bookstack/app/Auth/Access/Mfa/TotpValidationRule.php

<?php

namespace BookStack\Auth\Access\Mfa;

use Illuminate\Contracts\Validation\Rule;

class TotpValidationRule implements Rule
{

    protected $secret;
    protected $totpService;

    /**
     * Create a new rule instance.
     * Takes the TOTP secret that must be system provided, not user provided.
     */
    public function __construct(string $secret)
    {
        $this->secret = $secret;
        $this->totpService = app()->make(TotpService::class);
    }

    /**
     * Determine if the validation rule passes.
     */
    public function passes($attribute, $value)
    {
        return $this->totpService->verifyCode($value, $this->secret);
    }

    /**
     * Get the validation error message.
     */
    public function message()
    {
        return trans('validation.totp');
    }
}
Complete base flow for TOTP setup - Includes DB storage and code validation. - Extracted TOTP work to its own service file. - Still needs testing to cover this side of things. 2021-07-01 05:10:02 +08:00			`<?php`

			`namespace BookStack\Auth\Access\Mfa;`

			`use Illuminate\Contracts\Validation\Rule;`

			`class TotpValidationRule implements Rule`
			`{`

			`protected $secret;`
			`protected $totpService;`

			`/**`
			`* Create a new rule instance.`
			`* Takes the TOTP secret that must be system provided, not user provided.`
			`*/`
			`public function __construct(string $secret)`
			`{`
			`$this->secret = $secret;`
			`$this->totpService = app()->make(TotpService::class);`
			`}`

			`/**`
			`* Determine if the validation rule passes.`
			`*/`
			`public function passes($attribute, $value)`
			`{`
			`return $this->totpService->verifyCode($value, $this->secret);`
			`}`

			`/**`
			`* Get the validation error message.`
			`*/`
			`public function message()`
			`{`
			`return trans('validation.totp');`
			`}`
			`}`