misc_pterodactyl-panel/app/Http/Controllers/Api/Client/TwoFactorController.php

106 lines
3.4 KiB
PHP
Raw Normal View History

<?php
namespace Pterodactyl\Http\Controllers\Api\Client;
use Carbon\Carbon;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Http\JsonResponse;
use Illuminate\Contracts\Validation\Factory;
use Illuminate\Validation\ValidationException;
use Pterodactyl\Services\Users\TwoFactorSetupService;
use Pterodactyl\Services\Users\ToggleTwoFactorService;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
class TwoFactorController extends ClientApiController
{
2021-03-05 17:03:12 +00:00
private ToggleTwoFactorService $toggleTwoFactorService;
private TwoFactorSetupService $setupService;
private Factory $validation;
/**
* TwoFactorController constructor.
*/
public function __construct(
ToggleTwoFactorService $toggleTwoFactorService,
TwoFactorSetupService $setupService,
Factory $validation
) {
parent::__construct();
2021-03-05 17:03:12 +00:00
$this->toggleTwoFactorService = $toggleTwoFactorService;
$this->setupService = $setupService;
$this->validation = $validation;
}
/**
* Returns two-factor token credentials that allow a user to configure
* it on their account. If two-factor is already enabled this endpoint
* will return a 400 error.
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
2021-03-05 17:03:12 +00:00
public function index(Request $request): JsonResponse
{
2020-06-27 18:06:35 +00:00
if ($request->user()->use_totp) {
throw new BadRequestHttpException('Two-factor authentication is already enabled on this account.');
}
2020-06-27 18:06:35 +00:00
return new JsonResponse([
'data' => $this->setupService->handle($request->user()),
]);
}
/**
* Updates a user's account to have two-factor enabled.
*
2021-03-05 17:03:12 +00:00
* @throws \Throwable
* @throws \Illuminate\Validation\ValidationException
* @throws \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException
* @throws \PragmaRX\Google2FA\Exceptions\InvalidCharactersException
* @throws \PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException
* @throws \Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid
*/
2021-03-05 17:03:12 +00:00
public function store(Request $request): JsonResponse
{
$validator = $this->validation->make($request->all(), [
'code' => 'required|string',
]);
if ($validator->fails()) {
throw new ValidationException($validator);
}
$tokens = $this->toggleTwoFactorService->handle($request->user(), $request->input('code'), true);
return new JsonResponse([
'object' => 'recovery_tokens',
'attributes' => [
'tokens' => $tokens,
],
]);
}
/**
* Disables two-factor authentication on an account if the password provided
* is valid.
*/
2021-03-06 22:53:45 +00:00
public function delete(Request $request): Response
{
2021-01-23 20:33:34 +00:00
if (!password_verify($request->input('password') ?? '', $request->user()->password)) {
throw new BadRequestHttpException('The password provided was not valid.');
}
/** @var \Pterodactyl\Models\User $user */
$user = $request->user();
$user->update([
'totp_authenticated_at' => Carbon::now(),
'use_totp' => false,
]);
2021-03-05 17:03:12 +00:00
return $this->returnNoContent();
}
}