Me estaba guiando aqui https://styde.net/autenticacion-de-dos-factores-con-laravel/ pero pese a eso tengo el error que menciono mas abajo
Tengo el siguiente codigo en mi LoginController
<?php
namespace App\Http\Controllers\Auth;
use App\Models\User;
use Illuminate\Http\Request;
use PragmaRX\Google2FA\Google2FA;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;
use BaconQrCode\Renderer\ImageRenderer;
use BaconQrCode\Writer as BaconQrCodeWriter;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use BaconQrCode\Renderer\Image\ImagickImageBackEnd;
use BaconQrCode\Renderer\RendererStyle\RendererStyle;
class LoginController extends Controller
{
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
return view('auth.signin');
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
$credentials = $request->only('email', 'password');
$rememberMe = $request->rememberMe ? true : false;
$user = User::where('email', $request->email)->first();
if ($user && Auth::attempt($credentials, $rememberMe)) {
$request->session()->regenerate();
if ($user->two_factor_enabled) {
$user->update(['token_login' => (new Google2FA)->generateSecretKey()]);
$urlQR = $this->createUserUrlQR($user);
return view('auth.2fa', compact('urlQR', 'user'));
} else {
return redirect()->intended('/dashboard');
}
}
return back()->withErrors([
'message' => 'Las Credenciales ingresadas son incorrectas.',
])->withInput($request->only('email'));
}
public function createUserUrlQR($user)
{
$bacon = new BaconQrCodeWriter(new ImageRenderer(
new RendererStyle(200),
new ImagickImageBackEnd()
));
$data = $bacon->writeString(
(new Google2FA)->getQRCodeUrl(
config('app.name'),
$user->email,
$user->token_login
), 'utf-8'
);
return 'data:image/png;base64,' . base64_encode($data);
}
public function login2FA(Request $request, User $user)
{
$request->validate(['code_verification' => 'required']);
// Verificar los valores recibidos
logger()->info('User token_login:', ['token_login' => $user->token_login]);
logger()->info('User entered code:', ['code_verification' => $request->code_verification]);
$google2fa = new Google2FA();
$isValid = $google2fa->verifyKey($user->token_login, $request->code_verification);
// Verificar el resultado de la verificación
logger()->info('2FA verification result:', ['isValid' => $isValid]);
if ($isValid) {
$request->session()->regenerate();
Auth::login($user);
return redirect()->intended('/dashboard');
}
return redirect()->back()->withErrors(['error' => 'Código de verificación incorrecto']);
}
/**
* Remove the specified resource from storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function destroy(Request $request)
{
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/sign-in');
}
}
y el siguiente en mi 2fa.blade.php
<x-guest-layout>
<div class="container">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">{{ __('Login 2FA') }}</div>
<div class="card-body">
@if ($errors->has('error'))
<div class="alert alert-danger">
{{ $errors->first('error') }}
</div>
@endif
<form method="POST" action="{{ route('login.2fa', $user->id) }}" aria-label="{{ __('Login') }}">
@csrf
<div class="form-group row">
<div class="col-lg-4">
<img id="imgQR" src="{{ $urlQR }}"/>
</div>
<div class="col-lg-8">
<div class="form-group">
<label for="code_verification" class="col-form-label">
{{ __('CÓDIGO DE VERIFICACIÓN') }}
</label>
<input
id="code_verification"
type="text"
class="form-control @error('code_verification') is-invalid @enderror"
name="code_verification"
value="{{ old('code_verification') }}"
required
autofocus>
@error('code_verification')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<button type="submit" class="btn btn-primary">ENVIAR</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</x-guest-layout>
MI ERROR ES QUE AL INGRESAR UN CODIGO SEA VALIDO O NO ME MANDA A MI DASHBOARD Y NO DEBERIA SIESQUE ESTA MAL, EL TOKEN SI SE GUARDA EN LA BASE DE DATOS Y TAMBIEN SE VERIFICA BIEN YA LO COMPROBE VIENDO LOS LOG Y SI ME SALE FALSE SIESQUE INGRESO MAL Y TRUE SI INGRESO BIEN EL CODIGO PERO NO ENTIENDO PORQUE NO ME DA EL MENSAJE DE ERROR SI INGRESO MAL Y AUN ASI MANDA A MI DASHBOARD