X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/f696aa5eea5a06c7e21130fb9b01a6b60c50c2db..refs/pull/2827/head:/app/Http/Controllers/Auth/MfaController.php diff --git a/app/Http/Controllers/Auth/MfaController.php b/app/Http/Controllers/Auth/MfaController.php index 9feda9433..75cd46eef 100644 --- a/app/Http/Controllers/Auth/MfaController.php +++ b/app/Http/Controllers/Auth/MfaController.php @@ -5,15 +5,19 @@ namespace BookStack\Http\Controllers\Auth; use BookStack\Actions\ActivityType; use BookStack\Auth\Access\Mfa\MfaValue; use BookStack\Http\Controllers\Controller; +use Illuminate\Http\Request; class MfaController extends Controller { + use HandlesPartialLogins; + /** * Show the view to setup MFA for the current user. */ public function setup() { - $userMethods = user()->mfaValues() + $userMethods = $this->currentOrLastAttemptedUser() + ->mfaValues() ->get(['id', 'method']) ->groupBy('method'); return view('mfa.setup', [ @@ -37,4 +41,29 @@ class MfaController extends Controller return redirect('/mfa/setup'); } + + /** + * Show the page to start an MFA verification. + */ + public function verify(Request $request) + { + $desiredMethod = $request->get('method'); + $userMethods = $this->currentOrLastAttemptedUser() + ->mfaValues() + ->get(['id', 'method']) + ->groupBy('method'); + + // Basic search for the default option for a user. + // (Prioritises totp over backup codes) + $method = $userMethods->has($desiredMethod) ? $desiredMethod : $userMethods->keys()->sort()->reverse()->first(); + $otherMethods = $userMethods->keys()->filter(function($userMethod) use ($method) { + return $method !== $userMethod; + })->all(); + + return view('mfa.verify', [ + 'userMethods' => $userMethods, + 'method' => $method, + 'otherMethods' => $otherMethods, + ]); + } }