Skip to content

Commit

Permalink
Merge pull request #289 from liberu-billing/sweep/Implement-Two-Facto…
Browse files Browse the repository at this point in the history
…r-Authentication-2FA-with-Enhanced-Security

Implement Two-Factor Authentication (2FA) with Enhanced Security
  • Loading branch information
curtisdelicata authored Dec 24, 2024
2 parents 2c7138f + 982b00a commit f6f69e5
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 1 deletion.
1 change: 1 addition & 0 deletions app/Http/Kernel.php
Original file line number Diff line number Diff line change
Expand Up @@ -64,5 +64,6 @@ class Kernel extends HttpKernel
'signed' => \App\Http\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'2fa' => \App\Http\Middleware\RequireTwoFactorEnabled::class,
];
}
27 changes: 27 additions & 0 deletions app/Http/Middleware/RequireTwoFactorEnabled.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@


<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

class RequireTwoFactorEnabled
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
if (!$request->user() || !$request->user()->two_factor_secret) {
return redirect()->route('profile.show')
->with('error', 'Two-factor authentication must be enabled to access this area.');
}

return $next($request);
}
}
3 changes: 2 additions & 1 deletion config/fortify.php
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,8 @@
Features::twoFactorAuthentication([
'confirm' => true,
'confirmPassword' => true,
// 'window' => 0,
'enforced' => true,
'window' => 0,
]),
],

Expand Down
1 change: 1 addition & 0 deletions config/jetstream.php
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@
// Features::api(),
Features::teams(['invitations' => true]),
Features::accountDeletion(),
Features::twoFactorAuthentication(),
],

/*
Expand Down
14 changes: 14 additions & 0 deletions routes/web.php
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,17 @@
->name('team-invitations.accept');

require __DIR__.'/socialstream.php';


<?php

use Illuminate\Support\Facades\Route;

Route::middleware(['auth', '2fa'])->prefix('admin')->group(function () {
// Admin routes go here
Route::get('/dashboard', function () {
return view('admin.dashboard');
})->name('admin.dashboard');
});

require __DIR__.'/auth.php';

0 comments on commit f6f69e5

Please sign in to comment.