search

antonioribeiro / google2fa-laravel

A One Time Password Authentication package, compatible with Google Authenticator for Laravel
MIT License
938 stars 183 forks source link

Automatically authenticate after enabling 2FA #115

Open iapparatus opened 4 years ago

iapparatus commented 4 years ago

Is it possible to automatically (or manually) authenticate into 2FA after enabling 2FA? The reason I'm asking is that I don't want my users to enter OTP right after they verified it during the setup process.

rickmills commented 4 years ago

Hit this issue myself, after poking around the codebase I figured out you could just do this:

session([Constants::SESSION_OTP_TIMESTAMP => true]);
session([Constants::SESSION_AUTH_PASSED => true]);
session(['2fa_key' => $user->two_factor_secret]); // Update this with the secret on your user table
session([
    config('google2fa.session_var') => [
        'auth_passed' => true,
        'auth_time' => Carbon::now()->toDateTimeString()
    ]
]);

Use statements:

use Google2FA;
use PragmaRX\Google2FALaravel\Support\Constants;
use Carbon\Carbon;

There's probably a tidier way this can be done but it did the trick.

taipt-0504 commented 4 years ago

You can use this: Google2FA::login();

amiranagram commented 4 years ago

Here's my controller method, how I approached this issue:

    /**
     * Try to store the 2FA secret in users table if all goes well.
     *
     * @param Request $request
     * @param User $user
     * @return RedirectResponse
     */
    public function store2fa(Request $request, User $user)
    {
        $google2fa = app('pragmarx.google2fa');
        $otpSecretColumn = config('google2fa.otp_secret_column');
        $otpInput = config('google2fa.otp_input');

        $validator = Validator::make($request->all(), [
            $otpSecretColumn => 'required|size:16|alpha_num',
            $otpInput        => 'required|numeric',
        ]);

        if ($validator->fails())
            return redirect()->back()->with('errors', $validator->errors())->withInput();

        $verify = $google2fa->verifyGoogle2FA($request->input($otpSecretColumn), $request->input($otpInput));

        if (!$verify) {
            event(new LoginFailed($user));

            return redirect()->back()
                ->with('errors', new MessageBag(['one_time_password' => __('validation.2fa.wrong_otp')]))
                ->withInput();
        }

        $google2fa->login();

        event(new LoginSucceeded($user));

        $user->$otpSecretColumn = $request->input($otpSecretColumn);
        $user->save();

        return redirect()->route('admin.users.index')
            ->with('success', 'Two-Factor Authentication enabled for <strong>' . $user->name . '</strong>');
    }