Implement changes to 2FA system (#761)

app/Services/Users/TwoFactorSetupService.php

@@ -10,7 +10,8 @@
 namespace Pterodactyl\Services\Users;
 
 use Pterodactyl\Models\User;
-use PragmaRX\Google2FA\Contracts\Google2FA;
+use PragmaRX\Google2FA\Google2FA;
+use Illuminate\Contracts\Encryption\Encrypter;
 use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
 use Illuminate\Contracts\Config\Repository as ConfigRepository;
 
@@ -19,58 +20,62 @@ class TwoFactorSetupService
     /**
      * @var \Illuminate\Contracts\Config\Repository
      */
-    protected $config;
+    private $config;
 
     /**
-     * @var \PragmaRX\Google2FA\Contracts\Google2FA
+     * @var \Illuminate\Contracts\Encryption\Encrypter
      */
-    protected $google2FA;
+    private $encrypter;
+
+    /**
+     * @var \PragmaRX\Google2FA\Google2FA
+     */
+    private $google2FA;
 
     /**
      * @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
      */
-    protected $repository;
+    private $repository;
 
     /**
      * TwoFactorSetupService constructor.
      *
      * @param \Illuminate\Contracts\Config\Repository                   $config
-     * @param \PragmaRX\Google2FA\Contracts\Google2FA                   $google2FA
+     * @param \Illuminate\Contracts\Encryption\Encrypter                $encrypter
+     * @param \PragmaRX\Google2FA\Google2FA                             $google2FA
      * @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
      */
     public function __construct(
         ConfigRepository $config,
+        Encrypter $encrypter,
         Google2FA $google2FA,
         UserRepositoryInterface $repository
     ) {
         $this->config = $config;
+        $this->encrypter = $encrypter;
         $this->google2FA = $google2FA;
         $this->repository = $repository;
     }
 
     /**
-     * Generate a 2FA token and store it in the database.
+     * Generate a 2FA token and store it in the database before returning the
+     * QR code image.
      *
-     * @param int|\Pterodactyl\Models\User $user
-     * @return array
+     * @param \Pterodactyl\Models\User $user
+     * @return string
      *
      * @throws \Pterodactyl\Exceptions\Model\DataValidationException
      * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
-    public function handle($user)
+    public function handle(User $user): string
     {
-        if (! $user instanceof User) {
-            $user = $this->repository->find($user);
-        }
-
-        $secret = $this->google2FA->generateSecretKey();
+        $secret = $this->google2FA->generateSecretKey($this->config->get('pterodactyl.auth.2fa.bytes'));
         $image = $this->google2FA->getQRCodeGoogleUrl($this->config->get('app.name'), $user->email, $secret);
 
-        $this->repository->withoutFresh()->update($user->id, ['totp_secret' => $secret]);
+        $this->repository->withoutFresh()->update($user->id, [
+            'totp_secret' => $this->encrypter->encrypt($secret),
+        ]);
 
-        return [
-            'qrImage' => $image,
-            'secret' => $secret,
-        ];
+        return $image;
     }
 }