2FAuth/app/Extensions/WebauthnCredentialBroker.php

64 lines
1.6 KiB
PHP
Raw Normal View History

<?php
namespace App\Extensions;
use App\Models\WebAuthnAuthenticatable;
2022-11-22 15:15:52 +01:00
use Closure;
use Illuminate\Auth\Passwords\PasswordBroker;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Support\Facades\Log;
class WebauthnCredentialBroker extends PasswordBroker
{
/**
* Send a password reset link to a user.
*/
2022-12-13 12:07:29 +01:00
public function sendResetLink(array $credentials, Closure $callback = null) : string
{
/**
* @var \App\Models\User
*/
$user = $this->getUser($credentials);
2022-12-13 12:07:29 +01:00
if (! $user instanceof WebAuthnAuthenticatable) {
return static::INVALID_USER;
}
if ($this->tokens->recentlyCreatedToken($user)) {
return static::RESET_THROTTLED;
}
$token = $this->tokens->create($user);
if ($callback) {
2022-12-09 10:52:17 +01:00
$callback($user, $token); // @codeCoverageIgnore
} else {
$user->sendWebauthnRecoveryNotification($token);
}
Log::notice(sprintf('Webauthn recovery email sent to user ID #%s', $user->id));
return static::RESET_LINK_SENT;
}
/**
* Reset the password for the given token.
*
* @return \Illuminate\Contracts\Auth\CanResetPassword|string
*/
public function reset(array $credentials, Closure $callback)
{
$user = $this->validateReset($credentials);
2022-12-13 12:07:29 +01:00
if (! $user instanceof CanResetPasswordContract || ! $user instanceof WebAuthnAuthenticatable) {
return $user;
}
$callback($user);
$this->tokens->delete($user);
return static::PASSWORD_RESET;
}
}