Skip to content
This repository has been archived by the owner on Feb 17, 2022. It is now read-only.

Commit

Permalink
Merge pull request #34 from DarkGhostHunter/master
Browse files Browse the repository at this point in the history
Minor fix on Confirm Middleware
  • Loading branch information
DarkGhostHunter authored Jun 8, 2020
2 parents c85483f + f4e1a63 commit 1682dac
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 51 deletions.
37 changes: 8 additions & 29 deletions src/Http/Middleware/ConfirmTwoFactorCode.php
Original file line number Diff line number Diff line change
Expand Up @@ -51,48 +51,27 @@ public function __construct(ResponseFactory $response, UrlGenerator $url, Authen
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string $redirectToRoute
* @param bool $useSafeDevice
* @return mixed
*/
public function handle($request, Closure $next, $redirectToRoute = '2fa.confirm', $useSafeDevice = false)
public function handle($request, Closure $next, $redirectToRoute = '2fa.confirm')
{
if ($this->userHasTwoFactorEnabled()) {
if ($this->codeWasValidated($request) || $this->isSafeDevice($request, $useSafeDevice)) {
return $next($request);
}

return $request->expectsJson()
? $this->response->json(['message' => trans('laraguard::messages.required')], 403)
: $this->response->redirectGuest($this->url->route($redirectToRoute));
if ($this->userHasNotEnabledTwoFactorAuth() || $this->codeWasValidated($request)) {
return $next($request);
}

return $next($request);
return $request->expectsJson()
? $this->response->json(['message' => trans('laraguard::messages.required')], 403)
: $this->response->redirectGuest($this->url->route($redirectToRoute));
}

/**
* Check if the user is using Two Factor Authentication.
*
* @return bool
*/
protected function userHasTwoFactorEnabled()
protected function userHasNotEnabledTwoFactorAuth()
{
return $this->user instanceof TwoFactorAuthenticatable && $this->user->hasTwoFactorEnabled();
}

/**
* Check if the current Request was made from a Safe Device.
*
* @param \Illuminate\Http\Request $request
* @param string|bool $useSafeDevice
* @return bool
*/
protected function isSafeDevice($request, $useSafeDevice)
{
if ($useSafeDevice = filter_var($useSafeDevice, FILTER_VALIDATE_BOOLEAN)) {
return false;
}

return $this->user->isSafeDevice($request);
return ! ($this->user instanceof TwoFactorAuthenticatable && $this->user->hasTwoFactorEnabled());
}

/**
Expand Down
22 changes: 0 additions & 22 deletions tests/Http/Middleware/ConfirmTwoFactorEnabledTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@

use Tests\Stubs\UserStub;
use Tests\RegistersPackage;
use Illuminate\Http\Request;
use Tests\CreatesTwoFactorUser;
use Orchestra\Testbench\TestCase;
use Tests\RunsPublishableMigrations;
Expand Down Expand Up @@ -147,25 +146,4 @@ public function test_routes_to_alternate_named_route()
$this->get('intended_to_foo')
->assertRedirect('foo');
}

public function test_bypasses_check_if_not_forced_and_using_safe_devices()
{
Date::setTestNow($now = Date::create(2020, 04, 01, 20, 20));

$this->app['router']->get('intended_forced', function () {
return 'ok';
})->name('intended')->middleware('web', 'auth', '2fa.confirm:2fa.confirm,false');

$this->actingAs($this->user);

$this->followingRedirects()
->get('intended_forced')
->assertViewIs('laraguard::confirm');

$this->user->addSafeDevice(new Request());

$this->followingRedirects()
->get('intended_forced')
->assertSee('ok');
}
}

0 comments on commit 1682dac

Please sign in to comment.