/** * Validates the Two Factor token. * * This feels very hacky, but we have to juggle authentication and codes. * * @return \Illuminate\Http\RedirectResponse */ public function postTwoFactor() { // Check that we have a session. if ($userId = Session::pull('2fa_id')) { $code = Binput::get('code'); // Maybe a temp login here. Auth::loginUsingId($userId); $valid = Google2FA::verifyKey(Auth::user()->google_2fa_secret, $code); if ($valid) { return Redirect::intended('dashboard'); } else { // Failed login, log back out. Auth::logout(); return Redirect::route('auth.login')->withError(trans('forms.login.invalid-token')); } } return Redirect::route('auth.login')->withError(trans('forms.login.invalid-token')); }
/** * Validates the 2FA code. * * @param Request $request * @return Response */ public function postTwoFactorAuthentication(Request $request) { $user_id = Session::pull('2fa_user_id'); $remember = Session::pull('2fa_login_remember'); if ($user_id) { $auth = Auth::guard($this->getGuard()); $auth->loginUsingId($user_id, $remember); if (Google2FA::verifyKey($auth->user()->google2fa_secret, $request->get('2fa_code'))) { return $this->handleUserWasAuthenticated($request, true); } $auth->logout(); return redirect()->route('login')->withError(Lang::get('auth.invalid_code')); } return redirect()->route('login')->withError(Lang::get('auth.invalid_code')); }
/** * Activates two factor authentication. * @param Request $request * @return Response */ public function twoFactor(Request $request) { $secret = null; if ($request->has('two_factor')) { $secret = $request->get('google_code'); if (!Google2FA::verifyKey($secret, $request->get('2fa_code'))) { $secret = null; return redirect()->back()->withInput($request->only('google_code', 'two_factor'))->withError(Lang::get('auth.invalid_code')); } } $user = Auth::user(); $user->google2fa_secret = $secret; $user->save(); return redirect()->to('/'); }