- aded npm packages @types/qrcode, qrcode and node-f2a

- corrected UsersController.ts and RoleController.ts with correct routes for settings - added migration script and ui and Controller for 2 Factor Authentication - npm updates
2023-12-29 15:54:49 +01:00 · 2023-12-29 15:54:49 +01:00 · c70fa4a0d8
commit c70fa4a0d8
parent 87e9314b00
16 changed files with 1098 additions and 417 deletions
--- a/app/Controllers/Http/Auth/UserController.ts
+++ b/app/Controllers/Http/Auth/UserController.ts
@ -0,0 +1,78 @@
+import type { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
+import User from 'App/Models/User';
+// import Hash from '@ioc:Adonis/Core/Hash';
+// import InvalidCredentialException from 'App/Exceptions/InvalidCredentialException';
+// import AuthValidator from 'App/Validators/AuthValidator';
+import { RenderResponse } from '@ioc:EidelLev/Inertia';
+import TwoFactorAuthProvider from 'App/Services/TwoFactorAuthProvider';
+
+// Here we are generating secret and recovery codes for the user that’s enabling 2FA and storing them to our database.
+export default class UserController {
+    /**
+     * Show the user a form to change their personal information & password.
+     *
+     * @return — \Inertia\Response
+     */
+    public async accountInfo({ inertia, auth }: HttpContextContract): RenderResponse {
+        // const user = auth.user;
+        const user = (await User.find(auth.user?.id)) as User;
+        // const id = request.param('id');
+        // const user = await User.query().where('id', id).firstOrFail();
+
+        return inertia.render('Auth/AccountInfo', {
+            user: user,
+            twoFactorEnabled: user.isTwoFactorEnabled,
+            code: await TwoFactorAuthProvider.generateQrCode(user),
+        });
+    }
+
+    public async enableTwoFactorAuthentication({ auth, response, session }: HttpContextContract): Promise<void> {
+        // const user: User | undefined = auth?.user;
+        const user = (await User.find(auth.user?.id)) as User;
+
+        user.twoFactorSecret = TwoFactorAuthProvider.generateSecret(user);
+        user.twoFactorRecoveryCodes = await TwoFactorAuthProvider.generateRecoveryCodes();
+        await user.save();
+
+        session.flash('message', 'Two factor authentication enabled.');
+        return response.redirect().back();
+        // return inertia.render('Auth/AccountInfo', {
+        //     // status: {
+        //     //     type: 'success',
+        //     //     message: 'Two factor authentication enabled.',
+        //     // },
+        //     user: user,
+        //     twoFactorEnabled: user.isTwoFactorEnabled,
+        //     code: await TwoFactorAuthProvider.generateQrCode(user),
+        //     recoveryCodes: user.twoFactorRecoveryCodes,
+        // });
+    }
+
+    public async disableTwoFactorAuthentication({ auth, response, session }): Promise<void> {
+        const user = auth?.user;
+
+        user.twoFactorSecret = null;
+        user.twoFactorRecoveryCodes = null;
+        await user.save();
+
+        session.flash('message', 'Two factor authentication disabled.');
+        return response.redirect().back();
+        // return inertia.render('Auth/AccountInfo', {
+        //     // status: {
+        //     //     type: 'success',
+        //     //     message: 'Two factor authentication disabled.',
+        //     // },
+        //     user: user,
+        //     twoFactorEnabled: user.isTwoFactorEnabled,
+        // });
+    }
+
+    // public async fetchRecoveryCodes({ auth, view }) {
+    //     const user = auth?.user;
+
+    //     return view.render('pages/settings', {
+    //         twoFactorEnabled: user.isTwoFactorEnabled,
+    //         recoveryCodes: user.twoFactorRecoveryCodes,
+    //     });
+    // }
+}