/** * Modify the value. * * @param $value * @return bool */ public function modify($value) { if ($value == 'enable') { $twofa = new Google2FA(); return $twofa->generateSecretKey(32); } else { return $value; } }
/** * Return an HTML mailto link. * * @param null|string $text * @return null|string */ public function qr_code() { if (!($user = $this->object->getEntry())) { return null; } $twofa = new Google2FA(); $url = $twofa->getQRCodeGoogleUrl('The%20Linden%20Tree', $user->email, $this->object->getValue()); return $this->html->image($url); }
public function index(Redirector $redirect, Repository $config) { $secret = $this->request->input('twofa'); $twofa = new Google2FA(); $valid = $twofa->verifyKey(\Auth::user()->twofa_secret, $secret); if ($valid === false) { $this->messages->error('Your code was not accepted. Please try again'); } else { $this->request->session()->put('minioak::twofa::authenticated', true); } return $redirect->to($config->get('anomaly.module.users::paths.home', 'admin/dashboard')); }
public function timebasedPost(Request $request, $user_id, Google2FA $google2fa) { $user = User::findOrFail($user_id); if ($user->id != Auth::id() && !Auth::user()->can('board')) { abort(403); } $code = $request->input('2facode'); $secret = $request->input('2fakey'); if ($google2fa->verifyKey($secret, $code)) { $user->tfa_totp_key = $secret; $user->save(); $request->session()->flash('flash_message', 'Time-Based 2 Factor Authentication enabled!'); return Redirect::route('user::dashboard', ['id' => $user->id]); } else { $request->session()->flash('flash_message', 'The code you entered is not correct. Remove the account from your 2FA app and try again.'); return Redirect::route('user::dashboard', ['id' => $user->id]); } }
/** * Display the dashboard for a specific user. * * @param int $id * @return \Illuminate\Http\Response */ public function show($id = null) { if ($id == null) { $id = Auth::id(); } $user = User::find($id); if ($user == null) { abort(404); } if ($user->id != Auth::id() && !Auth::user()->can('board')) { abort(403); } $qrcode = null; $tfakey = null; if (!$user->tfa_totp_key) { $google2fa = new Google2FA(); $tfakey = $google2fa->generateSecretKey(32); $qrcode = $google2fa->getQRCodeGoogleUrl('S.A.%20Proto', str_replace(' ', '%20', $user->name), $tfakey); } $utwente = $user->getUtwenteData(); return view('users.dashboard.dashboard', ['user' => $user, 'tfa_qrcode' => $qrcode, 'tfa_key' => $tfakey, 'utwente' => $utwente]); }
/** * Handle a login request to the application. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ public function login(Request $request) { $this->validate($request, ['email' => 'required|email', 'password' => 'required']); if ($lockedOut = $this->hasTooManyLoginAttempts($request)) { $this->fireLockoutEvent($request); return $this->sendLockoutResponse($request); } // Is the email & password valid? if (!Auth::attempt(['email' => $request->input('email'), 'password' => $request->input('password')], $request->has('remember'))) { if (!$lockedOut) { $this->incrementLoginAttempts($request); } return $this->sendFailedLoginResponse($request); } $G2FA = new Google2FA(); $user = User::select('use_totp', 'totp_secret')->where('email', $request->input('email'))->first(); // Verify TOTP Token was Valid if ($user->use_totp === 1) { if (!$G2FA->verifyKey($user->totp_secret, $request->input('totp_token'))) { Auth::logout(); if (!$lockedOut) { $this->incrementLoginAttempts($request); } Alert::danger(trans('auth.totp_failed'))->flash(); return $this->sendFailedLoginResponse($request); } } return $this->sendLoginResponse($request); }
public function postLogin(Request $request, Google2FA $google2fa) { if (Auth::check()) { return Redirect::route('homepage'); } else { if ($request->session()->has('2fa_user') && ($request->has('2fa_totp_token') || $request->has('2fa_yubikey_token'))) { if ($request->has('2fa_totp_token') && $request->has('2fa_yubikey_token')) { $request->session()->flash('flash_message', 'Please enter only one of the tokens.'); $request->session()->reflash(); return view('auth.2fa'); } elseif ($request->session()->get('2fa_user')->tfa_totp_key && $request->has('2fa_totp_token') && $request->input('2fa_totp_token') != '') { // Catching Two Factor Authentication attempt if ($google2fa->verifyKey($request->session()->get('2fa_user')->tfa_totp_key, $request->input('2fa_totp_token'))) { Auth::login($request->session()->get('2fa_user'), $request->session()->get('2fa_remember')); return Redirect::intended(route('homepage')); } else { $request->session()->flash('flash_message', 'Invalid TOTP. Please try again.'); $request->session()->reflash(); return view('auth.2fa'); } } elseif ($request->session()->get('2fa_user')->tfa_yubikey_identity && $request->has('2fa_yubikey_token') && $request->input('2fa_yubikey_token') != '') { try { if (Yubikey::verify($request->input('2fa_yubikey_token'))) { Auth::login($request->session()->get('2fa_user'), $request->session()->get('2fa_remember')); return Redirect::intended(route('homepage')); } else { $request->session()->flash('flash_message', 'Invalid YubiKey token. Please try again.'); $request->session()->reflash(); return view('auth.2fa'); } } catch (\Exception $e) { $request->session()->flash('flash_message', $e->getMessage()); $request->session()->reflash(); return view('auth.2fa'); } } else { $request->session()->flash('flash_message', 'Invalid authentication attempt. Try again.'); $request->session()->reflash(); return view('auth.2fa'); } } else { // This is the real deal! $username = $request->input('email'); $password = $request->input('password'); $remember = $request->input('remember'); $user = AuthController::verifyCredentials($username, $password); if ($user) { // Catch users that have 2FA enabled. if ($user->tfa_totp_key || $user->tfa_yubikey_identity) { $request->session()->flash('2fa_user', $user); $request->session()->flash('2fa_remember', $remember); return view('auth.2fa'); } else { Auth::login($user, $remember); return Redirect::intended(route('homepage')); } } } } $request->session()->flash('flash_message', 'Invalid username of password provided.'); return Redirect::route('login::show'); }
/** * Verify OTP Key. * * @param string $secret * @param string $code * @return boolean */ protected function verifykey($secret, $code) { return $this->twofactor->verifyKey($secret, $code); }