extend( 'valid_token', function ($attribute, $value, $parameters, $validator) { $secret = Crypt::decrypt($this->user->google_2fa_secret); return Google2FA::verifyKey($secret, $value); }, trans('texts.invalid_code') ); $factory->extend( 'used_token', function ($attribute, $value, $parameters, $validator) { $key = $this->user->id . ':' . $value; return !Cache::has($key); }, trans('texts.invalid_code') ); } /** * Determine if the user is authorized to make this request. * * @return bool */ public function authorize() { try { $this->user = User::findOrFail( session('2fa:user:id') ); } catch (Exception $exc) { return false; } return true; } /** * Get the validation rules that apply to the request. * * @return array */ public function rules() { return [ 'totp' => 'bail|required|digits:6|valid_token|used_token', ]; } }