2021-06-28 17:02:45 -04:00
|
|
|
<?php
|
|
|
|
|
2023-05-17 12:56:55 -04:00
|
|
|
namespace BookStack\Access\Controllers;
|
2021-06-28 17:02:45 -04:00
|
|
|
|
2023-05-17 12:56:55 -04:00
|
|
|
use BookStack\Access\Mfa\MfaValue;
|
|
|
|
use BookStack\Activity\ActivityType;
|
2023-05-18 15:53:39 -04:00
|
|
|
use BookStack\Http\Controller;
|
2021-08-02 11:35:37 -04:00
|
|
|
use Illuminate\Http\Request;
|
2021-06-28 17:02:45 -04:00
|
|
|
|
|
|
|
class MfaController extends Controller
|
|
|
|
{
|
2021-07-18 11:52:31 -04:00
|
|
|
use HandlesPartialLogins;
|
|
|
|
|
2021-06-28 17:02:45 -04:00
|
|
|
/**
|
|
|
|
* Show the view to setup MFA for the current user.
|
|
|
|
*/
|
|
|
|
public function setup()
|
|
|
|
{
|
2021-07-18 11:52:31 -04:00
|
|
|
$userMethods = $this->currentOrLastAttemptedUser()
|
|
|
|
->mfaValues()
|
2021-06-30 17:10:02 -04:00
|
|
|
->get(['id', 'method'])
|
|
|
|
->groupBy('method');
|
2021-08-21 10:49:40 -04:00
|
|
|
|
2022-01-04 08:33:24 -05:00
|
|
|
$this->setPageTitle(trans('auth.mfa_setup'));
|
|
|
|
|
2021-06-30 17:10:02 -04:00
|
|
|
return view('mfa.setup', [
|
|
|
|
'userMethods' => $userMethods,
|
|
|
|
]);
|
2021-06-28 17:02:45 -04:00
|
|
|
}
|
2021-07-14 16:27:21 -04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Remove an MFA method for the current user.
|
2021-08-21 10:49:40 -04:00
|
|
|
*
|
2021-07-14 16:27:21 -04:00
|
|
|
* @throws \Exception
|
|
|
|
*/
|
|
|
|
public function remove(string $method)
|
|
|
|
{
|
|
|
|
if (in_array($method, MfaValue::allMethods())) {
|
|
|
|
$value = user()->mfaValues()->where('method', '=', $method)->first();
|
|
|
|
if ($value) {
|
|
|
|
$value->delete();
|
|
|
|
$this->logActivity(ActivityType::MFA_REMOVE_METHOD, $method);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return redirect('/mfa/setup');
|
|
|
|
}
|
2021-07-16 18:23:36 -04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Show the page to start an MFA verification.
|
|
|
|
*/
|
2021-07-18 11:52:31 -04:00
|
|
|
public function verify(Request $request)
|
2021-07-16 18:23:36 -04:00
|
|
|
{
|
2021-07-18 11:52:31 -04:00
|
|
|
$desiredMethod = $request->get('method');
|
|
|
|
$userMethods = $this->currentOrLastAttemptedUser()
|
|
|
|
->mfaValues()
|
2021-07-16 18:23:36 -04:00
|
|
|
->get(['id', 'method'])
|
|
|
|
->groupBy('method');
|
|
|
|
|
2021-07-18 11:52:31 -04:00
|
|
|
// Basic search for the default option for a user.
|
|
|
|
// (Prioritises totp over backup codes)
|
|
|
|
$method = $userMethods->has($desiredMethod) ? $desiredMethod : $userMethods->keys()->sort()->reverse()->first();
|
2021-08-21 10:49:40 -04:00
|
|
|
$otherMethods = $userMethods->keys()->filter(function ($userMethod) use ($method) {
|
2021-07-18 11:52:31 -04:00
|
|
|
return $method !== $userMethod;
|
|
|
|
})->all();
|
|
|
|
|
2021-07-16 18:23:36 -04:00
|
|
|
return view('mfa.verify', [
|
2021-08-21 10:49:40 -04:00
|
|
|
'userMethods' => $userMethods,
|
|
|
|
'method' => $method,
|
2021-07-18 11:52:31 -04:00
|
|
|
'otherMethods' => $otherMethods,
|
2021-07-16 18:23:36 -04:00
|
|
|
]);
|
|
|
|
}
|
2021-06-28 17:02:45 -04:00
|
|
|
}
|