Working attempt, but will try with old library for mininal footprint

This commit is contained in:
snipe 2019-03-19 23:18:16 -07:00
parent 0614ab4362
commit a874dbb0d0
5 changed files with 327 additions and 319 deletions

View file

@ -15,7 +15,9 @@ use Input;
use Redirect;
use Log;
use View;
use PragmaRX\Google2FA\Google2FA;
use Otp\Otp;
use Otp\GoogleAuthenticator;
use ParagonIE\ConstantTime\Encoding;
/**
* This controller handles authentication for the user, including local
@ -213,22 +215,24 @@ class LoginController extends Controller
return redirect()->route('login')->with('error', 'You must be logged in.');
}
$user = Auth::user();
$google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
if ($user->two_factor_secret=='') {
$user->two_factor_secret = $google2fa->generateSecretKey(32);
$user->save();
$settings = Setting::getSettings();
$user = Auth::user();
if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
return redirect()->route('two-factor')->with('error', 'Your device is already enrolled.');
}
$google2fa_url = $google2fa->getQRCodeGoogleUrl(
urlencode(Setting::getSettings()->site_name),
urlencode($user->username),
$user->two_factor_secret
);
return view('auth.two_factor_enroll')->with('google2fa_url', $google2fa_url);
new Otp();
$secret = GoogleAuthenticator::generateRandom();
$user->two_factor_secret = $secret;
$user->save();
$barcode = new \Com\Tecnick\Barcode\Barcode();
$barcode_obj = $barcode->getBarcodeObj('QRCODE', 'otpauth://totp/'.urlencode($settings->site_name).':'.urlencode($user->username).'?secret='.urlencode($secret).'&issuer=Snipe-IT&period=30', 300, 300, 'black', array(-2, -2, -2, -2));
return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
}
@ -255,18 +259,23 @@ class LoginController extends Controller
return redirect()->route('login')->with('error', 'You must be logged in.');
}
$user = Auth::user();
$secret = $request->get('two_factor_secret');
$google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
$valid = $google2fa->verifyKey($user->two_factor_secret, $secret);
if (!$request->has('two_factor_secret')) {
return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
}
if ($valid) {
$user = Auth::user();
$otp = new Otp();
if ($otp->checkTotp(Encoding::base32DecodeUpper($user->two_factor_secret), $request->get('two_factor_secret'))) {
$user->two_factor_enrolled = 1;
$user->save();
$request->session()->put('2fa_authed', 'true');
return redirect()->route('home')->with('success', 'You are logged in!');
}
\Log::debug('Did not match');
return redirect()->route('two-factor')->with('error', 'Invalid two-factor code');

View file

@ -7,6 +7,7 @@
"require": {
"php": ">=5.6.4",
"barryvdh/laravel-debugbar": "^2.4",
"christian-riesen/otp": "^2.6",
"doctrine/cache": "^1.6",
"doctrine/common": "^2.7",
"doctrine/dbal": "^2.5.13",
@ -24,10 +25,10 @@
"league/csv": "^8.1",
"maknz/slack": "^1.7",
"neitanod/forceutf8": "^2.0",
"paragonie/constant_time_encoding": "^1.0",
"patchwork/utf8": "~1.2",
"phpdocumentor/reflection-docblock": "3.2.2",
"phpspec/prophecy": "1.6.2",
"pragmarx/google2fa": "^5.0",
"predis/predis": "^1.1",
"rollbar/rollbar-laravel": "2.4.1",
"schuppo/password-strength": "~1.5",

596
composer.lock generated

File diff suppressed because it is too large Load diff

View file

@ -291,7 +291,6 @@ return [
Collective\Html\HtmlServiceProvider::class,
Spatie\Backup\BackupServiceProvider::class,
Fideloper\Proxy\TrustedProxyServiceProvider::class,
PragmaRX\Google2FA\Vendor\Laravel\ServiceProvider::class,
Laravel\Passport\PassportServiceProvider::class,
Laravel\Tinker\TinkerServiceProvider::class,
Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class,
@ -366,7 +365,6 @@ return [
'Input' => Illuminate\Support\Facades\Input::class,
'Form' => Collective\Html\FormFacade::class,
'Html' => Collective\Html\HtmlFacade::class,
'Google2FA' => PragmaRX\Google2FA\Vendor\Laravel\Facade::class,
'Debugbar' => Barryvdh\Debugbar\Facade::class,
'Image' => Intervention\Image\ImageManagerStatic::class,
'Carbon' => Carbon\Carbon::class,

View file

@ -28,7 +28,7 @@
</div>
<div class="col-md-12 text-center">
<img src="{{ $google2fa_url }}" style="padding: 15px 0px 15px 0px">
{!! $barcode_obj->getHtmlDiv() !!}
</div>
</div>