google2fa_secret)) { $user->google2fa_secret = $google2fa->generateSecretKey(); $user->save(); } // 生成二维码 $qrCodeUrl = $google2fa->getQRCodeUrl( config('app.name', 'Laravel'), $user->email, $user->google2fa_secret ); // 将二维码 URL 转换为 SVG 图像 $renderer = new ImageRenderer( new RendererStyle(200), new SvgImageBackEnd() ); $writer = new Writer($renderer); $qrCode = $writer->writeString($qrCodeUrl); return view('user.2fa.index', [ 'user' => $user, 'qrCode' => $qrCode, 'secret' => $user->google2fa_secret, ]); } /** * 启用双重验证 * * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function enable(Request $request) { $request->validate([ 'code' => 'required|numeric', ]); $user = Auth::user(); $google2fa = new Google2FA(); // 验证用户输入的验证码是否正确 $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code); if ($valid) { $user->google2fa_enable = true; $user->save(); return redirect()->route('user.2fa.index')->with('success', '双重验证已成功启用!'); } return redirect()->route('user.2fa.index')->with('error', '验证码无效,请重试!'); } /** * 禁用双重验证 * * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function disable(Request $request) { $request->validate([ 'code' => 'required|numeric', ]); $user = Auth::user(); $google2fa = new Google2FA(); // 验证用户输入的验证码是否正确 $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code); if ($valid) { $user->google2fa_enable = false; $user->save(); return redirect()->route('user.2fa.index')->with('success', '双重验证已成功禁用!'); } return redirect()->route('user.2fa.index')->with('error', '验证码无效,请重试!'); } /** * 验证双重验证码 * * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function verify(Request $request) { $request->validate([ 'code' => 'required|numeric', ]); // 从会话中获取用户 ID $userId = session('2fa_user_id'); if (!$userId) { return redirect()->route('login'); } $user = User::find($userId); if (!$user) { return redirect()->route('login'); } $google2fa = new Google2FA(); // 验证用户输入的验证码是否正确 $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code); if ($valid) { // 将验证状态存储在会话中 session(['2fa_verified' => true]); // 清除会话中的用户 ID session()->forget('2fa_user_id'); // 写入登录日志 $controller = new \App\Http\Controllers\AuthController(); $controller->addUserLoginLog($user->id, \App\Components\IP::getClientIp()); // 更新登录信息 $user->update(['last_login' => time()]); // 登录用户 Auth::login($user); return redirect()->intended(route('userinfo')); } return redirect()->route('user.2fa.verify')->with('error', '验证码无效,请重试!'); } /** * 显示验证页面 * * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function showVerifyForm() { return view('user.2fa.verify'); } }