From 1ca998ddf5fb76b07dac02f44dbc1d718a2ec3d3 Mon Sep 17 00:00:00 2001 From: TemuulenBM Date: Thu, 4 Jan 2024 18:05:07 +0800 Subject: [PATCH] implemented 2fa validation --- .../Internal/v1/AuthController.php | 2 +- .../Internal/v1/TwoFaController.php | 26 +++++++++++ src/Support/TwoFactorAuth.php | 45 +++++++++++++++++-- src/routes.php | 1 + 4 files changed, 70 insertions(+), 4 deletions(-) diff --git a/src/Http/Controllers/Internal/v1/AuthController.php b/src/Http/Controllers/Internal/v1/AuthController.php index 213c289..95a4372 100644 --- a/src/Http/Controllers/Internal/v1/AuthController.php +++ b/src/Http/Controllers/Internal/v1/AuthController.php @@ -49,7 +49,7 @@ public function login(LoginRequest $request) // Check if 2FA enabled if (TwoFactorAuth::isEnabled()) { - $twoFaSession = TwoFactorAuth::start(); + $twoFaSession = TwoFactorAuth::start($user); return response()->json(['two_fa_session' => $twoFaSession]); } diff --git a/src/Http/Controllers/Internal/v1/TwoFaController.php b/src/Http/Controllers/Internal/v1/TwoFaController.php index f5e26c1..1e8c62f 100644 --- a/src/Http/Controllers/Internal/v1/TwoFaController.php +++ b/src/Http/Controllers/Internal/v1/TwoFaController.php @@ -61,4 +61,30 @@ public function verifyTwoFactor(Request $request) { return TwoFactorAuth::verifyTwoFactor($request); } + + public function checkTwoFactor(Request $request) + { + $identity = $request->input('identity'); + $isTwoFaEnabled = TwoFactorAuth::isEnabled(); + $twoFaSession = null; + $isTwoFaValidated = false; + $error = null; + + if ($isTwoFaEnabled) { + $twoFaSession = TwoFactorAuth::start($identity); + + if ($twoFaSession === null) { + $error = 'No user found using identity provided'; + } else { + $isTwoFaValidated = TwoFactorAuth::isTwoFactorSessionValidated($twoFaSession); + } + } + + return response()->json([ + 'isTwoFaEnabled' => $isTwoFaEnabled, + 'isTwoFaValidated' => $isTwoFaValidated, + 'twoFaSession' => $twoFaSession, + 'error' => $error + ]); + } } diff --git a/src/Support/TwoFactorAuth.php b/src/Support/TwoFactorAuth.php index eb5726e..ce613ec 100644 --- a/src/Support/TwoFactorAuth.php +++ b/src/Support/TwoFactorAuth.php @@ -5,7 +5,10 @@ use Fleetbase\Models\VerificationCode; use Aloha\Twilio\Support\Laravel\Facade as Twilio; use Fleetbase\Models\Setting; +use Fleetbase\Models\User; +use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\RateLimiter; +use Illuminate\Support\Str; use Illuminate\Validation\ValidationException; /** @@ -129,13 +132,49 @@ private static function sendVerificationSuccessSms($user) Twilio::message($user->phone, 'Your Fleetbase verification was successful. Welcome!'); } + /** + * Check if Two-Factor Authentication is enabled. + * + * @return bool + */ public static function isEnabled() { - return Setting::lookup('2fa', ['enabled']); + $twoFaSettings = Setting::lookup('2fa'); + + // dd(data_get($twoFaSettings, 'enabled')); + + return isset($twoFaSettings['enabled']) ? (bool)$twoFaSettings['enabled'] : false; + + // return data_get($twoFaSettings, 'enabled'); + } + + /** + * Start the Two-Factor Authentication process and return the session key. + * + * @return string + */ + public static function start(string $identity): ?string + { + $twoFaSession = Str::random(40); + + $user = User::where(function ($query) use ($identity) { + $query->where('email', $identity)->orWhere('phone', $identity); + })->first(); + + if ($user) { + Cache::put('two_fa_session:' . $user->uuid, true, now()->addMinutes(10)); + return $twoFaSession; + } + + return null; } - public static function start() + public static function isTwoFactorSessionValidated(?string $twoFaSession = null): bool { - return true; + if ($twoFaSession === null) { + return false; + } + // do check here + return false; } } diff --git a/src/routes.php b/src/routes.php index d29b858..dbc7682 100644 --- a/src/routes.php +++ b/src/routes.php @@ -123,6 +123,7 @@ function ($router, $controller) { function ($router, $controller) { $router->post('settings', $controller('saveSettings')); $router->get('settings', $controller('getSettings')); + $router->get('settings', $controller('checkTwoFactor')); } ); $router->fleetbaseRoutes('api-events');