Skynet/misc_pterodactyl-panel
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

webauthn: update login flow to support other 2fa methods

Browse source
This commit is contained in:
Matthew Penner 2021-07-17 12:48:14 -06:00
parent 42a3e740ba
commit 31c2ef5279
13 changed files with 255 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

14
app/Http/Controllers/Auth/LoginController.php
View file

@ -17,11 +17,11 @@ use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
class LoginController extends AbstractLoginController
{
/**
* @var string
*/
private const SESSION_PUBLICKEY_REQUEST = 'webauthn.publicKeyRequest';
private const METHOD_TOTP = 'totp';
private const METHOD_WEBAUTHN = 'webauthn';
private CacheRepository $cache;
private UserRepositoryInterface $repository;
private ViewFactory $view;
@ -61,7 +61,7 @@ class LoginController extends AbstractLoginController
* @throws \Pterodactyl\Exceptions\DisplayException
* @throws \Illuminate\Validation\ValidationException
*/
public function login(Request $request): JsonResponse
public function login(Request $request)
{
$username = $request->input('user');
$useColumn = $this->getField($username);
@ -99,9 +99,9 @@ class LoginController extends AbstractLoginController
$request->session()->put(self::SESSION_PUBLICKEY_REQUEST, $publicKey);
$request->session()->save();
$methods = ['webauthn'];
$methods = [ self::METHOD_WEBAUTHN ];
if ($user->use_totp) {
$methods[] = 'totp';
$methods[] = self::METHOD_TOTP;
}
return new JsonResponse([
@ -118,7 +118,7 @@ class LoginController extends AbstractLoginController
return new JsonResponse([
'complete' => false,
'methods' => ['totp'],
'methods' => [ self::METHOD_TOTP ],
'confirmation_token' => $token,
]);
}