BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/MfaBackupCodesController.php

   1 <?php
   2
   3 namespace BookStack\Http\Controllers\Auth;
   4
   5 use BookStack\Actions\ActivityType;
   6 use BookStack\Auth\Access\Mfa\BackupCodeService;
   7 use BookStack\Auth\Access\Mfa\MfaValue;
   8 use BookStack\Http\Controllers\Controller;
   9 use Exception;
  10
  11 class MfaBackupCodesController extends Controller
  12 {
  13     protected const SETUP_SECRET_SESSION_KEY = 'mfa-setup-backup-codes';
  14
  15     /**
  16      * Show a view that generates and displays backup codes
  17      */
  18     public function generate(BackupCodeService $codeService)
  19     {
  20         $codes = $codeService->generateNewSet();
  21         session()->put(self::SETUP_SECRET_SESSION_KEY, encrypt($codes));
  22
  23         $downloadUrl = 'data:application/octet-stream;base64,' . base64_encode(implode("\n\n", $codes));
  24
  25         return view('mfa.backup-codes-generate', [
  26             'codes' => $codes,
  27             'downloadUrl' => $downloadUrl,
  28         ]);
  29     }
  30
  31     /**
  32      * Confirm the setup of backup codes, storing them against the user.
  33      * @throws Exception
  34      */
  35     public function confirm()
  36     {
  37         if (!session()->has(self::SETUP_SECRET_SESSION_KEY)) {
  38             return response('No generated codes found in the session', 500);
  39         }
  40
  41         $codes = decrypt(session()->pull(self::SETUP_SECRET_SESSION_KEY));
  42         MfaValue::upsertWithValue(user(), MfaValue::METHOD_BACKUP_CODES, json_encode($codes));
  43
  44         $this->logActivity(ActivityType::MFA_SETUP_METHOD, 'backup-codes');
  45         return redirect('/mfa/setup');
  46     }
  47 }