setupService = $setupService; $this->validation = $validation; $this->toggleTwoFactorService = $toggleTwoFactorService; } /** * Returns two-factor token credentials that allow a user to configure * it on their account. If two-factor is already enabled this endpoint * will return a 400 error. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\JsonResponse * * @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException */ public function index(Request $request) { if ($request->user()->use_totp) { throw new BadRequestHttpException('Two-factor authentication is already enabled on this account.'); } return new JsonResponse([ 'data' => [ 'image_url_data' => $this->setupService->handle($request->user()), ], ]); } /** * Updates a user's account to have two-factor enabled. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\JsonResponse * * @throws \Illuminate\Validation\ValidationException * @throws \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException * @throws \PragmaRX\Google2FA\Exceptions\InvalidCharactersException * @throws \PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException * @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException * @throws \Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid */ public function store(Request $request) { $validator = $this->validation->make($request->all(), [ 'code' => 'required|string', ]); if ($validator->fails()) { throw new ValidationException($validator); } $this->toggleTwoFactorService->handle($request->user(), $request->input('code'), true); return new JsonResponse([], Response::HTTP_NO_CONTENT); } /** * Disables two-factor authentication on an account if the password provided * is valid. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\JsonResponse */ public function delete(Request $request) { if (! password_verify($request->input('password') ?? '', $request->user()->password)) { throw new BadRequestHttpException( 'The password provided was not valid.' ); } /** @var \Pterodactyl\Models\User $user */ $user = $request->user(); $user->update([ 'totp_authenticated_at' => Carbon::now(), 'use_totp' => false, ]); return new JsonResponse([], Response::HTTP_NO_CONTENT); } }