forked from pterodactyl/panel
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTwoFactorController.php
More file actions
129 lines (112 loc) · 4.14 KB
/
TwoFactorController.php
File metadata and controls
129 lines (112 loc) · 4.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
namespace Pterodactyl\Http\Controllers\Api\Client;
use Carbon\Carbon;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Http\JsonResponse;
use Illuminate\Contracts\Validation\Factory;
use Illuminate\Validation\ValidationException;
use Pterodactyl\Services\Users\TwoFactorSetupService;
use Pterodactyl\Services\Users\ToggleTwoFactorService;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
class TwoFactorController extends ClientApiController
{
/**
* @var \Pterodactyl\Services\Users\TwoFactorSetupService
*/
private $setupService;
/**
* @var \Illuminate\Contracts\Validation\Factory
*/
private $validation;
/**
* @var \Pterodactyl\Services\Users\ToggleTwoFactorService
*/
private $toggleTwoFactorService;
/**
* TwoFactorController constructor.
*
* @param \Pterodactyl\Services\Users\ToggleTwoFactorService $toggleTwoFactorService
* @param \Pterodactyl\Services\Users\TwoFactorSetupService $setupService
* @param \Illuminate\Contracts\Validation\Factory $validation
*/
public function __construct(
ToggleTwoFactorService $toggleTwoFactorService,
TwoFactorSetupService $setupService,
Factory $validation
) {
parent::__construct();
$this->setupService = $setupService;
$this->validation = $validation;
$this->toggleTwoFactorService = $toggleTwoFactorService;
}
/**
* Returns two-factor token credentials that allow a user to configure
* it on their account. If two-factor is already enabled this endpoint
* will return a 400 error.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function index(Request $request)
{
if ($request->user()->totp_enabled) {
throw new BadRequestHttpException('Two-factor authentication is already enabled on this account.');
}
return JsonResponse::create([
'data' => [
'image_url_data' => $this->setupService->handle($request->user()),
],
]);
}
/**
* Updates a user's account to have two-factor enabled.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Illuminate\Validation\ValidationException
* @throws \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException
* @throws \PragmaRX\Google2FA\Exceptions\InvalidCharactersException
* @throws \PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
* @throws \Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid
*/
public function store(Request $request)
{
$validator = $this->validation->make($request->all(), [
'code' => 'required|string',
]);
if ($validator->fails()) {
throw new ValidationException($validator);
}
$this->toggleTwoFactorService->handle($request->user(), $request->input('code'), true);
return JsonResponse::create([], Response::HTTP_NO_CONTENT);
}
/**
* Disables two-factor authentication on an account if the password provided
* is valid.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse
*/
public function delete(Request $request)
{
if (! password_verify($request->input('password') ?? '', $request->user()->password)) {
throw new BadRequestHttpException(
'The password provided was not valid.'
);
}
/** @var \Pterodactyl\Models\User $user */
$user = $request->user();
$user->update([
'totp_authenticated_at' => Carbon::now(),
'use_totp' => false,
]);
return JsonResponse::create([], Response::HTTP_NO_CONTENT);
}
}