feat: add ability to name u2fkeys and delete it (#2264)

CHANGELOG

@@ -2,6 +2,7 @@ UNRELEASED CHANGES:
 
 New features:
 
+* Add ability to name u2f security keys and to delete register ones
 * Add ability to add a comment when rating your day in the journal
 * Add API methods to manage genders
 * Breaking change: rewrite API methods to manage contacts

app/Http/Controllers/Settings/MultiFAController.php

@@ -4,13 +4,19 @@
 
 use Illuminate\Http\Request;
 use PragmaRX\Google2FA\Google2FA;
+use Lahaxearnaud\U2f\Models\U2fKey;
 use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Auth;
+use App\Traits\JsonRespondController;
+use Illuminate\Support\Facades\Event;
+use Lahaxearnaud\U2f\U2fFacade as U2f;
 use Illuminate\Foundation\Auth\RedirectsUsers;
 use PragmaRX\Google2FALaravel\Support\Authenticator;
+use App\Http\Resources\Settings\U2fKey\U2fKey as U2fKeyResource;
 
 class MultiFAController extends Controller
 {
-    use RedirectsUsers;
+    use RedirectsUsers, JsonRespondController;
 
     protected $redirectTo = '/settings/security';
 
@@ -146,14 +152,50 @@ private function generateSecret()
      * @param \Illuminate\Http\Request $request
      * @return \Illuminate\Http\Response
      */
-    public function u2fRegister(Request $request)
+    public function u2fRegisterData(Request $request)
     {
         list($req, $sigs) = app('u2f')->getRegisterData($request->user());
         session(['u2f.registerData' => $req]);
 
-        return response()->json([
+        return $this->respond([
             'currentKeys' => $sigs,
             'registerData' => $req,
-            ]);
+        ]);
+    }
+
+    public function u2fRegister(Request $request)
+    {
+        try {
+            $key = U2f::doRegister(Auth::user(), session('u2f.registerData'), json_decode($request->input('register')));
+            if ($request->filled('name')) {
+                $key->name = $request->input('name');
+                $key->save();
+            }
+
+            Event::fire('u2f.register', ['u2fKey' => $key, 'user' => Auth::user()]);
+            session()->forget('u2f.registerData');
+
+            session([config('u2f.sessionU2fName') => true]);
+
+            return new U2fKeyResource($key);
+        } catch (\Exception $e) {
+            return $this->respondWithError($e->getMessage());
+        }
+    }
+
+    /**
+     * Remove an existing security key.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @return \Illuminate\Http\Response
+     */
+    public function u2fRemove(Request $request, int $u2fKeyId)
+    {
+        $u2fKey = U2fKey::where('user_id', auth()->id())
+            ->findOrFail($u2fKeyId);
+
+        $u2fKey->delete();
+
+        return $this->respondObjectDeleted($u2fKeyId);
     }
 }

app/Http/Controllers/SettingsController.php

@@ -18,6 +18,7 @@
 use App\Models\Account\Invitation;
 use App\Services\User\EmailChange;
 use Illuminate\Support\Facades\DB;
+use Lahaxearnaud\U2f\Models\U2fKey;
 use Illuminate\Support\Facades\Auth;
 use App\Http\Requests\ImportsRequest;
 use App\Http\Requests\SettingsRequest;
@@ -26,6 +27,7 @@
 use App\Services\Contact\Tag\DestroyTag;
 use PragmaRX\Google2FALaravel\Google2FA;
 use App\Services\Account\DestroyAllDocuments;
+use App\Http\Resources\Settings\U2fKey\U2fKey as U2fKeyResource;
 
 class SettingsController
 {
@@ -492,7 +494,12 @@ public function api()
 
     public function security()
     {
-        return view('settings.security.index', ['is2FAActivated' => app('pragmarx.google2fa')->isActivated()]);
+        $u2fKeys = U2fKey::where('user_id', auth()->id())
+                        ->get();
+
+        return view('settings.security.index')
+            ->with('is2FAActivated', app('pragmarx.google2fa')->isActivated())
+            ->with('currentkeys', U2fKeyResource::collection($u2fKeys));
     }
 
     /**

app/Http/Resources/Settings/U2fKey/U2fKey.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Resources\Settings\U2fKey;
+
+use App\Helpers\DateHelper;
+use Illuminate\Http\Resources\Json\Resource;
+
+class U2fKey extends Resource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @param  \Illuminate\Http\Request
+     * @return array
+     */
+    public function toArray($request)
+    {
+        return [
+            'id' => $this->id,
+            'object' => 'u2fkey',
+            'name' => $this->name,
+            'counter' => $this->counter,
+            'created_at' => DateHelper::getTimestamp($this->created_at),
+            'updated_at' => DateHelper::getTimestamp($this->updated_at),
+        ];
+    }
+}

app/Http/Resources/Settings/U2fKey/U2fKeyCollection.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Resources\Settings\U2fKey;
+
+use Illuminate\Http\Resources\Json\ResourceCollection;
+
+class U2fKeyCollection extends ResourceCollection
+{
+    /**
+     * Transform the resource collection into an array.
+     *
+     * @param  \Illuminate\Http\Request
+     * @return array
+     */
+    public function toArray($request)
+    {
+        return [
+            'data' => $this->collection,
+            'links' => [
+                'self' => 'link-value',
+            ],
+        ];
+    }
+}

app/Models/User/User.php

@@ -16,10 +16,12 @@
 use Illuminate\Support\Facades\App;
 use Illuminate\Notifications\Notifiable;
 use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use App\Http\Resources\Account\User\User as UserResource;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
 use App\Http\Resources\Settings\Compliance\Compliance as ComplianceResource;
 
 class User extends Authenticatable implements MustVerifyEmail
@@ -171,6 +173,8 @@ public function account()
 
     /**
      * Get the term records associated with the user.
+     *
+     * @return BelongsToMany
      */
     public function terms()
     {
@@ -179,6 +183,8 @@ public function terms()
 
     /**
      * Get the recovery codes associated with the user.
+     *
+     * @return HasMany
      */
     public function recoveryCodes()
     {

database/migrations/2019_01_06_190036_u2f_key_name.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class U2fKeyName extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('u2f_key', function (Blueprint $table) {
+            $table->string('name')->after('id')->default('key');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('u2f_key', function (Blueprint $table) {
+            $table->dropColumn('name');
+        });
+    }
+}

public/mix-manifest.json

@@ -1,6 +1,6 @@
 {
     "/js/manifest.js": "/js/manifest.js?id=01c8731923a46c30aaed",
-    "/js/app.js": "/js/app.js?id=c973ffb006531809d534",
+    "/js/app.js": "/js/app.js?id=1bc30e69747e2bf2ef5b",
     "/css/app-ltr.css": "/css/app-ltr.css?id=d1a924515047b23cda18",
     "/css/app-rtl.css": "/css/app-rtl.css?id=6cd44baa52797bd315d6",
     "/css/stripe.css": "/css/stripe.css?id=2de4e0ce557016a0327e",

resources/assets/js/components/people/Gifts.vue

@@ -290,7 +290,7 @@ export default {
       axios.delete('/people/' + this.hash + '/gifts/' + gift.id)
         .then(response => {
           this.gifts.splice(this.gifts.indexOf(gift), 1);
-          this.$refs.modal.close();
+          this.closeDeleteModal();
         });
     },