Complete authentication return pubkey

2020-08-18 22:27:24 +10:00 · 2020-08-18 22:27:24 +10:00 · af1f125866
commit af1f125866
parent 0c91860454
1 changed files with 24 additions and 1 deletions
--- a/src/SQRLController.php
+++ b/src/SQRLController.php
@ -35,7 +35,29 @@ class SQRLController extends Controller
 	{
 		// Validate the nonce if it has been given.
 		if ($request->get('nut')) {
+			Log::debug(sprintf('Got a NUT [%s]',$request->get('nut')));

+			//Get the user by the original nonce
+			$o = SQRLAuth\Nonce::check($request->get('nut'),'orig_nonce');
+			Log::debug(sprintf('User [%s]',serialize($o->getAttributes())));
+
+			if ($o && $o->verified) {
+				if ($o->pubkey && ! $o->pubkey->disabled)
+					// For JSON we just need the SQRL login
+					return $request->expectsJson() ? $o->pubkey->public_key : $o->pubkey;
+
+				else
+					return response()->json([
+						'isReady'=>FALSE,
+						'msg'=>'Not Verified'
+					],404);
+
+			} else {
+				return response()->json([
+					'isReady'=>FALSE,
+					'msg'=>'Not Ready'
+				],404);
+			}
 		}

 		// If this laravel, check if the user has been logged in
@ -100,6 +122,7 @@ class SQRLController extends Controller
 		} else {
 			foreach (['ver','cmd'] as $y)
 				Log::debug(sprintf('API-client-%s [%s]',str_pad($y,5,' '),Arr::get($decode_request,'client.'.$y)));
+
 			Log::debug(sprintf('API-client-opt   [%s]',join('|',Arr::get($decode_request,'client.opt',[]))));
 			Log::debug(sprintf('API-client-idk   [%s]',base64_encode(Arr::get($decode_request,'client.idk'))));
 			Log::debug(sprintf('API-server       [%s]',serialize(Arr::get($decode_request,'server'))));