🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 15:16

2026-05-03 15:16:36 +03:00
parent 7cd2d91576
commit 061431f36a
4 changed files with 94 additions and 4 deletions
--- a/app/Modules/Auth/AuthController.php
+++ b/app/Modules/Auth/AuthController.php
@@ -178,6 +178,37 @@ final class AuthController
        }
    }

+    public function login2FAVerify(Request $request): void
+    {
+        $data = $request->getBody();
+        $code = $data['code'] ?? '';
+        $userId = $request->user->user_id;
+
+        $db = \App\Core\Database::getInstance();
+        $stmt = $db->prepare("SELECT totp_secret FROM users WHERE id = ?");
+        $stmt->execute([$userId]);
+        $secret = $stmt->fetchColumn();
+
+        $totpService = new \App\Services\TotpService();
+        if ($secret && $totpService->verify($secret, $code)) {
+            // Re-fetch user for full data
+            $stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
+            $stmt->execute([$userId]);
+            $user = $stmt->fetch();
+            
+            $authService = new AuthService();
+            $tokens = $authService->generateTokens($user);
+
+            Response::json([
+                'success' => true,
+                'data' => $tokens,
+                'message' => 'تم التحقق بنجاح'
+            ]);
+        } else {
+            Response::error('رمز التحقق غير صحيح', 'INVALID_CODE', 401);
+        }
+    }
+
    public function disable2FA(Request $request): void
    {
        $db = \App\Core\Database::getInstance();