|
|
@@ -339,6 +339,11 @@ class AccountController extends Controller
|
|
|
$request->session()->push('2fa.session.active', true);
|
|
|
return redirect('/');
|
|
|
} else {
|
|
|
+
|
|
|
+ if($this->twoFactorBackupCheck($request, $code, $user)) {
|
|
|
+ return redirect('/');
|
|
|
+ }
|
|
|
+
|
|
|
if($request->session()->has('2fa.attempts')) {
|
|
|
$count = (int) $request->session()->has('2fa.attempts');
|
|
|
$request->session()->push('2fa.attempts', $count + 1);
|
|
|
@@ -350,4 +355,31 @@ class AccountController extends Controller
|
|
|
]);
|
|
|
}
|
|
|
}
|
|
|
+
|
|
|
+ protected function twoFactorBackupCheck($request, $code, User $user)
|
|
|
+ {
|
|
|
+ $backupCodes = $user->{'2fa_backup_codes'};
|
|
|
+ if($backupCodes) {
|
|
|
+ $codes = json_decode($backupCodes, true);
|
|
|
+ foreach ($codes as $c) {
|
|
|
+ if(hash_equals($c, $code)) {
|
|
|
+ // remove code
|
|
|
+ $codes = array_flatten(array_diff($codes, [$code]));
|
|
|
+ $user->{'2fa_backup_codes'} = json_encode($codes);
|
|
|
+ $user->save();
|
|
|
+ $request->session()->push('2fa.session.active', true);
|
|
|
+ return true;
|
|
|
+ } else {
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ public function accountRestored(Request $request)
|
|
|
+ {
|
|
|
+ //
|
|
|
+ }
|
|
|
}
|
Daniel Supernault