From d00a6ec767fafdd81614424e3b55c731b720ab31 Mon Sep 17 00:00:00 2001 From: dogukanoksuz Date: Mon, 16 Oct 2023 08:09:32 +0000 Subject: [PATCH] feature: Two factor authentication --- app/Http/Controllers/API/AuthController.php | 16 ++-- .../API/Settings/UserController.php | 3 +- composer.json | 1 - composer.lock | 85 +------------------ 4 files changed, 14 insertions(+), 91 deletions(-) diff --git a/app/Http/Controllers/API/AuthController.php b/app/Http/Controllers/API/AuthController.php index 14f5eb73..94bd779a 100644 --- a/app/Http/Controllers/API/AuthController.php +++ b/app/Http/Controllers/API/AuthController.php @@ -94,23 +94,27 @@ public function login(Request $request) } if (auth('api')->user()->otp_enabled) { - $tfa = new TwoFactorAuth( - "Liman", 6, 30, \RobThree\Auth\Algorithm::Sha1 - ); + $tfa = app('pragmarx.google2fa'); + if (auth('api')->user()->google2fa_secret == null) { - $secret = $tfa->createSecret(); + $secret = $tfa->generateSecretKey(); return response()->json([ 'message' => 'İki faktörlü doğrulama için Google Authenticator uygulaması ile QR kodunu okutunuz.', 'secret' => $secret, - 'image' => $secret, + 'image' => $tfa->getQRCodeInline( + "Liman", + auth('api')->user()->email, + $secret, + 400 + ), ], 402); } if (! $request->token) { return response()->json(['message' => 'İki faktörlü doğrulama gerekmektedir.'], 406); } else { - if (! $tfa->verifyCode( + if (! $tfa->verifyGoogle2FA( auth('api')->user()->google2fa_secret, $request->token )) { diff --git a/app/Http/Controllers/API/Settings/UserController.php b/app/Http/Controllers/API/Settings/UserController.php index 90c967aa..32d58161 100644 --- a/app/Http/Controllers/API/Settings/UserController.php +++ b/app/Http/Controllers/API/Settings/UserController.php @@ -25,7 +25,8 @@ class UserController extends Controller */ public function index() { - return User::all(); + return User::orderBy('last_login_at', 'desc') + ->get(); } /** diff --git a/composer.json b/composer.json index 90e1ae00..e95cb6b9 100644 --- a/composer.json +++ b/composer.json @@ -30,7 +30,6 @@ "phpseclib/phpseclib": "~3.0", "pragmarx/google2fa-laravel": "^2.0", "pusher/pusher-php-server": "^7.0", - "robthree/twofactorauth": "^2.0", "tymon/jwt-auth": "^2.0" }, "require-dev": { diff --git a/composer.lock b/composer.lock index 9a7d5179..be8e28fb 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "9adc86990b4a0d7dbae8dbca72d1020b", + "content-hash": "de6498709f134193e5eff9a6041d67dc", "packages": [ { "name": "ankitpokhrel/tus-php", @@ -5934,87 +5934,6 @@ }, "time": "2018-05-29T20:21:04+00:00" }, - { - "name": "robthree/twofactorauth", - "version": "v2.0.0", - "source": { - "type": "git", - "url": "https://github.com/RobThree/TwoFactorAuth.git", - "reference": "27cd1e1392d19f178398e892f59062003c8998a4" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/27cd1e1392d19f178398e892f59062003c8998a4", - "reference": "27cd1e1392d19f178398e892f59062003c8998a4", - "shasum": "" - }, - "require": { - "php": ">=8.1.0" - }, - "require-dev": { - "friendsofphp/php-cs-fixer": "^3.13", - "phpstan/phpstan": "^1.9", - "phpunit/phpunit": "^9" - }, - "suggest": { - "bacon/bacon-qr-code": "Needed for BaconQrCodeProvider provider", - "endroid/qr-code": "Needed for EndroidQrCodeProvider" - }, - "type": "library", - "autoload": { - "psr-4": { - "RobThree\\Auth\\": "lib" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Rob Janssen", - "homepage": "http://robiii.me", - "role": "Developer" - }, - { - "name": "Nicolas CARPi", - "homepage": "https://github.com/NicolasCARPi", - "role": "Developer" - }, - { - "name": "Will Power", - "homepage": "https://github.com/willpower232", - "role": "Developer" - } - ], - "description": "Two Factor Authentication", - "homepage": "https://github.com/RobThree/TwoFactorAuth", - "keywords": [ - "Authentication", - "MFA", - "Multi Factor Authentication", - "Two Factor Authentication", - "authenticator", - "authy", - "php", - "tfa" - ], - "support": { - "issues": "https://github.com/RobThree/TwoFactorAuth/issues", - "source": "https://github.com/RobThree/TwoFactorAuth" - }, - "funding": [ - { - "url": "https://paypal.me/robiii", - "type": "custom" - }, - { - "url": "https://github.com/RobThree", - "type": "github" - } - ], - "time": "2023-02-25T11:33:28+00:00" - }, { "name": "symfony/console", "version": "v6.3.4", @@ -11345,5 +11264,5 @@ "ext-zip": "*" }, "platform-dev": [], - "plugin-api-version": "2.3.0" + "plugin-api-version": "2.6.0" }