invoiceninja/app/Http/Controllers/TwoFactorController.php

<?php
/**
 * Invoice Ninja (https://invoiceninja.com).
 *
 * @link https://github.com/invoiceninja/invoiceninja source repository
 *
 * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
 *
 * @license https://www.elastic.co/licensing/elastic-license
 */

namespace App\Http\Controllers;

use PragmaRX\Google2FA\Google2FA;
use Crypt;

class TwoFactorController extends BaseController
{
    public function setupTwoFactor()
    {
        $user = auth()->user();

        if ($user->google_2fa_secret) 
            return response()->json(['message' => '2FA already enabled'], 400);
        elseif(! $user->phone)
            return response()->json(['message' => ctrans('texts.set_phone_for_two_factor')], 400);
        elseif(! $user->isVerified())
            return response()->json(['message' => 'Please confirm your account first'], 400);

        $google2fa = new Google2FA();
        $secret = $google2fa->generateSecretKey();
         
        $qr_code = $google2fa->getQRCodeUrl(
            config('ninja.app_name'),
            $user->email,
            $secret
        );

        $data = [
            'secret' => $secret,
            'qrCode' => $qr_code,
        ];

        return response()->json(['data' => $data], 200);
        
    }

    public function enableTwoFactor()
    {
        $google2fa = new Google2FA();

        $user = auth()->user();
        $secret = request()->input('secret');
        $oneTimePassword = request()->input('one_time_password');

        if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){

            $user->google_2fa_secret = encrypt($secret);

            $user->save();
        
            return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);

        } elseif (! $secret || ! $google2fa->verifyKey($secret, $oneTimePassword)) {

            return response()->json(['message' => ctrans('texts.invalid_one_time_password')], 400);

        } 
            
        return response()->json(['message' => 'No phone record or user is not confirmed'], 400);
        
    }
    
    public function disableTwoFactor()
    {
        $user = auth()->user();
        $user->google_2fa_secret = null;
        $user->save();

        return $this->itemResponse($user);
    }
}
Working on 2FA 2021-02-20 11:45:20 +11:00			`<?php`
			`/**`
			`* Invoice Ninja (https://invoiceninja.com).`
			`*`
			`* @link https://github.com/invoiceninja/invoiceninja source repository`
			`*`
			`* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)`
			`*`
Update license in codebase 2021-06-16 16:58:16 +10:00			`* @license https://www.elastic.co/licensing/elastic-license`
Working on 2FA 2021-02-20 11:45:20 +11:00			`*/`

			`namespace App\Http\Controllers;`

			`use PragmaRX\Google2FA\Google2FA;`
			`use Crypt;`

			`class TwoFactorController extends BaseController`
			`{`
			`public function setupTwoFactor()`
			`{`
			`$user = auth()->user();`

			`if ($user->google_2fa_secret)`
			`return response()->json(['message' => '2FA already enabled'], 400);`
			`elseif(! $user->phone)`
			`return response()->json(['message' => ctrans('texts.set_phone_for_two_factor')], 400);`
Fixes for 2FA 2021-03-08 07:49:33 +11:00			`elseif(! $user->isVerified())`
Working on 2FA 2021-02-20 11:45:20 +11:00			`return response()->json(['message' => 'Please confirm your account first'], 400);`

			`$google2fa = new Google2FA();`
			`$secret = $google2fa->generateSecretKey();`

Minor fix for 2fa method name 2021-03-09 07:46:30 +11:00			`$qr_code = $google2fa->getQRCodeUrl(`
Bug fix for TwoFactorController 2021-02-24 10:00:51 +11:00			`config('ninja.app_name'),`
Working on 2FA 2021-02-20 11:45:20 +11:00			`$user->email,`
			`$secret`
			`);`

			`$data = [`
			`'secret' => $secret,`
Fixes for qr code" 2021-03-09 21:53:25 +11:00			`'qrCode' => $qr_code,`
Working on 2FA 2021-02-20 11:45:20 +11:00			`];`

			`return response()->json(['data' => $data], 200);`

			`}`

			`public function enableTwoFactor()`
			`{`
Fixes for 2FA 2021-03-15 08:40:07 +11:00			`$google2fa = new Google2FA();`

Working on 2FA 2021-02-20 11:45:20 +11:00			`$user = auth()->user();`
			`$secret = request()->input('secret');`
			`$oneTimePassword = request()->input('one_time_password');`

Fixes for 2FA 2021-03-16 22:47:14 +11:00			`if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){`
Fixes for 2FA 2021-03-16 09:33:55 +11:00
Working on 2FA 2021-02-20 11:45:20 +11:00			`$user->google_2fa_secret = encrypt($secret);`
Fixes for 2fa 2021-03-18 22:46:58 +11:00
Working on 2FA 2021-02-20 11:45:20 +11:00			`$user->save();`
Fixes for 2FA 2021-03-16 09:33:55 +11:00
			`return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);`

			`} elseif (! $secret \|\| ! $google2fa->verifyKey($secret, $oneTimePassword)) {`
Working on 2FA 2021-02-20 11:45:20 +11:00
Throw 400's on incorrect 2FA data 2021-03-17 00:40:58 +11:00			`return response()->json(['message' => ctrans('texts.invalid_one_time_password')], 400);`
Fixes for 2FA 2021-03-16 09:33:55 +11:00
			`}`

Throw 400's on incorrect 2FA data 2021-03-17 00:40:58 +11:00			`return response()->json(['message' => 'No phone record or user is not confirmed'], 400);`
Fixes for 2FA 2021-03-16 09:33:55 +11:00
Working on 2FA 2021-02-20 11:45:20 +11:00			`}`
Fixes for 2FA 2021-03-16 09:33:55 +11:00
Add specific route for disabling 2FA 2021-06-06 19:21:05 +10:00			`public function disableTwoFactor()`
			`{`
			`$user = auth()->user();`
			`$user->google_2fa_secret = null;`
			`$user->save();`

			`return $this->itemResponse($user);`
			`}`
Working on 2FA 2021-02-20 11:45:20 +11:00			`}`