2FAuth/app/Http/Controllers/Auth/WebAuthnRegisterController.php
2023-03-26 17:13:32 +02:00

47 lines
1.6 KiB
PHP

<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Contracts\Support\Responsable;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Log;
use Laragear\WebAuthn\Http\Requests\AttestationRequest;
use Laragear\WebAuthn\Http\Requests\AttestedRequest;
use Laragear\WebAuthn\WebAuthn;
class WebAuthnRegisterController extends Controller
{
/**
* Returns a challenge to be verified by the user device.
*/
public function options(AttestationRequest $request) : Responsable
{
switch (config('webauthn.user_verification')) {
case WebAuthn::USER_VERIFICATION_DISCOURAGED:
$request = $request->fastRegistration(); // Makes the authenticator to only check for user presence on registration
break;
case WebAuthn::USER_VERIFICATION_REQUIRED:
$request = $request->secureRegistration(); // Makes the authenticator to always verify the user thoroughly on registration
break;
}
return $request
// ->allowDuplicates() // Allows the device to create multiple credentials for the same user for this app
// ->userless() // Tells the authenticator use this credential to login instantly, instead of asking for one
->toCreate();
}
/**
* Registers a device for further WebAuthn authentication.
*/
public function register(AttestedRequest $request) : Response
{
$request->save();
Log::info(sprintf('User ID #%s registered a new security device', $request->user()->id));
return response()->noContent();
}
}