2021-06-30 17:10:02 -04:00
|
|
|
<?php
|
|
|
|
|
2023-05-17 12:56:55 -04:00
|
|
|
namespace BookStack\Access\Mfa;
|
2021-06-30 17:10:02 -04:00
|
|
|
|
2023-05-17 12:56:55 -04:00
|
|
|
use BookStack\Users\Models\User;
|
2021-06-30 17:10:02 -04:00
|
|
|
use Carbon\Carbon;
|
|
|
|
use Illuminate\Database\Eloquent\Model;
|
|
|
|
|
|
|
|
/**
|
2021-08-21 10:49:40 -04:00
|
|
|
* @property int $id
|
|
|
|
* @property int $user_id
|
2021-06-30 17:10:02 -04:00
|
|
|
* @property string $method
|
|
|
|
* @property string $value
|
|
|
|
* @property Carbon $created_at
|
|
|
|
* @property Carbon $updated_at
|
|
|
|
*/
|
|
|
|
class MfaValue extends Model
|
|
|
|
{
|
|
|
|
protected static $unguarded = true;
|
|
|
|
|
|
|
|
const METHOD_TOTP = 'totp';
|
2021-07-02 15:53:33 -04:00
|
|
|
const METHOD_BACKUP_CODES = 'backup_codes';
|
2021-06-30 17:10:02 -04:00
|
|
|
|
2021-07-14 16:27:21 -04:00
|
|
|
/**
|
|
|
|
* Get all the MFA methods available.
|
|
|
|
*/
|
|
|
|
public static function allMethods(): array
|
|
|
|
{
|
|
|
|
return [self::METHOD_TOTP, self::METHOD_BACKUP_CODES];
|
|
|
|
}
|
|
|
|
|
2021-06-30 17:10:02 -04:00
|
|
|
/**
|
|
|
|
* Upsert a new MFA value for the given user and method
|
|
|
|
* using the provided value.
|
|
|
|
*/
|
|
|
|
public static function upsertWithValue(User $user, string $method, string $value): void
|
|
|
|
{
|
|
|
|
/** @var MfaValue $mfaVal */
|
|
|
|
$mfaVal = static::query()->firstOrNew([
|
|
|
|
'user_id' => $user->id,
|
2021-08-21 10:49:40 -04:00
|
|
|
'method' => $method,
|
2021-06-30 17:10:02 -04:00
|
|
|
]);
|
|
|
|
$mfaVal->setValue($value);
|
|
|
|
$mfaVal->save();
|
|
|
|
}
|
|
|
|
|
2021-08-02 10:04:43 -04:00
|
|
|
/**
|
|
|
|
* Easily get the decrypted MFA value for the given user and method.
|
|
|
|
*/
|
|
|
|
public static function getValueForUser(User $user, string $method): ?string
|
|
|
|
{
|
|
|
|
/** @var MfaValue $mfaVal */
|
|
|
|
$mfaVal = static::query()
|
|
|
|
->where('user_id', '=', $user->id)
|
|
|
|
->where('method', '=', $method)
|
|
|
|
->first();
|
|
|
|
|
|
|
|
return $mfaVal ? $mfaVal->getValue() : null;
|
|
|
|
}
|
|
|
|
|
2021-06-30 17:10:02 -04:00
|
|
|
/**
|
|
|
|
* Decrypt the value attribute upon access.
|
|
|
|
*/
|
2021-08-02 10:04:43 -04:00
|
|
|
protected function getValue(): string
|
2021-06-30 17:10:02 -04:00
|
|
|
{
|
|
|
|
return decrypt($this->value);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Encrypt the value attribute upon access.
|
|
|
|
*/
|
2021-08-02 10:04:43 -04:00
|
|
|
protected function setValue($value): void
|
2021-06-30 17:10:02 -04:00
|
|
|
{
|
|
|
|
$this->value = encrypt($value);
|
|
|
|
}
|
|
|
|
}
|