extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-06-20 19:57:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move some TwoFAccount validations to Form Requests

Browse Source
This commit is contained in:
Bubka 2021-09-07 23:10:17 +02:00
parent 3036e534e7
commit f3adb0b5dd
4 changed files with 132 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
app/Http/Controllers/TwoFAccountController.php
View File

@ -5,6 +5,9 @@ namespace App\Http\Controllers;
use App\Group; use App\Group;
use App\TwoFAccount; use App\TwoFAccount;
use App\Classes\Options; use App\Classes\Options;
use App\Http\Requests\TwoFAccountReorderRequest;
use App\Http\Requests\TwoFAccountStoreRequest;
use App\Http\Requests\TwoFAccountEditRequest;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage; use Illuminate\Support\Facades\Storage;
@ -25,27 +28,13 @@ class TwoFAccountController extends Controller
/** /**
* Store a newly created resource in storage. * Store a newly created resource in storage.
* *
* @param \Illuminate\Http\Request $request * @param \App\Http\Requests\TwoFAccountStoreRequest $request
* @return \Illuminate\Http\Response * @return \Illuminate\Http\Response
*/ */
public function store(Request $request) public function store(TwoFAccountStoreRequest $request)
{ {
// see https://github.com/google/google-authenticator/wiki/Key-Uri-Format $validated = $request->validated();
// for otpauth uri format validation
$this->validate($request, [
'service' => 'required|string',
'account' => 'required_without:uri|nullable|string|regex:/^[^:]+$/i',
'icon' => 'nullable|string',
'uri' => 'nullable|string|regex:/^otpauth:\/\/[h,t]otp\//i',
'otpType' => 'required_without:uri|in:totp,hotp',
'secret' => 'required_without:uri|string',
'digits' => 'nullable|integer|between:6,10',
'algorithm' => 'nullable|in:sha1,sha256,sha512,md5',
'totpPeriod' => 'nullable|integer|min:1',
'hotpCounter' => 'nullable|integer|min:0',
]);
// Two possible cases : // Two possible cases :
// - The most common case, the uri is provided by the QuickForm, thanks to a QR code live scan or file upload // - The most common case, the uri is provided by the QuickForm, thanks to a QR code live scan or file upload
@ -53,9 +42,9 @@ class TwoFAccountController extends Controller
// - The advanced form has been used and provide no uri but all individual parameters // - The advanced form has been used and provide no uri but all individual parameters
// -> We use the parameters array to populate the account // -> We use the parameters array to populate the account
$twofaccount = new TwoFAccount; $twofaccount = new TwoFAccount;
$twofaccount->service = $request->service; $twofaccount->service = $validated['service'];
$twofaccount->account = $request->account; $twofaccount->account = $validated['account'];
$twofaccount->icon = $request->icon; $twofaccount->icon = $validated['icon'];
if( $request->uri ) { if( $request->uri ) {
$twofaccount->uri = $request->uri; $twofaccount->uri = $request->uri;
@ -109,12 +98,12 @@ class TwoFAccountController extends Controller
/** /**
* Save new order. * Save new order.
* *
* @param \App\TwoFAccount $twofaccount * @param App\Http\Requests\TwoFAccountReorderRequest $request
* @return \Illuminate\Http\Response * @return \Illuminate\Http\Response
*/ */
public function reorder(Request $request) public function reorder(TwoFAccountReorderRequest $request)
{ {
TwoFAccount::setNewOrder($request->orderedIds); $validated = $request->validated();
return response()->json('order saved', 200); return response()->json('order saved', 200);
} }
@ -228,25 +217,14 @@ class TwoFAccountController extends Controller
/** /**
* Update the specified resource in storage. * Update the specified resource in storage.
* *
* @param \Illuminate\Http\Request $request * @param \App\Http\TwoFAccountEditRequest $request
* @param \App\TwoFAccount $twofaccount * @param \App\TwoFAccount $twofaccount
* @return \Illuminate\Http\Response * @return \Illuminate\Http\Response
*/ */
public function update(Request $request, $id) public function update(TwoFAccountEditRequest $request, $id)
{ {
$this->validate($request, [ $validated = $request->validated();
'service' => 'required|string',
'account' => 'required_without:uri|nullable|string|regex:/^[^:]+$/i',
'icon' => 'nullable|string',
'uri' => 'nullable|string|regex:/^otpauth:\/\/[h,t]otp\//i',
'otpType' => 'required_without:uri|in:totp,hotp',
'secret' => 'required_without:uri|string',
'digits' => 'nullable|integer|between:6,10',
'algorithm' => 'nullable|in:sha1,sha256,sha512,md5',
'totpPeriod' => 'required_if:otpType,totp|nullable|integer|min:1',
'hotpCounter' => 'required_if:otpType,hotp|nullable|integer|min:0',
]);
// Here we catch a possible missing model exception in order to // Here we catch a possible missing model exception in order to
// delete orphan submited icon // delete orphan submited icon
@ -256,14 +234,14 @@ class TwoFAccountController extends Controller
} catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) { } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
if( $request->icon ) { if( $validated['icon'] ) {
Storage::delete('public/icons/' . $request->icon); Storage::delete('public/icons/' . $validated['icon']);
} }
throw $e; throw $e;
} }
$twofaccount->populate($request->all()); $twofaccount->populate($validated);
$twofaccount->save(); $twofaccount->save();
return response()->json($twofaccount, 200); return response()->json($twofaccount, 200);

42
app/Http/Requests/TwoFAccountEditRequest.php Normal file
View File

@ -0,0 +1,42 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class TwoFAccountEditRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return false;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
// see https://github.com/google/google-authenticator/wiki/Key-Uri-Format
// for otpauth uri format validation
return [
'service' => 'required_without:uri|string',
'account' => 'required_without:uri|nullable|string|regex:/^[^:]+$/i',
'icon' => 'nullable|string',
'uri' => 'nullable|string|regex:/^otpauth:\/\/[h,t]otp\//i',
'otpType' => 'required_without:uri|in:totp,hotp',
'secret' => 'required_without:uri|string',
'digits' => 'nullable|integer|between:6,10',
'algorithm' => 'nullable|in:sha1,sha256,sha512,md5',
'period' => 'required_if:otpType,totp|nullable|integer|min:1',
'counter' => 'required_if:otpType,hotp|nullable|integer|min:0',
];
}
}

30
app/Http/Requests/TwoFAccountReorderRequest.php Normal file
View File

@ -0,0 +1,30 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class TwoFAccountReorderRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'orderedIds' => 'required|array',
];
}
}

42
app/Http/Requests/TwoFAccountStoreRequest.php Normal file
View File

@ -0,0 +1,42 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class TwoFAccountStoreRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
// see https://github.com/google/google-authenticator/wiki/Key-Uri-Format
// for otpauth uri format validation
return [
'service' => 'required_without:uri|string',
'account' => 'required_without:uri|nullable|string|regex:/^[^:]+$/i',
'icon' => 'nullable|string',
'uri' => 'nullable|string|regex:/^otpauth:\/\/[h,t]otp\//i',
'otpType' => 'required_without:uri|in:totp,hotp',
'secret' => 'required_without:uri|string',
'digits' => 'nullable|integer|between:6,10',
'algorithm' => 'nullable|in:sha1,sha256,sha512,md5',
'period' => 'nullable|integer|min:1',
'counter' => 'nullable|integer|min:0',
];
}
}