Working attempt, but will try with old library for mininal footprint

2024-09-19 23:37:38 -07:00 · 2019-03-19 23:18:16 -07:00 · 2019-03-19 23:18:16 -07:00 · a874dbb0d0
parent 0614ab4362
commit a874dbb0d0
5 changed files with 327 additions and 319 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -15,7 +15,9 @@ use Input;
 use Redirect;
 use Log;
 use View;
-use PragmaRX\Google2FA\Google2FA;
+use Otp\Otp;
+use Otp\GoogleAuthenticator;
+use ParagonIE\ConstantTime\Encoding;

 /**
 * This controller handles authentication for the user, including local
@ -213,22 +215,24 @@ class LoginController extends Controller
            return redirect()->route('login')->with('error', 'You must be logged in.');
        }

-        $user = Auth::user();
-        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');

-        if ($user->two_factor_secret=='') {
-            $user->two_factor_secret = $google2fa->generateSecretKey(32);
-            $user->save();
+        $settings = Setting::getSettings();
+        $user = Auth::user();
+
+        if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
+            return redirect()->route('two-factor')->with('error', 'Your device is already enrolled.');
        }


-        $google2fa_url = $google2fa->getQRCodeGoogleUrl(
-            urlencode(Setting::getSettings()->site_name),
-            urlencode($user->username),
-            $user->two_factor_secret
-        );

-        return view('auth.two_factor_enroll')->with('google2fa_url', $google2fa_url);
+        new Otp();
+        $secret = GoogleAuthenticator::generateRandom();
+        $user->two_factor_secret = $secret;
+        $user->save();
+
+        $barcode = new \Com\Tecnick\Barcode\Barcode();
+        $barcode_obj =  $barcode->getBarcodeObj('QRCODE', 'otpauth://totp/'.urlencode($settings->site_name).':'.urlencode($user->username).'?secret='.urlencode($secret).'&issuer=Snipe-IT&period=30', 300, 300, 'black', array(-2, -2, -2, -2));
+        return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);

    }

@ -255,18 +259,23 @@ class LoginController extends Controller
            return redirect()->route('login')->with('error', 'You must be logged in.');
        }

-        $user = Auth::user();
-        $secret = $request->get('two_factor_secret');
-        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
-        $valid = $google2fa->verifyKey($user->two_factor_secret, $secret);
+        if (!$request->has('two_factor_secret')) {
+            return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
+        }

-        if ($valid) {
+        $user = Auth::user();
+        $otp = new Otp();
+
+
+
+        if ($otp->checkTotp(Encoding::base32DecodeUpper($user->two_factor_secret), $request->get('two_factor_secret'))) {
            $user->two_factor_enrolled = 1;
            $user->save();
            $request->session()->put('2fa_authed', 'true');
            return redirect()->route('home')->with('success', 'You are logged in!');
        }

+        \Log::debug('Did not match');
        return redirect()->route('two-factor')->with('error', 'Invalid two-factor code');


--- a/composer.json
+++ b/composer.json
@ -7,6 +7,7 @@
    "require": {
    "php": ">=5.6.4",
    "barryvdh/laravel-debugbar": "^2.4",
+    "christian-riesen/otp": "^2.6",
    "doctrine/cache": "^1.6",
    "doctrine/common": "^2.7",
    "doctrine/dbal": "^2.5.13",
@ -24,10 +25,10 @@
    "league/csv": "^8.1",
    "maknz/slack": "^1.7",
    "neitanod/forceutf8": "^2.0",
+    "paragonie/constant_time_encoding": "^1.0",
    "patchwork/utf8": "~1.2",
    "phpdocumentor/reflection-docblock": "3.2.2",
    "phpspec/prophecy": "1.6.2",
-    "pragmarx/google2fa": "^5.0",
    "predis/predis": "^1.1",
    "rollbar/rollbar-laravel": "2.4.1",
    "schuppo/password-strength": "~1.5",
--- a/composer.lock
+++ b/composer.lock
--- a/config/app.php
+++ b/config/app.php
@ -291,7 +291,6 @@ return [
        Collective\Html\HtmlServiceProvider::class,
        Spatie\Backup\BackupServiceProvider::class,
        Fideloper\Proxy\TrustedProxyServiceProvider::class,
-        PragmaRX\Google2FA\Vendor\Laravel\ServiceProvider::class,
        Laravel\Passport\PassportServiceProvider::class,
        Laravel\Tinker\TinkerServiceProvider::class,
        Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class,
@ -366,7 +365,6 @@ return [
        'Input' => Illuminate\Support\Facades\Input::class,
        'Form'      => Collective\Html\FormFacade::class,
        'Html'      => Collective\Html\HtmlFacade::class,
-        'Google2FA' => PragmaRX\Google2FA\Vendor\Laravel\Facade::class,
        'Debugbar' => Barryvdh\Debugbar\Facade::class,
        'Image'     => Intervention\Image\ImageManagerStatic::class,
        'Carbon' => Carbon\Carbon::class,
--- a/resources/views/auth/two_factor_enroll.blade.php
+++ b/resources/views/auth/two_factor_enroll.blade.php
@ -28,7 +28,7 @@
                                </div>

                                <div class="col-md-12 text-center">
-                                    <img src="{{ $google2fa_url }}" style="padding: 15px 0px 15px 0px">
+                                   {!!  $barcode_obj->getHtmlDiv() !!}
                                </div>

                            </div>