Merge 1dbb648 into 8f42a48

README.md

@@ -127,6 +127,44 @@ public function confirmTwoFactor(Request $request)
 
 If the User doesn't issue the correct Code, the method will return `false`. You can tell the User to double-check its device's timezone, or create another Shared Secret with `createTwoFactorAuth()`.
 
+You may validate that Code passed to a controller is a valid Code by using the TotpCode rule.
+
+```php
+use DarkGhostHunter\Laraguard\Rules\TotpCode;
+
+public function confirmTwoFactor(Request $request)
+{
+    $this->validate($request, [
+        '2fa_code' => ['required', new TotpCode()],
+    ]);
+
+    $request->user()->enableTwoFactorAuth();
+}
+```
+
+You can also use the 'pipe' syntax for rule.
+
+```php
+public function setSafeDevice(Request $request)
+{
+    $this->validate($request, [
+        '2fa_code' => 'required|totp_code',
+    ]);
+
+    $request->user()->addSafeDevice($request);
+
+    session()->flash('message', "This device has been added as safe and the app won't ask for codes");
+}
+```
+
+You can also define an error message by adding an entry in the validation language file or you can publish the language files to your resources/lang folder.
+
+```php
+'totp_code' => 'The code you have entered is invalid.',
+
+// The rest of the validation error messages...
+```
+
 ### Recovery Codes
 
 Recovery Codes are automatically generated each time the Two Factor Authentication is enabled. By default, a Collection of ten one-use 8-characters codes are created.
@@ -249,7 +287,7 @@ To further configure the package, publish the configuration files and assets:
 
     php artisan vendor:publish --provider="DarkGhostHunter\Laraguard\LaraguardServiceProvider"
 
-You will receive the authentication view in `resources/views/vendor/laraguard/auth.blade.php`, and the `config/laraguard.php` config file with the following contents:
+You will receive the authentication view in `resources/views/vendor/laraguard/auth.blade.php`, the language files `resources/lang/vendor/laraguard` folder and the `config/laraguard.php` config file with the following contents:
 
 ```php
 return [

resources/lang/en/messages.php

@@ -0,0 +1,5 @@
+<?php
+
+return [
+    'totp_code' => 'The Code is invalid or has expired.',
+];

resources/lang/tr/messages.php

@@ -0,0 +1,5 @@
+<?php
+
+return [
+    'totp_code' => 'Kod geçersiz veya süresi dolmuş.',
+];

src/LaraguardServiceProvider.php

@@ -2,6 +2,7 @@
 
 namespace DarkGhostHunter\Laraguard;
 
+use DarkGhostHunter\Laraguard\Rules\TotpCode;
 use Illuminate\Routing\Router;
 use Illuminate\Auth\Events\Validated;
 use Illuminate\Auth\Events\Attempting;
@@ -19,6 +20,7 @@ class LaraguardServiceProvider extends ServiceProvider
     public function register()
     {
         $this->mergeConfigFrom(__DIR__ . '/../config/laraguard.php', 'laraguard');
+        $this->loadTranslationsFrom(__DIR__ . '/../resources/lang/', 'laraguard');
     }
 
     /**
@@ -33,6 +35,7 @@ public function boot(Repository $config, Router $router, Dispatcher $dispatcher)
     {
         $this->registerListener($config, $dispatcher);
         $this->registerMiddleware($router);
+        $this->registerValidators();
 
         $this->loadViewsFrom(__DIR__ . '/../resources/views', 'laraguard');
         $this->loadFactoriesFrom(__DIR__ . '/../database/factories');
@@ -72,6 +75,18 @@ protected function registerListener(Repository $config, Dispatcher $dispatcher)
         $dispatcher->listen(Validated::class, Contracts\TwoFactorListener::class . '@checkTwoFactor');
     }
 
+    /**
+     * Register the custom validators
+     *
+     * @return void
+     */
+    private function registerValidators()
+    {
+        $this->app['validator']->extend('totp_code', function ($attribute, $value) {
+            return (new TotpCode())->passes($attribute, $value);
+        }, __('laraguard::messages.totp_code'));
+    }
+
     /**
      * Publish config, view and migrations files.
      *
@@ -87,6 +102,10 @@ protected function publishFiles()
             __DIR__ . '/../resources/views' => resource_path('views/vendor/laraguard'),
         ], 'views');
 
+        $this->publishes([
+            __DIR__ . '/../resources/lang' => resource_path('lang/vendor/laraguard'),
+        ], 'translations');
+
         // We will allow the publishing for the Two Factor Authentication migration that
         // holds the TOTP data, only if it wasn't published before, avoiding multiple
         // copies for the same migration, which can throw errors when re-migrating.

src/Rules/TotpCode.php

@@ -0,0 +1,70 @@
+<?php
+
+namespace DarkGhostHunter\Laraguard\Rules;
+
+use DarkGhostHunter\Laraguard\Contracts\TwoFactorAuthenticatable;
+use Illuminate\Contracts\Validation\Rule;
+use Illuminate\Support\Facades\Auth;
+
+class TotpCode implements Rule
+{
+    /**
+     * The name of the rule.
+     *
+     * @var string
+     */
+    protected $rule = 'totp_code';
+
+    /**
+     * The auth user.
+     *
+     * @var \Illuminate\Foundation\Auth\User
+     */
+    protected $user;
+
+    /**
+     * Create a new "totp code" rule instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->user = Auth::user();
+    }
+
+    /**
+     * Determine if the validation rule passes.
+     *
+     * @param  string  $attribute
+     * @param  mixed  $value
+     * @return bool
+     */
+    public function passes($attribute, $value) : bool
+    {
+        if ($this->user instanceof TwoFactorAuthenticatable) {
+            return is_string($value) && $this->user->twoFactorAuth->validateCode($value);
+        }
+
+        return false;
+    }
+
+    /**
+     * Get the validation error message.
+     *
+     * @return string
+     */
+    public function message() : string
+    {
+        return __('laraguard::messages.totp_code');
+    }
+
+    /**
+     * Convert the rule to a validation string.
+     *
+     * @return string
+     */
+    public function __toString() : string
+    {
+        return "{$this->rule}";
+    }
+}