mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-11-29 20:23:52 +08:00
1af5bbf3f7
Also continued a bit on the MFA verification system. Moved some MFA routes to public space using updated login service to get the current user that is either logged in or last attempted login (With correct creds).
71 lines
2.0 KiB
PHP
71 lines
2.0 KiB
PHP
<?php
|
|
|
|
namespace BookStack\Http\Controllers\Auth;
|
|
|
|
use BookStack\Actions\ActivityType;
|
|
use BookStack\Auth\Access\Mfa\MfaValue;
|
|
use BookStack\Http\Controllers\Controller;
|
|
use BookStack\Http\Request;
|
|
|
|
class MfaController extends Controller
|
|
{
|
|
use HandlesPartialLogins;
|
|
|
|
/**
|
|
* Show the view to setup MFA for the current user.
|
|
*/
|
|
public function setup()
|
|
{
|
|
$userMethods = $this->currentOrLastAttemptedUser()
|
|
->mfaValues()
|
|
->get(['id', 'method'])
|
|
->groupBy('method');
|
|
return view('mfa.setup', [
|
|
'userMethods' => $userMethods,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Remove an MFA method for the current user.
|
|
* @throws \Exception
|
|
*/
|
|
public function remove(string $method)
|
|
{
|
|
if (in_array($method, MfaValue::allMethods())) {
|
|
$value = user()->mfaValues()->where('method', '=', $method)->first();
|
|
if ($value) {
|
|
$value->delete();
|
|
$this->logActivity(ActivityType::MFA_REMOVE_METHOD, $method);
|
|
}
|
|
}
|
|
|
|
return redirect('/mfa/setup');
|
|
}
|
|
|
|
/**
|
|
* Show the page to start an MFA verification.
|
|
*/
|
|
public function verify(Request $request)
|
|
{
|
|
// TODO - Test this
|
|
$desiredMethod = $request->get('method');
|
|
$userMethods = $this->currentOrLastAttemptedUser()
|
|
->mfaValues()
|
|
->get(['id', 'method'])
|
|
->groupBy('method');
|
|
|
|
// Basic search for the default option for a user.
|
|
// (Prioritises totp over backup codes)
|
|
$method = $userMethods->has($desiredMethod) ? $desiredMethod : $userMethods->keys()->sort()->reverse()->first();
|
|
$otherMethods = $userMethods->keys()->filter(function($userMethod) use ($method) {
|
|
return $method !== $userMethod;
|
|
})->all();
|
|
|
|
return view('mfa.verify', [
|
|
'userMethods' => $userMethods,
|
|
'method' => $method,
|
|
'otherMethods' => $otherMethods,
|
|
]);
|
|
}
|
|
}
|