Fix failing tests related to these changes
This commit is contained in:
parent
341ff6e178
commit
e683c0a518
5 changed files with 90 additions and 4 deletions
|
@ -74,7 +74,7 @@ class LoginController extends AbstractLoginController
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$user->use_totp && empty($user->securityKeys)) {
|
if (!$user->use_totp && $user->securityKeys->isEmpty()) {
|
||||||
return $this->sendLoginResponse($user, $request);
|
return $this->sendLoginResponse($user, $request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -89,12 +89,12 @@ class LoginController extends AbstractLoginController
|
||||||
'complete' => false,
|
'complete' => false,
|
||||||
'methods' => array_values(array_filter([
|
'methods' => array_values(array_filter([
|
||||||
$user->use_totp ? self::METHOD_TOTP : null,
|
$user->use_totp ? self::METHOD_TOTP : null,
|
||||||
!empty($user->securityKeys) ? self::METHOD_WEBAUTHN : null,
|
$user->securityKeys->isNotEmpty() ? self::METHOD_WEBAUTHN : null,
|
||||||
])),
|
])),
|
||||||
'confirmation_token' => $token,
|
'confirmation_token' => $token,
|
||||||
];
|
];
|
||||||
|
|
||||||
if (!empty($user->securityKeys)) {
|
if ($user->securityKeys->isNotEmpty()) {
|
||||||
$key = $this->service->handle($user);
|
$key = $this->service->handle($user);
|
||||||
|
|
||||||
$request->session()->put(SecurityKey::PK_SESSION_NAME, $key);
|
$request->session()->put(SecurityKey::PK_SESSION_NAME, $key);
|
||||||
|
|
|
@ -55,7 +55,7 @@ class RequireTwoFactorAuthentication
|
||||||
// send them right through, nothing else needs to be checked.
|
// send them right through, nothing else needs to be checked.
|
||||||
//
|
//
|
||||||
// If the level is set as admin and the user is not an admin, pass them through as well.
|
// If the level is set as admin and the user is not an admin, pass them through as well.
|
||||||
if ($level === self::LEVEL_NONE || ($user->use_totp || !empty($user->securityKeys))) {
|
if ($level === self::LEVEL_NONE || ($user->use_totp || $user->securityKeys->isNotEmpty())) {
|
||||||
return $next($request);
|
return $next($request);
|
||||||
} elseif ($level === self::LEVEL_ADMIN && !$user->root_admin) {
|
} elseif ($level === self::LEVEL_ADMIN && !$user->root_admin) {
|
||||||
return $next($request);
|
return $next($request);
|
||||||
|
|
39
database/Factories/SecurityKeyFactory.php
Normal file
39
database/Factories/SecurityKeyFactory.php
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Database\Factories;
|
||||||
|
|
||||||
|
use Ramsey\Uuid\Uuid;
|
||||||
|
use Pterodactyl\Models\User;
|
||||||
|
use Webauthn\TrustPath\EmptyTrustPath;
|
||||||
|
use Illuminate\Database\Eloquent\Factories\Factory;
|
||||||
|
|
||||||
|
class SecurityKeyFactory extends Factory
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Define the model's default state.
|
||||||
|
*/
|
||||||
|
public function definition(): array
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
'uuid' => Uuid::uuid4()->toString(),
|
||||||
|
'name' => $this->faker->word,
|
||||||
|
'type' => 'public-key',
|
||||||
|
'transports' => [],
|
||||||
|
'attestation_type' => 'none',
|
||||||
|
'trust_path' => new EmptyTrustPath(),
|
||||||
|
'counter' => 0,
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param \Pterodactyl\Models\User $user
|
||||||
|
* @return $this
|
||||||
|
*/
|
||||||
|
public function withUser(User $user): self
|
||||||
|
{
|
||||||
|
return $this->state([
|
||||||
|
'user_id' => $user->id,
|
||||||
|
'user_handle' => $user->uuid,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,46 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
use Illuminate\Database\Migrations\Migration;
|
||||||
|
use Illuminate\Database\Schema\Blueprint;
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
|
||||||
|
class DropWebauthnKeysTable extends Migration
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Run the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function up()
|
||||||
|
{
|
||||||
|
Schema::dropIfExists('webauthn_keys');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reverse the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function down()
|
||||||
|
{
|
||||||
|
// Copied from 2019_03_29_163611_add_webauthn
|
||||||
|
Schema::create('webauthn_keys', function (Blueprint $table) {
|
||||||
|
$table->increments('id');
|
||||||
|
$table->unsignedInteger('user_id');
|
||||||
|
|
||||||
|
$table->string('name')->default('key');
|
||||||
|
$table->string('credentialId', 255);
|
||||||
|
$table->string('type', 255);
|
||||||
|
$table->text('transports');
|
||||||
|
$table->string('attestationType', 255);
|
||||||
|
$table->text('trustPath');
|
||||||
|
$table->text('aaguid');
|
||||||
|
$table->text('credentialPublicKey');
|
||||||
|
$table->integer('counter');
|
||||||
|
$table->timestamps();
|
||||||
|
|
||||||
|
$table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
|
||||||
|
$table->index('credentialId');
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
|
@ -108,6 +108,7 @@ class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
|
||||||
$this->assertFalse($user->use_totp);
|
$this->assertFalse($user->use_totp);
|
||||||
$this->assertEmpty($user->totp_secret);
|
$this->assertEmpty($user->totp_secret);
|
||||||
$this->assertEmpty($user->totp_authenticated_at);
|
$this->assertEmpty($user->totp_authenticated_at);
|
||||||
|
$this->assertEmpty($user->securityKeys);
|
||||||
|
|
||||||
$this->request->shouldReceive('getRequestUri')->withNoArgs()->andReturn('/');
|
$this->request->shouldReceive('getRequestUri')->withNoArgs()->andReturn('/');
|
||||||
$this->request->shouldReceive('route->getName')->withNoArgs()->andReturn(null);
|
$this->request->shouldReceive('route->getName')->withNoArgs()->andReturn(null);
|
||||||
|
|
Loading…
Reference in a new issue