2FAuth/app/Http/Controllers/TwoFAccountController.php

<?php

namespace App\Http\Controllers;

use App\Group;
use App\TwoFAccount;
use App\Classes\Options;
use App\Http\Requests\TwoFAccountReorderRequest;
use App\Http\Requests\TwoFAccountStoreRequest;
use App\Http\Requests\TwoFAccountUpdateRequest;
use App\Http\Resources\TwoFAccountReadResource;
use App\Http\Resources\TwoFAccountStoreResource;
use App\Http\Requests\TwoFAccountDeleteRequest;
use App\Http\Requests\TwoFAccountUriRequest;
use App\Http\Requests\TwoFAccountDynamicRequest;
use App\Services\TwoFAccountService;
use Illuminate\Support\Arr;
use Illuminate\Http\Request;

class TwoFAccountController extends Controller
{
    /**
     * The TwoFAccount Service instance.
     */
    protected $twofaccountService;


    /**
     * Create a new controller instance.
     *
     * @param  TwoFAccountService  $twofaccountService
     * @return void
     */
    public function __construct(TwoFAccountService $twofaccountService)
    {
        $this->twofaccountService = $twofaccountService;
    }


    /**
     * List all resources
     *
     * @return \App\Http\Resources\TwoFAccountReadResource
     */
    public function index(Request $request)
    {
        $request->merge(['hideSecret' => true]);

        return TwoFAccountReadResource::collection(TwoFAccount::ordered()->get());
    }


    /**
     * Display a resource
     *
     * @param  \App\TwoFAccount  $twofaccount
     * 
     * @return \App\Http\Resources\TwoFAccountReadResource
     */
    public function show(TwoFAccount $twofaccount)
    {
        return new TwoFAccountReadResource($twofaccount);
    }


    /**
     * Store a newly created resource in storage.
     *
     * @param  \App\Http\Requests\TwoFAccountDynamicRequest  $request
     * 
     * @return \App\Http\Resources\TwoFAccountReadResource
     */
    public function store(TwoFAccountDynamicRequest $request)
    {
        // Two possible cases :
        // - The most common case, an URI is provided by the QuickForm, thanks to a QR code live scan or file upload
        //     -> We use that URI to define the account
        // - The advanced form has been used and all individual parameters
        //     -> We use the parameters array to define the account

        $validated = $request->validated();

        $twofaccount = Arr::has($validated, 'uri')
            ? $this->twofaccountService->createFromUri($validated['uri'])
            : $this->twofaccountService->createFromParameters($validated);

        // Possible group association
        $groupId = Options::get('defaultGroup') === '-1' ? (int) Options::get('activeGroup') : (int) Options::get('defaultGroup');
        
        // 0 is the pseudo group 'All', only groups with id > 0 are true user groups
        if( $groupId > 0 ) {
            $group = Group::find($groupId);

            if($group) {
                $group->twofaccounts()->save($twofaccount);
            }
        }

        return (new TwoFAccountReadResource($twofaccount))
                ->response()
                ->setStatusCode(201);
    }


    /**
     * Update the specified resource in storage.
     *
     * @param  \App\Http\TwoFAccountUpdateRequest  $request
     * @param  \App\TwoFAccount  $twofaccount
     * @return \Illuminate\Http\Response
     */
    public function update(TwoFAccountUpdateRequest $request, TwoFAccount $twofaccount)
    {
        $validated = $request->validated();

        $this->twofaccountService->update($twofaccount, $validated);

        return response()->json($twofaccount, 200);

    }


    /**
     * Set new order.
     *
     * @param  App\Http\Requests\TwoFAccountReorderRequest  $request
     * @return \Illuminate\Http\Response
     */
    public function reorder(TwoFAccountReorderRequest $request)
    {
        $validated = $request->validated();

        $this->twofaccountService->saveOrder($validated['orderedIds']);

        return response()->json(['message' => 'order saved'], 200);
    }


    /**
     * Preview account using an uri, without any db moves
     * 
     * @param  \App\Http\Requests\TwoFAccountUriRequest  $request
     * 
     * @return \App\Http\Resources\TwoFAccountStoreResource
     */
    public function preview(TwoFAccountUriRequest $request)
    {
        $twofaccount = $this->twofaccountService->createFromUri($request->uri, $saveToDB = false);

        return new TwoFAccountStoreResource($twofaccount);
    }


    /**
     * Get a One-Time Password
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function otp(Request $request, $id = null)
    {
        $inputs = $request->all();

        // The request input is the ID of an existing account
        if ( $id ) {
            $otp = $this->twofaccountService->getOTP((int) $id);
        }

        // The request input is an uri
        else if ( count($inputs) === 1 && $request->has('uri') ) {
            $validatedData = $request->validate((new TwoFAccountUriRequest)->rules());
            $otp = $this->twofaccountService->getOTP($validatedData['uri']);
        }
        
        else if ( count($inputs) > 1 && $request->has('uri')) {
            return response()->json([
                'message' => 'bad request',
                'reason' => ['uri' => __('validation.single', ['attribute' => 'uri'])]
            ], 400);
        }

        // The request inputs should define an account
        else {
            $validatedData = $request->validate((new TwoFAccountStoreRequest)->rules());
            $otp = $this->twofaccountService->getOTP($validatedData);
        }

        return response()->json($otp, 200);
    }


    /**
     * A simple and light method to get the account count.
     *
     * @param  \App\TwoFAccount  $twofaccount
     * @return \Illuminate\Http\Response
     */
    public function count(Request $request)
    {
        return response()->json([ 'count' => TwoFAccount::count() ], 200);
    }


    /**
     * Remove the specified resource from storage.
     *
     * @param  \App\TwoFAccount  $twofaccount
     * @return \Illuminate\Http\Response
     */
    public function destroy(TwoFAccount $twofaccount)
    {
        $this->twofaccountService->delete($twofaccount->id);

        return response()->json(null, 204);
    }


    /**
     * Remove the specified resources from storage.
     *
     * @param  \App\Http\Requests\TwoFAccountDeleteRequest  $request
     * @return \Illuminate\Http\Response
     */
    public function batchDestroy(TwoFAccountDeleteRequest $request)
    {
        $this->twofaccountService->delete($request->ids);

        return response()->json(null, 204);
    }

}
initial commit 2019-05-20 07:37:41 +02:00			`<?php`

			`namespace App\Http\Controllers;`

Add Default group option in Settings 2020-11-02 22:41:40 +01:00			`use App\Group;`
Account refactored and better json responses 2019-05-24 14:44:41 +02:00			`use App\TwoFAccount;`
Add Group scope to TwoFAccount model 2020-10-25 23:51:50 +01:00			`use App\Classes\Options;`
Move some TwoFAccount validations to Form Requests 2021-09-07 23:10:17 +02:00			`use App\Http\Requests\TwoFAccountReorderRequest;`
			`use App\Http\Requests\TwoFAccountStoreRequest;`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`use App\Http\Requests\TwoFAccountUpdateRequest;`
			`use App\Http\Resources\TwoFAccountReadResource;`
			`use App\Http\Resources\TwoFAccountStoreResource;`
			`use App\Http\Requests\TwoFAccountDeleteRequest;`
			`use App\Http\Requests\TwoFAccountUriRequest;`
			`use App\Http\Requests\TwoFAccountDynamicRequest;`
			`use App\Services\TwoFAccountService;`
			`use Illuminate\Support\Arr;`
initial commit 2019-05-20 07:37:41 +02:00			`use Illuminate\Http\Request;`

Account refactored and better json responses 2019-05-24 14:44:41 +02:00			`class TwoFAccountController extends Controller`
initial commit 2019-05-20 07:37:41 +02:00			`{`
			`/**`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* The TwoFAccount Service instance.`
			`*/`
			`protected $twofaccountService;`


			`/**`
			`* Create a new controller instance.`
initial commit 2019-05-20 07:37:41 +02:00			`*`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* @param TwoFAccountService $twofaccountService`
			`* @return void`
initial commit 2019-05-20 07:37:41 +02:00			`*/`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`public function __construct(TwoFAccountService $twofaccountService)`
initial commit 2019-05-20 07:37:41 +02:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$this->twofaccountService = $twofaccountService;`
initial commit 2019-05-20 07:37:41 +02:00			`}`


			`/**`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* List all resources`
initial commit 2019-05-20 07:37:41 +02:00			`*`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* @return \App\Http\Resources\TwoFAccountReadResource`
initial commit 2019-05-20 07:37:41 +02:00			`*/`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`public function index(Request $request)`
initial commit 2019-05-20 07:37:41 +02:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$request->merge(['hideSecret' => true]);`

			`return TwoFAccountReadResource::collection(TwoFAccount::ordered()->get());`
			`}`
Validate 2FAccount create form only with backend 2020-01-09 16:33:32 +01:00

Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`/**`
			`* Display a resource`
			`*`
			`* @param \App\TwoFAccount $twofaccount`
			`*`
			`* @return \App\Http\Resources\TwoFAccountReadResource`
			`*/`
			`public function show(TwoFAccount $twofaccount)`
			`{`
			`return new TwoFAccountReadResource($twofaccount);`
			`}`


			`/**`
			`* Store a newly created resource in storage.`
			`*`
			`* @param \App\Http\Requests\TwoFAccountDynamicRequest $request`
			`*`
			`* @return \App\Http\Resources\TwoFAccountReadResource`
			`*/`
			`public function store(TwoFAccountDynamicRequest $request)`
			`{`
Convert the standard Create form to an advanced form 2020-11-13 15:45:17 +01:00			`// Two possible cases :`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`// - The most common case, an URI is provided by the QuickForm, thanks to a QR code live scan or file upload`
			`// -> We use that URI to define the account`
			`// - The advanced form has been used and all individual parameters`
			`// -> We use the parameters array to define the account`
Convert the standard Create form to an advanced form 2020-11-13 15:45:17 +01:00
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$validated = $request->validated();`

			`$twofaccount = Arr::has($validated, 'uri')`
			`? $this->twofaccountService->createFromUri($validated['uri'])`
			`: $this->twofaccountService->createFromParameters($validated);`
initial commit 2019-05-20 07:37:41 +02:00
Add Default group option in Settings 2020-11-02 22:41:40 +01:00			`// Possible group association`
			`$groupId = Options::get('defaultGroup') === '-1' ? (int) Options::get('activeGroup') : (int) Options::get('defaultGroup');`

			`// 0 is the pseudo group 'All', only groups with id > 0 are true user groups`
			`if( $groupId > 0 ) {`
			`$group = Group::find($groupId);`

			`if($group) {`
			`$group->twofaccounts()->save($twofaccount);`
			`}`
			`}`

Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`return (new TwoFAccountReadResource($twofaccount))`
			`->response()`
			`->setStatusCode(201);`
initial commit 2019-05-20 07:37:41 +02:00			`}`

Account refactored and better json responses 2019-05-24 14:44:41 +02:00
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00
initial commit 2019-05-20 07:37:41 +02:00			`/**`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* Update the specified resource in storage.`
initial commit 2019-05-20 07:37:41 +02:00			`*`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* @param \App\Http\TwoFAccountUpdateRequest $request`
Account refactored and better json responses 2019-05-24 14:44:41 +02:00			`* @param \App\TwoFAccount $twofaccount`
initial commit 2019-05-20 07:37:41 +02:00			`* @return \Illuminate\Http\Response`
			`*/`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`public function update(TwoFAccountUpdateRequest $request, TwoFAccount $twofaccount)`
initial commit 2019-05-20 07:37:41 +02:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$validated = $request->validated();`
initial commit 2019-05-20 07:37:41 +02:00
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$this->twofaccountService->update($twofaccount, $validated);`

			`return response()->json($twofaccount, 200);`
initial commit 2019-05-20 07:37:41 +02:00
Add route to get TwoFAccount with sensitive data 2020-11-16 14:10:54 +01:00			`}`


Make the accounts sortable and persist new order. Deactivate Pull-to-refresh feature to prevent side effects 2020-03-27 22:36:01 +01:00			`/**`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* Set new order.`
Make the accounts sortable and persist new order. Deactivate Pull-to-refresh feature to prevent side effects 2020-03-27 22:36:01 +01:00			`*`
Move some TwoFAccount validations to Form Requests 2021-09-07 23:10:17 +02:00			`* @param App\Http\Requests\TwoFAccountReorderRequest $request`
Make the accounts sortable and persist new order. Deactivate Pull-to-refresh feature to prevent side effects 2020-03-27 22:36:01 +01:00			`* @return \Illuminate\Http\Response`
			`*/`
Move some TwoFAccount validations to Form Requests 2021-09-07 23:10:17 +02:00			`public function reorder(TwoFAccountReorderRequest $request)`
Make the accounts sortable and persist new order. Deactivate Pull-to-refresh feature to prevent side effects 2020-03-27 22:36:01 +01:00			`{`
Move some TwoFAccount validations to Form Requests 2021-09-07 23:10:17 +02:00			`$validated = $request->validated();`
Make the accounts sortable and persist new order. Deactivate Pull-to-refresh feature to prevent side effects 2020-03-27 22:36:01 +01:00
Move TwoFAccounts order saving to business service 2021-09-18 12:31:24 +02:00			`$this->twofaccountService->saveOrder($validated['orderedIds']);`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00
			`return response()->json(['message' => 'order saved'], 200);`
			`}`
Make the accounts sortable and persist new order. Deactivate Pull-to-refresh feature to prevent side effects 2020-03-27 22:36:01 +01:00
Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00
			`/**`
			`* Preview account using an uri, without any db moves`
			`*`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* @param \App\Http\Requests\TwoFAccountUriRequest $request`
			`*`
			`* @return \App\Http\Resources\TwoFAccountStoreResource`
Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00			`*/`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`public function preview(TwoFAccountUriRequest $request)`
Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$twofaccount = $this->twofaccountService->createFromUri($request->uri, $saveToDB = false);`
Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`return new TwoFAccountStoreResource($twofaccount);`
Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00			`}`


TOTP integration 2019-05-26 16:42:09 +02:00			`/**`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* Get a One-Time Password`
TOTP integration 2019-05-26 16:42:09 +02:00			`*`
New creation process for a better UX 2020-02-04 17:06:11 +01:00			`* @param \Illuminate\Http\Request $request`
TOTP integration 2019-05-26 16:42:09 +02:00			`* @return \Illuminate\Http\Response`
			`*/`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`public function otp(Request $request, $id = null)`
TOTP integration 2019-05-26 16:42:09 +02:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$inputs = $request->all();`
Move token generation from dedicated class to TwoFAccount model class 2020-11-14 18:55:10 +01:00
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`// The request input is the ID of an existing account`
			`if ( $id ) {`
			`$otp = $this->twofaccountService->getOTP((int) $id);`
New creation process for a better UX 2020-02-04 17:06:11 +01:00			`}`
Move token generation from dedicated class to TwoFAccount model class 2020-11-14 18:55:10 +01:00
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`// The request input is an uri`
			`else if ( count($inputs) === 1 && $request->has('uri') ) {`
			`$validatedData = $request->validate((new TwoFAccountUriRequest)->rules());`
			`$otp = $this->twofaccountService->getOTP($validatedData['uri']);`
Convert the standard Create form to an advanced form 2020-11-13 15:45:17 +01:00			`}`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00
			`else if ( count($inputs) > 1 && $request->has('uri')) {`
			`return response()->json([`
			`'message' => 'bad request',`
			`'reason' => ['uri' => __('validation.single', ['attribute' => 'uri'])]`
			`], 400);`
Move token generation from dedicated class to TwoFAccount model class 2020-11-14 18:55:10 +01:00			`}`

Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`// The request inputs should define an account`
Return only essentials attributes when a token is requested to back-end 2020-11-21 21:46:31 +01:00			`else {`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$validatedData = $request->validate((new TwoFAccountStoreRequest)->rules());`
			`$otp = $this->twofaccountService->getOTP($validatedData);`
New creation process for a better UX 2020-02-04 17:06:11 +01:00			`}`

Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`return response()->json($otp, 200);`
initial commit 2019-05-20 07:37:41 +02:00			`}`

Account refactored and better json responses 2019-05-24 14:44:41 +02:00
Define accountCount internally instead of as a props 2020-11-21 19:41:36 +01:00			`/**`
			`* A simple and light method to get the account count.`
			`*`
			`* @param \App\TwoFAccount $twofaccount`
			`* @return \Illuminate\Http\Response`
			`*/`
			`public function count(Request $request)`
			`{`
			`return response()->json([ 'count' => TwoFAccount::count() ], 200);`
			`}`


initial commit 2019-05-20 07:37:41 +02:00			`/**`
			`* Remove the specified resource from storage.`
			`*`
Account refactored and better json responses 2019-05-24 14:44:41 +02:00			`* @param \App\TwoFAccount $twofaccount`
initial commit 2019-05-20 07:37:41 +02:00			`* @return \Illuminate\Http\Response`
			`*/`
Rework the Delete feature to support batch-delete 2020-01-31 23:05:06 +01:00			`public function destroy(TwoFAccount $twofaccount)`
initial commit 2019-05-20 07:37:41 +02:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$this->twofaccountService->delete($twofaccount->id);`
Handle missing 2FAccount when deleting 2020-01-10 00:22:45 +01:00
Rework the Delete feature to support batch-delete 2020-01-31 23:05:06 +01:00			`return response()->json(null, 204);`
			`}`
Handle missing 2FAccount when deleting 2020-01-10 00:22:45 +01:00
Account refactored and better json responses 2019-05-24 14:44:41 +02:00
Rework the Delete feature to support batch-delete 2020-01-31 23:05:06 +01:00			`/**`
			`* Remove the specified resources from storage.`
			`*`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`* @param \App\Http\Requests\TwoFAccountDeleteRequest $request`
Rework the Delete feature to support batch-delete 2020-01-31 23:05:06 +01:00			`* @return \Illuminate\Http\Response`
			`*/`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`public function batchDestroy(TwoFAccountDeleteRequest $request)`
Rework the Delete feature to support batch-delete 2020-01-31 23:05:06 +01:00			`{`
Set controllers to use TwoFAccount business service 2021-09-18 00:00:39 +02:00			`$this->twofaccountService->delete($request->ids);`
Account refactored and better json responses 2019-05-24 14:44:41 +02:00
Remove unnecessary try\|catch 2020-01-26 21:49:39 +01:00			`return response()->json(null, 204);`
Account refactored and better json responses 2019-05-24 14:44:41 +02:00			`}`

initial commit 2019-05-20 07:37:41 +02:00			`}`