Merge pull request #4 from LifeOnScreen/development

v0.0.5
LifeOnScreen · Oct 22, 2018 · e18a241 · e18a241
2 parents 85bdafb + 656501d
commit e18a241
Show file tree

Hide file tree

Showing 4 changed files with 96 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -1,3 +1,7 @@
+## LifeOnScreen/nova-google2fa
+
+This package enforces 2FA for Laravel Nova.
+
 ## Installation
 
 Install via composer
@@ -45,6 +49,47 @@ Add middleware to `nova.config`.
 ]
 ```
 
+## Config
+
+```php
+return [
+    /**
+     * Disable or enable middleware.
+     */
+    'enabled' => env('GOOGLE_2FA_ENABLED', true),
+
+    'models' => [
+        /**
+         * Change this variable to your User model.
+         */
+        'user' => 'App\User',
+    ],
+    'tables' => [
+        /**
+         * Table in witch users are stored.
+         */
+        'user' => 'users',
+    ],
+
+    'recovery_codes' => [
+        /**
+         * Number of recovery codes that will be generated.
+         */
+        'count'          => 8,
+
+        /**
+         * Number of blocks in each recovery code.
+         */
+        'blocks'         => 3,
+
+        /**
+         * Number of characters in each block in recovery code.
+         */
+        'chars_in_block' => 16,
+    ],
+];
+```
+
 ## Security
 
 If you discover any security-related issues, please email the author instead of using the issue tracker.

diff --git a/config/lifeonscreen2fa.php b/config/lifeonscreen2fa.php
@@ -1,10 +1,38 @@
 <?php
 
 return [
+    /**
+     * Disable or enable middleware.
+     */
+    'enabled' => env('GOOGLE_2FA_ENABLED', true),
+
     'models' => [
+        /**
+         * Change this variable to your User model.
+         */
         'user' => 'App\User',
     ],
     'tables' => [
+        /**
+         * Table in witch users are stored.
+         */
         'user' => 'users',
     ],
+
+    'recovery_codes' => [
+        /**
+         * Number of recovery codes that will be generated.
+         */
+        'count'          => 8,
+
+        /**
+         * Number of blocks in each recovery code.
+         */
+        'blocks'         => 3,
+
+        /**
+         * Number of characters in each block in recovery code.
+         */
+        'chars_in_block' => 16,
+    ],
 ];
diff --git a/src/Google2fa.php b/src/Google2fa.php
@@ -20,15 +20,8 @@ public function boot()
     }
 
     /**
-     * Build the view that renders the navigation links for the tool.
-     *
-     * @return \Illuminate\View\View
+     * @return bool
      */
-    public function renderNavigation()
-    {
-        return view('google2fa::navigation');
-    }
-
     protected function is2FAValid()
     {
         $secret = Request::get('secret');
@@ -42,6 +35,10 @@ protected function is2FAValid()
         return $google2fa->verifyKey(auth()->user()->user2fa->google2fa_secret, $secret);
     }
 
+    /**
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\View\View
+     * @throws \PragmaRX\Google2FA\Exceptions\InsecureCallException
+     */
     public function confirm()
     {
         if ($this->is2FAValid()) {
@@ -68,6 +65,10 @@ public function confirm()
         return view('google2fa::register', $data);
     }
 
+    /**
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+     * @throws \PragmaRX\Google2FA\Exceptions\InsecureCallException
+     */
     public function register()
     {
         $google2fa = new G2fa();
@@ -85,6 +86,9 @@ public function register()
 
     }
 
+    /**
+     * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\View\View
+     */
     public function authenticate()
     {
         if ($recover = Request::get('recover')) {
@@ -97,10 +101,10 @@ public function authenticate()
             $google2fa = new G2fa();
             $recovery = new Recovery();
             $secretKey = $google2fa->generateSecretKey();
-            $data['recovery'] = $recovery = $recovery
-                ->setCount(8)
-                ->setBlocks(3)
-                ->setChars(16)
+            $data['recovery'] = $recovery
+                ->setCount(config('lifeonscreen2fa.recovery_codes.count'))
+                ->setBlocks(config('lifeonscreen2fa.recovery_codes.blocks'))
+                ->setChars(config('lifeonscreen2fa.recovery_codes.chars_in_block'))
                 ->toArray();
 
             User2fa::where('user_id', auth()->user()->id)->delete();

diff --git a/src/Http/Middleware/Google2fa.php b/src/Http/Middleware/Google2fa.php
@@ -24,6 +24,9 @@ class Google2fa
      */
     public function handle($request, Closure $next)
     {
+        if (!config('lifeonscreen2fa.enabled')) {
+            return $next($request);
+        }
         if ($request->path() === 'los/2fa/confirm' || $request->path() === 'los/2fa/authenticate'
             || $request->path() === 'los/2fa/register') {
             return $next($request);
@@ -37,10 +40,10 @@ public function handle($request, Closure $next)
             $google2fa = new G2fa();
             $recovery = new Recovery();
             $secretKey = $google2fa->generateSecretKey();
-            $data['recovery'] = $recovery = $recovery
-                ->setCount(8)
-                ->setBlocks(3)
-                ->setChars(16)
+            $data['recovery'] = $recovery
+                ->setCount(config('lifeonscreen2fa.recovery_codes.count'))
+                ->setBlocks(config('lifeonscreen2fa.recovery_codes.blocks'))
+                ->setChars(config('lifeonscreen2fa.recovery_codes.chars_in_block'))
                 ->toArray();
 
             User2fa::where('user_id', auth()->user()->id)->delete();