123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174 |
- <?php
- namespace App\Http\Controllers\User;
- use App\Http\Controllers\Controller;
- use Illuminate\Http\Request;
- use Illuminate\Support\Facades\Auth;
- use League\CommonMark\Inline\Renderer\ImageRenderer;
- use PragmaRX\Google2FA\Google2FA;
- use BaconQrCode\Renderer\Image\SvgImageBackEnd;
- use BaconQrCode\Renderer\RendererStyle\RendererStyle;
- use BaconQrCode\Writer;
- use App\Models\User;
- class Google2FAController extends Controller
- {
- /**
- * 显示双重验证设置页面
- *
- * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
- */
- public function index()
- {
- $user = Auth::user();
- $google2fa = new Google2FA();
- // 如果用户尚未设置 Google2FA,则生成新的密钥
- if (empty($user->google2fa_secret)) {
- $user->google2fa_secret = $google2fa->generateSecretKey();
- $user->save();
- }
- // 生成二维码
- $qrCodeUrl = $google2fa->getQRCodeUrl(
- config('app.name', 'Laravel'),
- $user->email,
- $user->google2fa_secret
- );
- // 将二维码 URL 转换为 SVG 图像
- $renderer = new ImageRenderer(
- new RendererStyle(200),
- new SvgImageBackEnd()
- );
- $writer = new Writer($renderer);
- $qrCode = $writer->writeString($qrCodeUrl);
- return view('user.2fa.index', [
- 'user' => $user,
- 'qrCode' => $qrCode,
- 'secret' => $user->google2fa_secret,
- ]);
- }
- /**
- * 启用双重验证
- *
- * @param Request $request
- * @return \Illuminate\Http\RedirectResponse
- */
- public function enable(Request $request)
- {
- $request->validate([
- 'code' => 'required|numeric',
- ]);
- $user = Auth::user();
- $google2fa = new Google2FA();
- // 验证用户输入的验证码是否正确
- $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code);
- if ($valid) {
- $user->google2fa_enable = true;
- $user->save();
- return redirect()->route('user.2fa.index')->with('success', '双重验证已成功启用!');
- }
- return redirect()->route('user.2fa.index')->with('error', '验证码无效,请重试!');
- }
- /**
- * 禁用双重验证
- *
- * @param Request $request
- * @return \Illuminate\Http\RedirectResponse
- */
- public function disable(Request $request)
- {
- $request->validate([
- 'code' => 'required|numeric',
- ]);
- $user = Auth::user();
- $google2fa = new Google2FA();
- // 验证用户输入的验证码是否正确
- $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code);
- if ($valid) {
- $user->google2fa_enable = false;
- $user->save();
- return redirect()->route('user.2fa.index')->with('success', '双重验证已成功禁用!');
- }
- return redirect()->route('user.2fa.index')->with('error', '验证码无效,请重试!');
- }
- /**
- * 验证双重验证码
- *
- * @param Request $request
- * @return \Illuminate\Http\RedirectResponse
- */
- public function verify(Request $request)
- {
- $request->validate([
- 'code' => 'required|numeric',
- ]);
- // 从会话中获取用户 ID
- $userId = session('2fa_user_id');
- if (!$userId) {
- return redirect()->route('login');
- }
- $user = User::find($userId);
- if (!$user) {
- return redirect()->route('login');
- }
- $google2fa = new Google2FA();
- // 验证用户输入的验证码是否正确
- $valid = $google2fa->verifyKey($user->google2fa_secret, $request->code);
- if ($valid) {
- // 将验证状态存储在会话中
- session(['2fa_verified' => true]);
- // 清除会话中的用户 ID
- session()->forget('2fa_user_id');
- // 写入登录日志
- $controller = new \App\Http\Controllers\AuthController();
- $controller->addUserLoginLog($user->id, \App\Components\IP::getClientIp());
- // 更新登录信息
- $user->update(['last_login' => time()]);
- // 登录用户
- Auth::login($user);
- return redirect()->intended(route('userinfo'));
- }
- return redirect()->route('user.2fa.verify')->with('error', '验证码无效,请重试!');
- }
- /**
- * 显示验证页面
- *
- * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
- */
- public function showVerifyForm()
- {
- return view('user.2fa.verify');
- }
- }
|