We use cookies to ensure you get the best experience on our website
Inicio Explorar Axuda
Rexistro Iniciar sesión
0ct0pu5
/
2FAuth
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: ee22e24cf1
Ramas Etiquetas
2FAuth
/
app
/
Http
/
Controllers
/
Auth
/
WebAuthnLoginController.php

WebAuthnLoginController.php 2.3 KB
Histórico Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Controllers\Auth;
    4. 

  4. 

  5. use App\Models\User;
    6. 

  6. use Illuminate\Http\Request;
    7. 

  7. use App\Http\Controllers\Controller;
    8. 

  8. use DarkGhostHunter\Larapass\Http\AuthenticatesWebAuthn;
    9. 

  9. 

  10. class WebAuthnLoginController extends Controller
    11. 

  11. {
    12. 

  12.     // use AuthenticatesWebAuthn;
    13. 

  13.     use AuthenticatesWebAuthn {
    14. 

  14. 		options as traitOptions;
    15. 

  15. 		login as traitLogin;
    16. 

  16. 	}
    17. 

  17. 

  18.     /*
    19. 

  19.     |--------------------------------------------------------------------------
    20. 

  20.     | WebAuthn Login Controller
    21. 

  21.     |--------------------------------------------------------------------------
    22. 

  22.     |
    23. 

  23.     | This controller allows the WebAuthn user device to request a login and
    24. 

  24.     | return the correctly signed challenge. Most of the hard work is done
    25. 

  25.     | by your Authentication Guard once the user is attempting to login.
    26. 

  26.     |
    27. 

  27.     */
    28. 

  28. 

  29. 

  30. 	public function options(Request $request)
    31. 

  31. 	{
    32. 

  32.         // Since 2FAuth is single user designed we fetch the user instance
    33. 

  33.         // and merge its email address to the request. This let Larapass validate
    34. 

  34.         // the request against a user instance without the need to ask the visitor
    35. 

  35.         // for an email address.
    36. 

  36.         //
    37. 

  37.         // This approach override the Larapass 'userless' config value that seems buggy.
    38. 

  38.         $user = User::first();
    39. 

  39. 

  40.         if (!$user) {
    41. 

  41.             return response()->json([
    42. 

  42.                 'message' => 'no registered user'
    43. 

  43.             ], 400);
    44. 

  44.         }
    45. 

  45.         else $request->merge(['email' => $user->email]);
    46. 

  46. 

  47. 		return $this->traitOptions($request);
    48. 

  48. 	}
    49. 

  49. 

  50. 

  51.     /**
    52. 

  52.      * Log the user in.
    53. 

  53.      *
    54. 

  54.      * @param  \Illuminate\Http\Request  $request
    55. 

  55.      *
    56. 

  56.      * @return \Illuminate\Http\Response|\Illuminate\Http\JsonResponse
    57. 

  57.      */
    58. 

  58.     public function login(Request $request)
    59. 

  59.     {
    60. 

  60.         $request->validate($this->assertionRules());
    61. 

  61. 

  62.         if ($request->has('response')) {
    63. 

  63.             $response = $request->response;
    64. 

  64. 

  65.             // Some authenticators do not send a userHandle so we hack the response to be compliant
    66. 

  66.             // with Larapass/webauthn-lib implementation that wait for a userHandle
    67. 

  67.             if(!$response['userHandle']) {
    68. 

  68.                 $user = User::getFromCredentialId($request->id);
    69. 

  69.                 $response['userHandle'] = base64_encode($user->userHandle());
    70. 

  70.                 $request->merge(['response' => $response]);
    71. 

  71.             }
    72. 

  72.         }
    73. 

  73. 

  74.         return $this->traitLogin($request);
    75. 

  75.     }
    76. 

  76. }
    77.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5