]> BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/Auth/MfaController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Re-ordered theme events to be alphabetical
[bookstack] / app / Http / Controllers / Auth / MfaController.php
diff --git a/app/Http/Controllers/Auth/MfaController.php b/app/Http/Controllers/Auth/MfaController.php
index 9feda9433aefda07d09d6203c31371da88f06b7a..6f6beb873e4911c6a509450694550edbe98cc953 100644 (file)
--- a/app/Http/Controllers/Auth/MfaController.php
+++ b/app/Http/Controllers/Auth/MfaController.php
@@ -5,17 +5,24 @@ namespace BookStack\Http\Controllers\Auth;
 use BookStack\Actions\ActivityType;
 use BookStack\Auth\Access\Mfa\MfaValue;
 use BookStack\Http\Controllers\Controller;
 use BookStack\Actions\ActivityType;
 use BookStack\Auth\Access\Mfa\MfaValue;
 use BookStack\Http\Controllers\Controller;
+use Illuminate\Http\Request;
 
 class MfaController extends Controller
 {
 
 class MfaController extends Controller
 {
+    use HandlesPartialLogins;
+
     /**
      * Show the view to setup MFA for the current user.
      */
     public function setup()
     {
     /**
      * Show the view to setup MFA for the current user.
      */
     public function setup()
     {
-        $userMethods = user()->mfaValues()
+        $userMethods = $this->currentOrLastAttemptedUser()
+            ->mfaValues()
             ->get(['id', 'method'])
             ->groupBy('method');
             ->get(['id', 'method'])
             ->groupBy('method');
+
+        $this->setPageTitle(trans('auth.mfa_setup'));
+
         return view('mfa.setup', [
             'userMethods' => $userMethods,
         ]);
         return view('mfa.setup', [
             'userMethods' => $userMethods,
         ]);
@@ -23,6 +30,7 @@ class MfaController extends Controller
 
     /**
      * Remove an MFA method for the current user.
 
     /**
      * Remove an MFA method for the current user.
+     *
      * @throws \Exception
      */
     public function remove(string $method)
      * @throws \Exception
      */
     public function remove(string $method)
@@ -37,4 +45,29 @@ class MfaController extends Controller
 
         return redirect('/mfa/setup');
     }
 
         return redirect('/mfa/setup');
     }
+
+    /**
+     * Show the page to start an MFA verification.
+     */
+    public function verify(Request $request)
+    {
+        $desiredMethod = $request->get('method');
+        $userMethods = $this->currentOrLastAttemptedUser()
+            ->mfaValues()
+            ->get(['id', 'method'])
+            ->groupBy('method');
+
+        // Basic search for the default option for a user.
+        // (Prioritises totp over backup codes)
+        $method = $userMethods->has($desiredMethod) ? $desiredMethod : $userMethods->keys()->sort()->reverse()->first();
+        $otherMethods = $userMethods->keys()->filter(function ($userMethod) use ($method) {
+            return $method !== $userMethod;
+        })->all();
+
+        return view('mfa.verify', [
+            'userMethods'  => $userMethods,
+            'method'       => $method,
+            'otherMethods' => $otherMethods,
+        ]);
+    }
 }
 }
The core source code for the BookStack project.