			`return response()->json(['message' => 'SMS not verified'], 400);`
2FA reset 2022-10-27 07:11:55 +02:00			`}`
cs fixer 2024-01-14 05:05:00 +01:00
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`/**`
			`* generate2faResetCode`
			`*`
			`* @return \Illuminate\Http\JsonResponse;`
			`*/`
2FA reset 2022-10-27 07:11:55 +02:00			`public function generate2faResetCode(Generate2faRequest $request)`
			`{`
Add turnstile functionality 2023-12-23 03:10:15 +01:00			`nlog($request->all());`
			`nlog($request->headers());`

2FA reset 2022-10-27 07:11:55 +02:00			`$user = User::where('email', $request->email)->first();`

php-cs-fixer 2023-02-16 02:36:09 +01:00			`if (!$user) {`
2FA reset 2022-10-27 07:11:55 +02:00			`return response()->json(['message' => 'Unable to retrieve user.'], 400);`
php-cs-fixer 2023-02-16 02:36:09 +01:00			`}`
2FA reset 2022-10-27 07:11:55 +02:00
Updates for SMS verification 2023-12-21 07:47:35 +01:00			`if(!$user->email_verified_at) {`
			`return response()->json(['message' => 'Please verify your email address before verifying your phone number'], 400);`
			`}`

Add turnstile functionality 2023-12-23 03:10:15 +01:00
			`if(!$user->first_name \|\| !$user->last_name) {`
			`return response()->json(['message' => 'Please update your first and/or last name in the User Details before verifying your number.'], 400);`
			`}`

Add reminder schedules to invoice transformer selectively 2023-08-11 03:30:11 +02:00			`if (!$user->phone \|\| $user->phone == '') {`
			`return response()->json(['message' => 'User found, but no valid phone number on file, please contact support.'], 400);`
			`}`

2FA reset 2022-10-27 07:11:55 +02:00			`$sid = config('ninja.twilio_account_sid');`
			`$token = config('ninja.twilio_auth_token');`

			`$twilio = new Client($sid, $token);`

			`try {`
			`$verification = $twilio->verify`
			`->v2`
			`->services(config('ninja.twilio_verify_sid'))`
			`->verifications`
			`->create($user->phone, "sms");`
php-cs-fixer 2023-02-16 02:36:09 +01:00			`} catch(\Exception $e) {`
2FA reset 2022-10-27 07:11:55 +02:00			`return response()->json(['message' => 'Invalid phone number on file, we are unable to reset. Please contact support.'], 400);`
			`}`

			`$user->sms_verification_code = $verification->sid;`
			`$user->save();`

			`return response()->json(['message' => 'Code sent.'], 200);`
Integrate twilio 2022-07-27 03:21:12 +02:00			`}`
cs fixer 2024-01-14 05:05:00 +01:00
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`/**`
			`* confirm2faResetCode`
			`*`
			`* @param Confirm2faRequest $request`
			`* @return \Illuminate\Http\JsonResponse;`
			`*/`
2FA reset 2022-10-27 07:11:55 +02:00			`public function confirm2faResetCode(Confirm2faRequest $request)`
			`{`
			`$user = User::where('email', $request->email)->first();`

php-cs-fixer 2023-02-16 02:36:09 +01:00			`if (!$user) {`
2FA reset 2022-10-27 07:11:55 +02:00			`return response()->json(['message' => 'Unable to retrieve user.'], 400);`
php-cs-fixer 2023-02-16 02:36:09 +01:00			`}`
2FA reset 2022-10-27 07:11:55 +02:00
			`$sid = config('ninja.twilio_account_sid');`
			`$token = config('ninja.twilio_auth_token');`

			`$twilio = new Client($sid, $token);`

			`$verification_check = $twilio->verify`
			`->v2`
			`->services(config('ninja.twilio_verify_sid'))`
			`->verificationChecks`
			`->create([`
			`"to" => $user->phone,`
			`"code" => $request->code`
			`]);`
cs fixer 2024-01-14 05:05:00 +01:00
php-cs-fixer 2023-02-16 02:36:09 +01:00			`if ($verification_check->status == 'approved') {`
			`if ($request->query('validate_only') == 'true') {`
patch for 2FA Verification 2022-11-15 03:35:24 +01:00			`$user->verified_phone_number = true;`
			`$user->save();`
Fixes for 2FA 2022-11-09 12:22:52 +01:00			`return response()->json(['message' => 'SMS verified'], 200);`
patch for 2FA Verification 2022-11-15 03:35:24 +01:00			`}`
Fixes for 2FA 2022-11-09 12:22:52 +01:00
2FA reset 2022-10-27 07:11:55 +02:00			`$user->google_2fa_secret = '';`
			`$user->sms_verification_code = '';`
			`$user->save();`

			`return response()->json(['message' => 'SMS verified, 2FA disabled.'], 200);`
			`}`

			`return response()->json(['message' => 'SMS not verified.'], 400);`
php-cs-fixer 2023-02-16 02:36:09 +01:00			`}`
2FA reset 2022-10-27 07:11:55 +02:00
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`// public function validatePhoneNumber()`
			`// {`
			`// $sid = config('ninja.twilio_account_sid');`
			`// $token = config('ninja.twilio_auth_token');`
2FA reset 2022-10-27 08:24:49 +02:00
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`// $twilio = new Client($sid, $token);`
2FA reset 2022-10-27 08:24:49 +02:00
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`// $phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")`
			`// ->fetch(["countryCode" => "AU"]);`
2FA reset 2022-10-27 08:24:49 +02:00
Fixes for permissions to view tax rates 2023-07-27 03:14:59 +02:00			`// print($phone_number);`
			`// }`
Integrate twilio 2022-07-27 03:21:12 +02:00			`}`