2017-08-31 02:11:14 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Pterodactyl\Services\Users;
|
|
|
|
|
|
2017-11-18 18:35:33 +00:00
|
|
|
use Carbon\Carbon;
|
2017-08-31 02:14:20 +00:00
|
|
|
use Pterodactyl\Models\User;
|
2017-11-18 18:35:33 +00:00
|
|
|
use PragmaRX\Google2FA\Google2FA;
|
|
|
|
|
use Illuminate\Contracts\Config\Repository;
|
|
|
|
|
use Illuminate\Contracts\Encryption\Encrypter;
|
2017-08-31 02:11:14 +00:00
|
|
|
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
|
|
|
|
|
use Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid;
|
|
|
|
|
|
|
|
|
|
class ToggleTwoFactorService
|
|
|
|
|
{
|
|
|
|
|
/**
|
2017-11-18 18:35:33 +00:00
|
|
|
* @var \Illuminate\Contracts\Config\Repository
|
2017-08-31 02:11:14 +00:00
|
|
|
*/
|
2017-11-18 18:35:33 +00:00
|
|
|
private $config;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @var \Illuminate\Contracts\Encryption\Encrypter
|
|
|
|
|
*/
|
|
|
|
|
private $encrypter;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @var \PragmaRX\Google2FA\Google2FA
|
|
|
|
|
*/
|
|
|
|
|
private $google2FA;
|
2017-08-31 02:11:14 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
|
|
|
|
|
*/
|
2017-11-18 18:35:33 +00:00
|
|
|
private $repository;
|
2017-08-31 02:11:14 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ToggleTwoFactorService constructor.
|
|
|
|
|
*
|
2019-09-06 04:32:57 +00:00
|
|
|
* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
|
|
|
|
|
* @param \PragmaRX\Google2FA\Google2FA $google2FA
|
|
|
|
|
* @param \Illuminate\Contracts\Config\Repository $config
|
2017-08-31 02:11:14 +00:00
|
|
|
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
|
|
|
|
|
*/
|
|
|
|
|
public function __construct(
|
2017-11-18 18:35:33 +00:00
|
|
|
Encrypter $encrypter,
|
2017-08-31 02:11:14 +00:00
|
|
|
Google2FA $google2FA,
|
2017-11-18 18:35:33 +00:00
|
|
|
Repository $config,
|
2017-08-31 02:11:14 +00:00
|
|
|
UserRepositoryInterface $repository
|
|
|
|
|
) {
|
2017-11-18 18:35:33 +00:00
|
|
|
$this->config = $config;
|
|
|
|
|
$this->encrypter = $encrypter;
|
2017-08-31 02:11:14 +00:00
|
|
|
$this->google2FA = $google2FA;
|
|
|
|
|
$this->repository = $repository;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2017-11-18 18:35:33 +00:00
|
|
|
* Toggle 2FA on an account only if the token provided is valid.
|
|
|
|
|
*
|
|
|
|
|
* @param \Pterodactyl\Models\User $user
|
2019-09-06 04:32:57 +00:00
|
|
|
* @param string $token
|
|
|
|
|
* @param bool|null $toggleState
|
2017-08-31 02:11:14 +00:00
|
|
|
* @return bool
|
|
|
|
|
*
|
|
|
|
|
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
|
|
|
|
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
|
|
|
|
* @throws \Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid
|
|
|
|
|
*/
|
2017-11-18 18:35:33 +00:00
|
|
|
public function handle(User $user, string $token, bool $toggleState = null): bool
|
2017-08-31 02:11:14 +00:00
|
|
|
{
|
2017-11-18 18:35:33 +00:00
|
|
|
$window = $this->config->get('pterodactyl.auth.2fa.window');
|
|
|
|
|
$secret = $this->encrypter->decrypt($user->totp_secret);
|
|
|
|
|
|
|
|
|
|
$isValidToken = $this->google2FA->verifyKey($secret, $token, $window);
|
2017-08-31 02:11:14 +00:00
|
|
|
|
2017-11-18 18:35:33 +00:00
|
|
|
if (! $isValidToken) {
|
2017-08-31 02:11:14 +00:00
|
|
|
throw new TwoFactorAuthenticationTokenInvalid;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-05 22:33:50 +00:00
|
|
|
$this->repository->withoutFreshModel()->update($user->id, [
|
2017-11-18 18:35:33 +00:00
|
|
|
'totp_authenticated_at' => Carbon::now(),
|
2017-08-31 02:11:14 +00:00
|
|
|
'use_totp' => (is_null($toggleState) ? ! $user->use_totp : $toggleState),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
