🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 13:39

2026-05-03 13:39:05 +03:00
parent 2de6a0adfd
commit ea415e3a11
19 changed files with 972 additions and 7 deletions
--- a/app/Modules/Auth/AuthController.php
+++ b/app/Modules/Auth/AuthController.php
@@ -25,6 +25,16 @@ final class AuthController
        try {
            $result = $this->authService->login($email, $password);
            
+            // 2FA Check
+            if ($result['user']->totp_enabled) {
+                Response::json([
+                    'success' => true,
+                    'requires_2fa' => true,
+                    'temp_token' => $result['access_token']
+                ]);
+                return;
+            }
+
            // Set refresh token in HttpOnly cookie
            setcookie('refresh_token', $result['refresh_token'], [
                'expires' => time() + (60 * 60 * 24 * 7),
@@ -128,4 +138,47 @@ final class AuthController
            Response::error($e->getMessage(), 'REGISTRATION_FAILED', 400);
        }
    }
+
+    public function enable2FA(Request $request): void
+    {
+        $user = $request->user;
+        $totpService = new \App\Services\TotpService();
+        $secret = $totpService->generateSecret();
+        $qrUrl = $totpService->getQrCodeUrl($user->email, $secret);
+
+        Response::json([
+            'success' => true,
+            'data' => [
+                'secret' => $secret,
+                'qr_url' => $qrUrl
+            ]
+        ]);
+    }
+
+    public function verify2FA(Request $request): void
+    {
+        $data = $request->getBody();
+        $code = $data['code'] ?? '';
+        $secret = $data['secret'] ?? '';
+        
+        $totpService = new \App\Services\TotpService();
+        if ($totpService->verify($secret, $code)) {
+            $db = \App\Core\Database::getInstance();
+            $stmt = $db->prepare("UPDATE users SET totp_secret = ?, totp_enabled = 1 WHERE id = ?");
+            $stmt->execute([$secret, $request->user->user_id]);
+
+            Response::json(['success' => true, 'message' => 'تم تفعيل التحقق الثنائي بنجاح']);
+        } else {
+            Response::error('رمز التحقق غير صحيح', 'INVALID_CODE', 400);
+        }
+    }
+
+    public function disable2FA(Request $request): void
+    {
+        $db = \App\Core\Database::getInstance();
+        $stmt = $db->prepare("UPDATE users SET totp_secret = NULL, totp_enabled = 0 WHERE id = ?");
+        $stmt->execute([$request->user->user_id]);
+
+        Response::json(['success' => true, 'message' => 'تم تعطيل التحقق الثنائي']);
+    }
 }