2022-11-14 17:13:24 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Extensions;
|
|
|
|
|
|
|
|
use App\Models\WebAuthnAuthenticatable;
|
2022-11-22 15:15:52 +01:00
|
|
|
use Closure;
|
2022-11-14 17:13:24 +01:00
|
|
|
use Illuminate\Auth\Passwords\PasswordBroker;
|
|
|
|
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
|
2023-03-16 13:25:43 +01:00
|
|
|
use Illuminate\Support\Facades\Log;
|
2022-11-14 17:13:24 +01:00
|
|
|
|
|
|
|
class WebauthnCredentialBroker extends PasswordBroker
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Send a password reset link to a user.
|
|
|
|
*/
|
2022-12-13 12:07:29 +01:00
|
|
|
public function sendResetLink(array $credentials, Closure $callback = null) : string
|
2022-11-14 17:13:24 +01:00
|
|
|
{
|
2023-03-16 13:25:43 +01:00
|
|
|
/**
|
|
|
|
* @var \App\Models\User
|
|
|
|
*/
|
2022-11-14 17:13:24 +01:00
|
|
|
$user = $this->getUser($credentials);
|
|
|
|
|
2022-12-13 12:07:29 +01:00
|
|
|
if (! $user instanceof WebAuthnAuthenticatable) {
|
2022-11-14 17:13:24 +01:00
|
|
|
return static::INVALID_USER;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($this->tokens->recentlyCreatedToken($user)) {
|
|
|
|
return static::RESET_THROTTLED;
|
|
|
|
}
|
|
|
|
|
|
|
|
$token = $this->tokens->create($user);
|
|
|
|
|
|
|
|
if ($callback) {
|
2022-12-09 10:52:17 +01:00
|
|
|
$callback($user, $token); // @codeCoverageIgnore
|
2022-11-14 17:13:24 +01:00
|
|
|
} else {
|
|
|
|
$user->sendWebauthnRecoveryNotification($token);
|
|
|
|
}
|
|
|
|
|
2023-03-16 13:25:43 +01:00
|
|
|
Log::notice(sprintf('Webauthn recovery email sent to user ID #%s', $user->id));
|
|
|
|
|
2022-11-14 17:13:24 +01:00
|
|
|
return static::RESET_LINK_SENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Reset the password for the given token.
|
|
|
|
*
|
|
|
|
* @return \Illuminate\Contracts\Auth\CanResetPassword|string
|
|
|
|
*/
|
|
|
|
public function reset(array $credentials, Closure $callback)
|
|
|
|
{
|
|
|
|
$user = $this->validateReset($credentials);
|
|
|
|
|
2022-12-13 12:07:29 +01:00
|
|
|
if (! $user instanceof CanResetPasswordContract || ! $user instanceof WebAuthnAuthenticatable) {
|
2022-11-14 17:13:24 +01:00
|
|
|
return $user;
|
|
|
|
}
|
|
|
|
|
|
|
|
$callback($user);
|
|
|
|
|
|
|
|
$this->tokens->delete($user);
|
|
|
|
|
|
|
|
return static::PASSWORD_RESET;
|
|
|
|
}
|
|
|
|
}
|