2022-03-15 14:47:07 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
|
|
2022-08-10 18:39:41 +02:00
|
|
|
use App\Facades\Settings;
|
2022-03-15 14:47:07 +01:00
|
|
|
use App\Http\Controllers\Controller;
|
|
|
|
|
use App\Http\Requests\WebauthnRenameRequest;
|
2022-11-22 15:15:52 +01:00
|
|
|
use Illuminate\Http\Request;
|
2022-10-18 17:34:56 +02:00
|
|
|
use Illuminate\Support\Facades\Log;
|
2022-03-15 14:47:07 +01:00
|
|
|
|
|
|
|
|
class WebAuthnManageController extends Controller
|
2022-11-22 15:15:52 +01:00
|
|
|
{
|
2022-03-15 14:47:07 +01:00
|
|
|
/**
|
|
|
|
|
* List all WebAuthn registered credentials
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
2022-08-26 15:57:18 +02:00
|
|
|
* @return \Illuminate\Http\JsonResponse
|
2022-03-15 14:47:07 +01:00
|
|
|
*/
|
|
|
|
|
public function index(Request $request)
|
|
|
|
|
{
|
2022-11-14 17:13:24 +01:00
|
|
|
$allUserCredentials = $request->user()->webAuthnCredentials()->WhereEnabled()->get();
|
2022-03-15 14:47:07 +01:00
|
|
|
|
|
|
|
|
return response()->json($allUserCredentials, 200);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2022-11-14 17:13:24 +01:00
|
|
|
* Rename a WebAuthn credential
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
|
|
|
|
* @param \App\Http\Requests\WebauthnRenameRequest $request
|
|
|
|
|
* @param string $credential
|
2022-03-15 14:47:07 +01:00
|
|
|
* @return \Illuminate\Http\JsonResponse
|
|
|
|
|
*/
|
|
|
|
|
public function rename(WebauthnRenameRequest $request, string $credential)
|
|
|
|
|
{
|
|
|
|
|
$validated = $request->validated();
|
|
|
|
|
|
2022-11-14 17:13:24 +01:00
|
|
|
abort_if(! $request->user()->renameCredential($credential, $validated['name']), 404);
|
2022-03-15 14:47:07 +01:00
|
|
|
|
|
|
|
|
return response()->json([
|
2022-11-22 15:15:52 +01:00
|
|
|
'name' => $validated['name'],
|
|
|
|
|
], 200);
|
2022-03-15 14:47:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Remove the specified credential from storage.
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
2022-03-29 15:02:43 +02:00
|
|
|
* @param \Illuminate\Http\Request $request
|
|
|
|
|
* @param string|array $credential
|
2022-03-15 14:47:07 +01:00
|
|
|
* @return \Illuminate\Http\JsonResponse
|
|
|
|
|
*/
|
|
|
|
|
public function delete(Request $request, $credential)
|
|
|
|
|
{
|
2022-10-18 17:34:56 +02:00
|
|
|
Log::info('Deletion of security device requested');
|
|
|
|
|
|
2022-03-15 14:47:07 +01:00
|
|
|
$user = $request->user();
|
2022-11-14 17:13:24 +01:00
|
|
|
$user->flushCredential($credential);
|
2022-03-15 14:47:07 +01:00
|
|
|
|
2022-11-14 17:13:24 +01:00
|
|
|
// Webauthn user options need to be reset to prevent impossible login when
|
|
|
|
|
// no more registered device exists.
|
2022-08-10 18:39:41 +02:00
|
|
|
// See #110
|
2022-11-14 17:13:24 +01:00
|
|
|
if (blank($user->webAuthnCredentials()->WhereEnabled()->get())) {
|
2022-08-10 18:39:41 +02:00
|
|
|
Settings::delete('useWebauthnOnly');
|
2022-11-14 17:13:24 +01:00
|
|
|
Log::notice('No Webauthn credential enabled, Webauthn settings reset to default');
|
2022-08-10 18:39:41 +02:00
|
|
|
}
|
|
|
|
|
|
2022-10-18 17:34:56 +02:00
|
|
|
Log::info('Security device deleted');
|
|
|
|
|
|
2022-03-15 14:47:07 +01:00
|
|
|
return response()->json(null, 204);
|
|
|
|
|
}
|
2022-11-22 15:15:52 +01:00
|
|
|
}
|
