Google2FAController.php 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
  1. <?php
  2. namespace App\Http\Controllers\User;
  3. use App\Http\Controllers\Controller;
  4. use Illuminate\Http\Request;
  5. use Illuminate\Support\Facades\Auth;
  6. use League\CommonMark\Inline\Renderer\ImageRenderer;
  7. use PragmaRX\Google2FA\Google2FA;
  8. use BaconQrCode\Renderer\Image\SvgImageBackEnd;
  9. use BaconQrCode\Renderer\RendererStyle\RendererStyle;
  10. use BaconQrCode\Writer;
  11. use App\Models\User;
  12. class Google2FAController extends Controller
  13. {
  14. /**
  15. * 显示双重验证设置页面
  16. *
  17. * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
  18. */
  19. public function index()
  20. {
  21. $user = Auth::user();
  22. $google2fa = new Google2FA();
  23. // 如果用户尚未设置 Google2FA,则生成新的密钥
  24. if (empty($user->google2fa_secret)) {
  25. $user->google2fa_secret = $google2fa->generateSecretKey();
  26. $user->save();
  27. }
  28. // 生成二维码
  29. $qrCodeUrl = $google2fa->getQRCodeUrl(
  30. config('app.name', 'Laravel'),
  31. $user->email,
  32. $user->google2fa_secret
  33. );
  34. // 将二维码 URL 转换为 SVG 图像
  35. $renderer = new ImageRenderer(
  36. new RendererStyle(200),
  37. new SvgImageBackEnd()
  38. );
  39. $writer = new Writer($renderer);
  40. $qrCode = $writer->writeString($qrCodeUrl);
  41. return view('user.2fa.index', [
  42. 'user' => $user,
  43. 'qrCode' => $qrCode,
  44. 'secret' => $user->google2fa_secret,
  45. ]);
  46. }
  47. /**
  48. * 启用双重验证
  49. *
  50. * @param Request $request
  51. * @return \Illuminate\Http\RedirectResponse
  52. */
  53. public function enable(Request $request)
  54. {
  55. $request->validate([
  56. 'code' => 'required|numeric',
  57. ]);
  58. $user = Auth::user();
  59. $google2fa = new Google2FA();
  60. // 验证用户输入的验证码是否正确
  61. $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code);
  62. if ($valid) {
  63. $user->google2fa_enable = true;
  64. $user->save();
  65. return redirect()->route('user.2fa.index')->with('success', '双重验证已成功启用!');
  66. }
  67. return redirect()->route('user.2fa.index')->with('error', '验证码无效,请重试!');
  68. }
  69. /**
  70. * 禁用双重验证
  71. *
  72. * @param Request $request
  73. * @return \Illuminate\Http\RedirectResponse
  74. */
  75. public function disable(Request $request)
  76. {
  77. $request->validate([
  78. 'code' => 'required|numeric',
  79. ]);
  80. $user = Auth::user();
  81. $google2fa = new Google2FA();
  82. // 验证用户输入的验证码是否正确
  83. $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code);
  84. if ($valid) {
  85. $user->google2fa_enable = false;
  86. $user->save();
  87. return redirect()->route('user.2fa.index')->with('success', '双重验证已成功禁用!');
  88. }
  89. return redirect()->route('user.2fa.index')->with('error', '验证码无效,请重试!');
  90. }
  91. /**
  92. * 验证双重验证码
  93. *
  94. * @param Request $request
  95. * @return \Illuminate\Http\RedirectResponse
  96. */
  97. public function verify(Request $request)
  98. {
  99. $request->validate([
  100. 'code' => 'required|numeric',
  101. ]);
  102. // 从会话中获取用户 ID
  103. $userId = session('2fa_user_id');
  104. if (!$userId) {
  105. return redirect()->route('login');
  106. }
  107. $user = User::find($userId);
  108. if (!$user) {
  109. return redirect()->route('login');
  110. }
  111. $google2fa = new Google2FA();
  112. // 验证用户输入的验证码是否正确
  113. $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code);
  114. if ($valid) {
  115. // 将验证状态存储在会话中
  116. session(['2fa_verified' => true]);
  117. // 清除会话中的用户 ID
  118. session()->forget('2fa_user_id');
  119. // 写入登录日志
  120. $controller = new \App\Http\Controllers\AuthController();
  121. $controller->addUserLoginLog($user->id, \App\Components\IP::getClientIp());
  122. // 更新登录信息
  123. $user->update(['last_login' => time()]);
  124. // 登录用户
  125. Auth::login($user);
  126. return redirect()->intended(route('userinfo'));
  127. }
  128. return redirect()->route('user.2fa.verify')->with('error', '验证码无效,请重试!');
  129. }
  130. /**
  131. * 显示验证页面
  132. *
  133. * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
  134. */
  135. public function showVerifyForm()
  136. {
  137. return view('user.2fa.verify');
  138. }
  139. }