2FAuth/app/Http/Controllers/Auth/WebAuthnManageController.php

67 lines
1.9 KiB
PHP
Raw Normal View History

2022-03-15 14:47:07 +01:00
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Http\Requests\WebauthnRenameRequest;
2022-11-22 15:15:52 +01:00
use Illuminate\Http\Request;
2022-10-18 17:34:56 +02:00
use Illuminate\Support\Facades\Log;
2022-03-15 14:47:07 +01:00
class WebAuthnManageController extends Controller
2022-11-22 15:15:52 +01:00
{
2022-03-15 14:47:07 +01:00
/**
* List all WebAuthn registered credentials
2022-11-22 15:15:52 +01:00
*
* @return \Illuminate\Http\JsonResponse
2022-03-15 14:47:07 +01:00
*/
public function index(Request $request)
{
$allUserCredentials = $request->user()->webAuthnCredentials()->WhereEnabled()->get();
2022-03-15 14:47:07 +01:00
return response()->json($allUserCredentials, 200);
}
/**
* Rename a WebAuthn credential
2022-11-22 15:15:52 +01:00
*
2022-03-15 14:47:07 +01:00
* @return \Illuminate\Http\JsonResponse
*/
public function rename(WebauthnRenameRequest $request, string $credential)
{
$validated = $request->validated();
abort_if(! $request->user()->renameCredential($credential, $validated['name']), 404);
2022-03-15 14:47:07 +01:00
return response()->json([
2022-11-22 15:15:52 +01:00
'name' => $validated['name'],
], 200);
2022-03-15 14:47:07 +01:00
}
/**
* Remove the specified credential from storage.
2022-11-22 15:15:52 +01:00
*
* @param string|array $credential
2022-03-15 14:47:07 +01:00
* @return \Illuminate\Http\JsonResponse
*/
public function delete(Request $request, $credential)
{
2022-10-18 17:34:56 +02:00
Log::info('Deletion of security device requested');
2022-03-15 14:47:07 +01:00
$user = $request->user();
$user->flushCredential($credential);
2022-03-15 14:47:07 +01:00
// Webauthn user options need to be reset to prevent impossible login when
// no more registered device exists.
// See #110
if (blank($user->webAuthnCredentials()->WhereEnabled()->get())) {
$request->user()->preferences['useWebauthnOnly'] = false;
$request->user()->save();
Log::notice(sprintf('No more Webauthn credential for user ID #%s, user Webauthn options reset to default', $user->id));
}
2023-03-26 17:13:32 +02:00
Log::info(sprintf('User ID #%s revoked a security device', $user->id));
2022-10-18 17:34:56 +02:00
2022-03-15 14:47:07 +01:00
return response()->json(null, 204);
}
2022-11-22 15:15:52 +01:00
}