diff --git a/cp/app/Controllers/ProfileController.php b/cp/app/Controllers/ProfileController.php index 51d5e3e..e212b5a 100644 --- a/cp/app/Controllers/ProfileController.php +++ b/cp/app/Controllers/ProfileController.php @@ -27,5 +27,38 @@ class ProfileController extends Controller return view($response,'admin/profile/profile.twig',['email' => $email, 'username' => $username, 'status' => $status, 'role' => $role]); } + + public function getRegistrationChallenge(Request $request, Response $response) + { + $user = $request->getAttribute('user'); // Assuming you have the user info + $username = $user->getUsername(); // Replace with your method to get the username + $userEmail = $user->getEmail(); // Replace with your method to get the user's email + + $challenge = $this->webAuthn->prepareChallengeForRegistration($username, $userEmail); + $_SESSION['webauthn_challenge'] = $challenge; // Store the challenge in the session + + $response->getBody()->write(json_encode($challenge)); + return $response->withHeader('Content-Type', 'application/json'); + } + + public function verifyRegistration(Request $request, Response $response) + { + $data = json_decode($request->getBody()->getContents(), true); + + try { + $credential = $this->webAuthn->processCreate($data, $_SESSION['webauthn_challenge']); + unset($_SESSION['webauthn_challenge']); + + // Store the credential data in the database + // $user->addWebAuthnCredential($credential); + + $response->getBody()->write(json_encode(['success' => true])); + return $response->withHeader('Content-Type', 'application/json'); + } catch (\Exception $e) { + // Handle error, return an appropriate response + $response->getBody()->write(json_encode(['error' => $e->getMessage()])); + return $response->withHeader('Content-Type', 'application/json')->withStatus(400); + } + } } \ No newline at end of file diff --git a/cp/composer.json b/cp/composer.json index e8cd907..929e752 100644 --- a/cp/composer.json +++ b/cp/composer.json @@ -35,7 +35,9 @@ "gettext/gettext": "^5.7", "punic/punic": "^3.8", "league/iso3166": "^4.3", - "stripe/stripe-php": "^13.3" + "stripe/stripe-php": "^13.3", + "robthree/twofactorauth": "^2.1", + "lbuchs/webauthn": "^2.1" }, "autoload": { "psr-4": { diff --git a/cp/resources/views/admin/profile/profile.twig b/cp/resources/views/admin/profile/profile.twig index 472c855..3246563 100644 --- a/cp/resources/views/admin/profile/profile.twig +++ b/cp/resources/views/admin/profile/profile.twig @@ -119,7 +119,7 @@

Secure your account with WebAuthn. Click the button below to register your device for passwordless sign-in.

- +
@@ -156,4 +156,51 @@ + {% endblock %} \ No newline at end of file diff --git a/cp/routes/web.php b/cp/routes/web.php index f72b26d..f11a5e5 100644 --- a/cp/routes/web.php +++ b/cp/routes/web.php @@ -83,6 +83,9 @@ $app->group('', function ($route) { $route->get('/support/media', SupportController::class .':mediakit')->setName('mediakit'); $route->get('/profile', ProfileController::class .':profile')->setName('profile'); + $route->get('/webauthn/register/challenge', ProfileController::class . ':getRegistrationChallenge')->setName('webauthn.register.challenge'); + $route->post('/webauthn/register/verify', ProfileController::class . ':verifyRegistration')->setName('webauthn.register.verify'); + $route->get('/mode', HomeController::class .':mode')->setName('mode'); $route->get('/lang', HomeController::class .':lang')->setName('lang'); $route->get('/avatar', HomeController::class .':avatar')->setName('avatar');