From a29eb9b993bfdddfda6bb82d93a0f861fcd938bd Mon Sep 17 00:00:00 2001
From: James Cole <thegrumpydictator@gmail.com>
Date: Sat, 19 Mar 2016 16:22:57 +0100
Subject: [PATCH] This is the controller for two factor authentication. #219

---
 .../Controllers/Auth/TwoFactorController.php  | 79 +++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 app/Http/Controllers/Auth/TwoFactorController.php

diff --git a/app/Http/Controllers/Auth/TwoFactorController.php b/app/Http/Controllers/Auth/TwoFactorController.php
new file mode 100644
index 0000000000..7e0fac9057
--- /dev/null
+++ b/app/Http/Controllers/Auth/TwoFactorController.php
@@ -0,0 +1,79 @@
+<?php
+/**
+ * TwoFactorController.php
+ * Copyright (C) 2016 Sander Dorigo
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace FireflyIII\Http\Controllers\Auth;
+
+use Auth;
+use Carbon\Carbon;
+use FireflyIII\Exceptions\FireflyException;
+use FireflyIII\Http\Controllers\Controller;
+use FireflyIII\Http\Requests\TwoFactorFormRequest;
+use Log;
+use Preferences;
+use Session;
+
+/**
+ * Class TwoFactorController
+ *
+ * @package FireflyIII\Http\Controllers\Auth
+ */
+class TwoFactorController extends Controller
+{
+
+    /**
+     * @return mixed
+     * @throws FireflyException
+     */
+    public function index()
+    {
+        $user = Auth::user();
+
+        // to make sure the validator in the next step gets the secret, we push it in session
+        $secret = Preferences::get('twoFactorAuthSecret', '')->data;
+
+        if (strlen($secret) === 0) {
+            throw new FireflyException('Your two factor authentication secret is empty, which it should be at this point. Please check the log files.');
+        }
+        Session::flash('two-factor-secret', $secret);
+
+        return view('auth.two-factor', compact('user'));
+    }
+
+    /**
+     * @return mixed
+     * @throws FireflyException
+     */
+    public function lostTwoFactor()
+    {
+        $user      = Auth::user();
+        $siteOwner = env('SITE_OWNER', '');
+
+        Log::info(
+            'To reset the two factor authentication for user #' . $user->id .
+            ' (' . $user->email . '), simply open the "preferences" table and delete the entries with the names "twoFactorAuthEnabled" and' .
+            ' "twoFactorAuthSecret" for user_id ' . $user->id.'. That will take care of it.'
+        );
+
+        return view('auth.lost-two-factor', compact('user', 'siteOwner'));
+    }
+
+    /**
+     * @param TwoFactorFormRequest $request
+     *
+     * @return mixed
+     */
+    public function postIndex(TwoFactorFormRequest $request)
+    {
+        Session::put('twofactor-authenticated', true);
+        Session::put('twofactor-authenticated-date', new Carbon);
+
+        return redirect(route('home'));
+    }
+
+}
\ No newline at end of file