From 9dcc3af5ada16379bd668243c0fc27daa34907e6 Mon Sep 17 00:00:00 2001
From: Hillel Coren <hillelcoren@gmail.com>
Date: Thu, 2 Nov 2017 10:43:36 +0200
Subject: [PATCH] Improve 2FA setup

---
 ...Controller.php => TwoFactorController.php} | 24 +++++++++++++++----
 app/Http/routes.php                           |  4 ++--
 resources/lang/en/texts.php                   |  6 ++---
 resources/views/users/two_factor.blade.php    | 12 +++++++---
 4 files changed, 33 insertions(+), 13 deletions(-)
 rename app/Http/Controllers/{Google2FAController.php => TwoFactorController.php} (51%)

diff --git a/app/Http/Controllers/Google2FAController.php b/app/Http/Controllers/TwoFactorController.php
similarity index 51%
rename from app/Http/Controllers/Google2FAController.php
rename to app/Http/Controllers/TwoFactorController.php
index 665309e7f5..e4204014b0 100644
--- a/app/Http/Controllers/Google2FAController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@@ -5,21 +5,20 @@ namespace App\Http\Controllers;
 use PragmaRX\Google2FA\Google2FA;
 use Crypt;
 
-class Google2FAController extends Controller
+class TwoFactorController extends Controller
 {
-    public function enableTwoFactor()
+    public function setupTwoFactor()
     {
         $user = auth()->user();
 
-        if ($user->google_2fa_secret) {
+        if ($user->google_2fa_secret || ! $user->phone) {
             return redirect('/settings/user_details');
         }
 
         $google2fa = new Google2FA();
         $secret = $google2fa->generateSecretKey();
 
-        $user->google_2fa_secret = Crypt::encrypt($secret);
-        $user->save();
+        session(['2fa:secret' => $secret]);
 
         $qrCode = $google2fa->getQRCodeGoogleUrl(
             APP_NAME,
@@ -34,4 +33,19 @@ class Google2FAController extends Controller
 
         return view('users.two_factor', $data);
     }
+
+    public function enableTwoFactor()
+    {
+        $user = auth()->user();
+        $secret = session()->pull('2fa:secret');
+
+        if ($secret && ! $user->google_2fa_secret && $user->phone) {
+            $user->google_2fa_secret = Crypt::encrypt($secret);
+            $user->save();
+
+            session()->flash('message', trans('texts.enabled_two_factor'));
+        }
+
+        return redirect('settings/user_details');
+    }
 }
diff --git a/app/Http/routes.php b/app/Http/routes.php
index b1564052c9..b82309989c 100644
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -143,8 +143,8 @@ Route::group(['middleware' => ['lookup:user', 'auth:user']], function () {
     Route::post('settings/user_details', 'AccountController@saveUserDetails');
     Route::post('settings/payment_gateway_limits', 'AccountGatewayController@savePaymentGatewayLimits');
     Route::post('users/change_password', 'UserController@changePassword');
-    Route::get('settings/enable_two_factor', 'Google2FAController@enableTwoFactor');
-    Route::get('settings/disable_two_factor', 'Google2FAController@disableTwoFactor');
+    Route::get('settings/enable_two_factor', 'TwoFactorController@setupTwoFactor');
+    Route::post('settings/enable_two_factor', 'TwoFactorController@enableTwoFactor');
 
     Route::resource('clients', 'ClientController');
     Route::get('api/clients', 'ClientController@getDatatable');
diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php
index 2dcb3ffe2a..a39caf5eac 100644
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@@ -699,7 +699,7 @@ $LANG = array(
     'invalid_credentials' => 'These credentials do not match our records',
     'show_all_options' => 'Show all options',
     'user_details' => 'User Details',
-    'oneclick_login' => 'Social Login',
+    'oneclick_login' => 'Connected Account',
     'disable' => 'Disable',
     'invoice_quote_number' => 'Invoice and Quote Numbers',
     'invoice_charges' => 'Invoice Surcharges',
@@ -2513,10 +2513,10 @@ $LANG = array(
     'enable_two_factor' => 'Two-Factor Authentication',
     'enable_two_factor_help' => 'Use your phone to confirm your identity when logging in',
     'two_factor_setup' => 'Two-Factor Setup',
-    'two_factor_setup_help' => 'Scan the bar code with a :link compatible app or enter the following code: :code',
-    'return_to_settings' => 'Return to Settings',
+    'two_factor_setup_help' => 'Scan the bar code with a :link compatible app.',
     'one_time_password' => 'One Time Password',
     'set_phone_for_two_factor' => 'Set your phone number to enable.',
+    'enabled_two_factor' => 'Successfully enabled Two-Factor Authentication',
 
 
 );
diff --git a/resources/views/users/two_factor.blade.php b/resources/views/users/two_factor.blade.php
index c9c08b2029..a053021f3c 100644
--- a/resources/views/users/two_factor.blade.php
+++ b/resources/views/users/two_factor.blade.php
@@ -8,6 +8,8 @@
         @include('accounts.nav', ['selected' => ACCOUNT_USER_DETAILS])
     @endif
 
+    {!! Former::open() !!}
+
     <div class="row">
         <div class="col-md-12">
             <div class="panel panel-default">
@@ -17,15 +19,19 @@
                 <div class="panel-body form-padding-right">
                     <div class="text-center">
                         <img src="{{ $qrCode }}" alt="">
-                        <p>{!! trans('texts.two_factor_setup_help', ['code' => $secret, 'link' => link_to('https://github.com/antonioribeiro/google2fa#google-authenticator-apps', 'Google Authenticator', ['target' => '_blank'])]) !!}</p>
+                        <p class="text-muted">{{ $secret }}</p><br/>
+                        <p>{!! trans('texts.two_factor_setup_help', ['link' => link_to('https://github.com/antonioribeiro/google2fa#google-authenticator-apps', 'Google Authenticator', ['target' => '_blank'])]) !!}</p>
                     </div>
                     <p>&nbsp;</p>
-                    <center>
-                        {!! Button::normal(trans('texts.return_to_settings'))->large()->asLinkTo(url('settings/user_details')) !!}
+                    <center class="buttons">
+                        {!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(url('settings/user_details'))->appendIcon(Icon::create('remove-circle')) !!}
+                        {!! Button::success(trans('texts.enable'))->large()->submit()->appendIcon(Icon::create('lock')) !!}
                     </center>
                 </div>
             </div>
         </div>
     </div>
 
+    {!! Former::close() !!}
+
 @stop