Changeset View
Changeset View
Standalone View
Standalone View
src/app/Auth/SecondFactor.php
| Show All 29 Lines | public function __construct($user) | ||||
| $this->user = $user; | $this->user = $user; | ||||
| parent::__construct(); | parent::__construct(); | ||||
| } | } | ||||
| /** | /** | ||||
| * Validate 2-factor authentication code | * Validate 2-factor authentication code | ||||
| * | * | ||||
| * @param \Illuminate\Http\Request $request The API request. | * @param string $secondfactor The 2-factor authentication code. | ||||
| * | * | ||||
| * @return \Illuminate\Http\JsonResponse|null | * @throws \Exception on validation failure | ||||
machniak: $e is not needed here. | |||||
| */ | */ | ||||
| public function requestHandler($request) | public function validate($secondfactor): void | ||||
| { | { | ||||
| // get list of configured authentication factors | // get list of configured authentication factors | ||||
| $factors = $this->factors(); | $factors = $this->factors(); | ||||
| // do nothing if no factors configured | // do nothing if no factors configured | ||||
| if (empty($factors)) { | if (empty($factors)) { | ||||
| return null; | return; | ||||
| } | } | ||||
| if (empty($request->secondfactor) || !is_string($request->secondfactor)) { | if (empty($secondfactor) || !is_string($secondfactor)) { | ||||
| $errors = ['secondfactor' => \trans('validation.2fareq')]; | throw new \Exception(\trans('validation.2fareq')); | ||||
| return response()->json(['status' => 'error', 'errors' => $errors], 422); | |||||
| } | } | ||||
| // try to verify each configured factor | // try to verify each configured factor | ||||
| foreach ($factors as $factor) { | foreach ($factors as $factor) { | ||||
| // verify the submitted code | // verify the submitted code | ||||
| // if (strpos($factor, 'dummy:') === 0 && (\app('env') != 'production') { | if ($this->verify($factor, $secondfactor)) { | ||||
| // if ($request->secondfactor === 'dummy') { | return; | ||||
| // return null; | } | ||||
| // } | |||||
| // } else | |||||
| if ($this->verify($factor, $request->secondfactor)) { | |||||
| return null; | |||||
| } | } | ||||
| throw new \Exception(\trans('validation.2fainvalid')); | |||||
| } | } | ||||
| $errors = ['secondfactor' => \trans('validation.2fainvalid')]; | /** | ||||
| * Validate 2-factor authentication code | |||||
| * | |||||
| * @param \Illuminate\Http\Request $request The API request. | |||||
| * | |||||
| * @return \Illuminate\Http\JsonResponse|null | |||||
| */ | |||||
| public function requestHandler(\Illuminate\Http\Request $request) | |||||
| { | |||||
| try { | |||||
| $this->validate($request->secondfactor); | |||||
| } catch (\Exception $e) { | |||||
| $errors = ['secondfactor' => $e->getMessage()]; | |||||
| return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
| } | } | ||||
| return null; | |||||
| } | |||||
| /** | /** | ||||
| * Remove all configured 2FA methods for the current user | * Remove all configured 2FA methods for the current user | ||||
| * | * | ||||
| * @return bool True on success, False otherwise | * @return bool True on success, False otherwise | ||||
| */ | */ | ||||
| public function removeFactors(): bool | public function removeFactors(): bool | ||||
| { | { | ||||
| ▲ Show 20 Lines • Show All 250 Lines • Show Last 20 Lines | |||||
$e is not needed here.