BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/Auth/MfaTotpController.php

index d55f08cff107f2be72e2c8e001c4af94e277ec86..5644f02688e8618a99e0599bb60eb3cb1b68f82e 100644 (file)

--- a/app/Http/Controllers/Auth/MfaTotpController.php

+++ b/app/Http/Controllers/Auth/MfaTotpController.php

@@ -31,11 +31,11 @@ class MfaTotpController extends Controller

session()->put(static::SETUP_SECRET_SESSION_KEY, encrypt($totpSecret));

}

- $qrCodeUrl = $totp->generateUrl($totpSecret);

+ $qrCodeUrl = $totp->generateUrl($totpSecret, $this->currentOrLastAttemptedUser());

$svg = $totp->generateQrCodeSvg($qrCodeUrl);

return view('mfa.totp-generate', [

- 'secret' => $totpSecret,

+ 'url' => $qrCodeUrl,

'svg' => $svg,

]);

}

@@ -43,6 +43,7 @@ class MfaTotpController extends Controller

/**

* Confirm the setup of TOTP and save the auth method secret

* against the current user.

+ *

* @throws ValidationException

* @throws NotFoundException

@@ -54,7 +55,7 @@ class MfaTotpController extends Controller

'required',

'max:12', 'min:4',

new TotpValidationRule($totpSecret),

- ]

+ ],

]);

MfaValue::upsertWithValue($this->currentOrLastAttemptedUser(), MfaValue::METHOD_TOTP, $totpSecret);

@@ -63,6 +64,7 @@ class MfaTotpController extends Controller

if (!auth()->check()) {

$this->showSuccessNotification(trans('auth.mfa_setup_login_notification'));

return redirect('/login');

}

@@ -71,6 +73,7 @@ class MfaTotpController extends Controller

/**

* Verify the MFA method submission on check.

+ *

* @throws NotFoundException

public function verify(Request $request, LoginService $loginService, MfaSession $mfaSession)

@@ -83,7 +86,7 @@ class MfaTotpController extends Controller

'required',

'max:12', 'min:4',

new TotpValidationRule($totpSecret),

- ]

+ ],

]);

$mfaSession->markVerifiedForUser($user);