mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-10-31 03:07:30 -04:00
79 lines
1.7 KiB
PHP
79 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Requests;
|
|
|
|
use Cache;
|
|
use Crypt;
|
|
use Google2FA;
|
|
use App\Models\User;
|
|
use App\Http\Requests\Request;
|
|
use Illuminate\Validation\Factory as ValidatonFactory;
|
|
|
|
class ValidateTwoFactorRequest extends Request
|
|
{
|
|
/**
|
|
*
|
|
* @var \App\User
|
|
*/
|
|
private $user;
|
|
|
|
/**
|
|
* Create a new FormRequest instance.
|
|
*
|
|
* @param \Illuminate\Validation\Factory $factory
|
|
* @return void
|
|
*/
|
|
public function __construct(ValidatonFactory $factory)
|
|
{
|
|
$factory->extend(
|
|
'valid_token',
|
|
function ($attribute, $value, $parameters, $validator) {
|
|
$secret = Crypt::decrypt($this->user->google_2fa_secret);
|
|
|
|
return Google2FA::verifyKey($secret, $value);
|
|
},
|
|
trans('texts.invalid_code')
|
|
);
|
|
|
|
$factory->extend(
|
|
'used_token',
|
|
function ($attribute, $value, $parameters, $validator) {
|
|
$key = $this->user->id . ':' . $value;
|
|
|
|
return !Cache::has($key);
|
|
},
|
|
trans('texts.invalid_code')
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Determine if the user is authorized to make this request.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function authorize()
|
|
{
|
|
try {
|
|
$this->user = User::findOrFail(
|
|
session('2fa:user:id')
|
|
);
|
|
} catch (Exception $exc) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Get the validation rules that apply to the request.
|
|
*
|
|
* @return array
|
|
*/
|
|
public function rules()
|
|
{
|
|
return [
|
|
'totp' => 'bail|required|digits:6|valid_token|used_token',
|
|
];
|
|
}
|
|
}
|