diff --git a/app/Http/Controllers/Base/SecurityController.php b/app/Http/Controllers/Base/SecurityController.php
index 3bb85a0b5..8b5971418 100644
--- a/app/Http/Controllers/Base/SecurityController.php
+++ b/app/Http/Controllers/Base/SecurityController.php
@@ -3,6 +3,7 @@
namespace Pterodactyl\Http\Controllers\Base;
use Illuminate\Http\Request;
+use Illuminate\Http\JsonResponse;
use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Services\Users\TwoFactorSetupService;
@@ -62,36 +63,28 @@ class SecurityController extends Controller
}
/**
- * Returns Security Management Page.
- *
- * @param \Illuminate\Http\Request $request
- * @return \Illuminate\View\View
- */
- public function index(Request $request)
- {
- if ($this->config->get('session.driver') === 'database') {
- $activeSessions = $this->repository->getUserSessions($request->user()->id);
- }
-
- return view('base.security', [
- 'sessions' => $activeSessions ?? null,
- ]);
- }
-
- /**
- * Generates TOTP Secret and returns popup data for user to verify
- * that they can generate a valid response.
+ * Return information about the user's two-factor authentication status. If not enabled setup their
+ * secret and return information to allow the user to proceede with setup.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse
- *
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
- public function generateTotp(Request $request)
+ public function index(Request $request): JsonResponse
{
- return response()->json([
- 'qrImage' => $this->twoFactorSetupService->handle($request->user()),
+ if ($request->user()->use_totp) {
+ return JsonResponse::create([
+ 'enabled' => true,
+ ]);
+ }
+
+ $response = $this->twoFactorSetupService->handle($request->user());
+
+ return JsonResponse::create([
+ 'enabled' => false,
+ 'qr_image' => $response->get('image'),
+ 'secret' => $response->get('secret'),
]);
}
@@ -99,53 +92,43 @@ class SecurityController extends Controller
* Verifies that 2FA token received is valid and will work on the account.
*
* @param \Illuminate\Http\Request $request
- * @return \Illuminate\Http\Response
+ * @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
- public function setTotp(Request $request)
+ public function store(Request $request): JsonResponse
{
try {
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '');
-
- return response('true');
} catch (TwoFactorAuthenticationTokenInvalid $exception) {
- return response('false');
+ $error = true;
}
+
+ return JsonResponse::create([
+ 'success' => ! isset($error),
+ ]);
}
/**
* Disables TOTP on an account.
*
* @param \Illuminate\Http\Request $request
- * @return \Illuminate\Http\RedirectResponse
+ * @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
- public function disableTotp(Request $request)
+ public function delete(Request $request): JsonResponse
{
try {
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '', false);
} catch (TwoFactorAuthenticationTokenInvalid $exception) {
- $this->alert->danger(trans('base.security.2fa_disable_error'))->flash();
+ $error = true;
}
- return redirect()->route('account.security');
- }
-
- /**
- * Revokes a user session.
- *
- * @param \Illuminate\Http\Request $request
- * @param string $id
- * @return \Illuminate\Http\RedirectResponse
- */
- public function revoke(Request $request, string $id)
- {
- $this->repository->deleteUserSession($request->user()->id, $id);
-
- return redirect()->route('account.security');
+ return JsonResponse::create([
+ 'success' => ! isset($error),
+ ]);
}
}
diff --git a/app/Services/Users/TwoFactorSetupService.php b/app/Services/Users/TwoFactorSetupService.php
index 4d2ecff8a..6c8de157c 100644
--- a/app/Services/Users/TwoFactorSetupService.php
+++ b/app/Services/Users/TwoFactorSetupService.php
@@ -11,17 +11,12 @@ namespace Pterodactyl\Services\Users;
use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA;
+use Illuminate\Support\Collection;
use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
-use Illuminate\Contracts\Config\Repository as ConfigRepository;
class TwoFactorSetupService
{
- /**
- * @var \Illuminate\Contracts\Config\Repository
- */
- private $config;
-
/**
* @var \Illuminate\Contracts\Encryption\Encrypter
*/
@@ -40,18 +35,15 @@ class TwoFactorSetupService
/**
* TwoFactorSetupService constructor.
*
- * @param \Illuminate\Contracts\Config\Repository $config
* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
* @param \PragmaRX\Google2FA\Google2FA $google2FA
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
*/
public function __construct(
- ConfigRepository $config,
Encrypter $encrypter,
Google2FA $google2FA,
UserRepositoryInterface $repository
) {
- $this->config = $config;
$this->encrypter = $encrypter;
$this->google2FA = $google2FA;
$this->repository = $repository;
@@ -62,20 +54,23 @@ class TwoFactorSetupService
* QR code image.
*
* @param \Pterodactyl\Models\User $user
- * @return string
+ * @return \Illuminate\Support\Collection
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
- public function handle(User $user): string
+ public function handle(User $user): Collection
{
- $secret = $this->google2FA->generateSecretKey($this->config->get('pterodactyl.auth.2fa.bytes'));
- $image = $this->google2FA->getQRCodeGoogleUrl($this->config->get('app.name'), $user->email, $secret);
+ $secret = $this->google2FA->generateSecretKey(config('pterodactyl.auth.2fa.bytes'));
+ $image = $this->google2FA->getQRCodeGoogleUrl(config('app.name'), $user->email, $secret);
$this->repository->withoutFreshModel()->update($user->id, [
'totp_secret' => $this->encrypter->encrypt($secret),
]);
- return $image;
+ return new Collection([
+ 'image' => $image,
+ 'secret' => $secret,
+ ]);
}
}
diff --git a/resources/assets/scripts/components/dashboard/Account.vue b/resources/assets/scripts/components/dashboard/Account.vue
index c40a63b4f..0f2d882b7 100644
--- a/resources/assets/scripts/components/dashboard/Account.vue
+++ b/resources/assets/scripts/components/dashboard/Account.vue
@@ -3,7 +3,7 @@
{{ errors.first('token') }}
+{{ $t('dashboard.account.two_factor.setup.help') }}
+{{response.secret}}
{{ errors.first('token') }}
+