60 lines
1.7 KiB
PHP
60 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace App\Actions\Fortify;
|
|
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Support\Str;
|
|
use Laravel\Fortify\Contracts\TwoFactorAuthenticationProvider;
|
|
|
|
class EnableTwoFactorAuthentication
|
|
{
|
|
/**
|
|
* The two factor authentication provider.
|
|
*
|
|
* @var \Laravel\Fortify\Contracts\TwoFactorAuthenticationProvider
|
|
*/
|
|
protected $provider;
|
|
|
|
/**
|
|
* Create a new action instance.
|
|
*
|
|
* @param \Laravel\Fortify\Contracts\TwoFactorAuthenticationProvider $provider
|
|
* @return void
|
|
*/
|
|
public function __construct(TwoFactorAuthenticationProvider $provider)
|
|
{
|
|
$this->provider = $provider;
|
|
}
|
|
|
|
/**
|
|
* Enable two factor authentication for the user by generating secrets
|
|
* and storing them temporarily in the session.
|
|
*
|
|
* @param mixed $user
|
|
* @return void
|
|
*/
|
|
public function __invoke($user)
|
|
{
|
|
$secretKey = $this->provider->generateSecretKey();
|
|
|
|
$recoveryCodes = collect(range(1, 8))
|
|
->map(fn () => Str::random(10).'-'.Str::random(10))
|
|
->all();
|
|
|
|
$qrCodeSvg = $this->provider->qrCodeSvg(
|
|
config('app.name'),
|
|
$user->email,
|
|
$secretKey
|
|
);
|
|
|
|
// Store the generated data in the session
|
|
session([
|
|
'2fa_setup_secret' => $secretKey, // Unencrypted secret for display and confirmation
|
|
'2fa_setup_qr_svg' => $qrCodeSvg,
|
|
'2fa_setup_recovery_codes' => encrypt(json_encode($recoveryCodes)), // Encrypt for storage in session
|
|
]);
|
|
|
|
// IMPORTANT: This custom action does NOT save anything to the user model in the database.
|
|
// That will be handled by the custom ConfirmTwoFactorAuthentication action.
|
|
}
|
|
} |