simon/SuperSeller3000
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
SuperSeller3000/src/Infrastructure/Http/Controller/TotpSetupController.php
Simon Kuehn f310643064 feat: add EasyAdmin CRUD controllers, security controller and templates 
CRUD controllers for Article, ArticleType, AttributeDefinition,
ArticleTypeAttribute, AIPipelineJob, Order, Customer, Invoice, User
and LogEntry. SecurityController handles login/logout; TotpSetupController
manages 2FA enrollment. API controllers for pipeline and orders.

Admin dashboard template and Twig base layout included.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-17 22:44:03 +00:00

72 lines
2.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Infrastructure\Http\Controller;
use App\Domain\Auth\Repository\UserRepositoryInterface;
use App\Domain\Auth\User;
use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Totp\TotpAuthenticatorInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Http\Attribute\IsGranted;
#[Route('/totp', name: 'totp_')]
#[IsGranted('ROLE_USER')]
final class TotpSetupController extends AbstractController
{
public function __construct(
private readonly TotpAuthenticatorInterface $totpAuthenticator,
private readonly UserRepositoryInterface $userRepository,
) {
}
#[Route('/setup', name: 'setup', methods: ['GET'])]
public function setup(): Response
{
$user = $this->getUser();
\assert($user instanceof User);
if ($user->isTotpAuthenticationEnabled()) {
return $this->redirectToRoute('totp_manage');
}
$secret = $this->totpAuthenticator->generateSecret();
$user->setTotpSecret($secret);
$this->userRepository->save($user);
$qrCodeUrl = $this->totpAuthenticator->getQRContent($user);
return $this->render('totp/setup.html.twig', [
'secret' => $secret,
'qr_code_url' => $qrCodeUrl,
]);
}
#[Route('/manage', name: 'manage', methods: ['GET'])]
public function manage(): Response
{
$user = $this->getUser();
\assert($user instanceof User);
return $this->render('totp/manage.html.twig', [
'totp_enabled' => $user->isTotpAuthenticationEnabled(),
]);
}
#[Route('/disable', name: 'disable', methods: ['POST'])]
public function disable(): Response
{
$user = $this->getUser();
\assert($user instanceof User);
$user->setTotpSecret(null);
$this->userRepository->save($user);
$this->addFlash('success', 'Two-factor authentication has been disabled.');
return $this->redirectToRoute('totp_manage');
}
}
Reference in a new issue View git blame Copy permalink