Merge pull request #73 from Laragear/feat/attempt-route

[1.x] Adds attempt redirection route.

Author: DarkGhostHunter

README.md

@@ -234,6 +234,7 @@ You can further customize how to handle the 2FA code authentication procedure wi
 |-------------------|-----------------------------------------------------------------------------------|
 | guard($guard)     | The guard to use for authentication. Defaults to the application default (`web`). |
 | view($view)       | Return a custom view to handle the 2FA Code retry.                                |
+| redirect($route)  | Redirect to a location to handle the 2FA Code retry.                              |
 | message($message) | Return a custom message when the 2FA code fails or is not present.                |
 | input($input)     | Sets the input where the TOTP code is in the request. Defaults to `2fa_code`.     |
 | sessionKey($key)  | The key used to flash the encrypted credentials. Defaults to `_2fa_login`.        |

src/Facades/Auth2FA.php

@@ -12,6 +12,7 @@
  * @method static \Laragear\TwoFactor\TwoFactorLoginHelper input(string $input)
  * @method static \Laragear\TwoFactor\TwoFactorLoginHelper sessionKey(string $sessionKey)
  * @method static \Laragear\TwoFactor\TwoFactorLoginHelper guard(string $guard)
+ * @method static \Laragear\TwoFactor\TwoFactorLoginHelper redirect(string $route)
  *
  * @see \Laragear\TwoFactor\TwoFactorLoginHelper
  */

src/TwoFactorLoginHelper.php

@@ -10,8 +10,8 @@
 use Illuminate\Support\Facades\Crypt;
 use InvalidArgumentException;
 use Laragear\TwoFactor\Exceptions\InvalidCodeException;
-
 use function array_merge;
+use function redirect;
 use function response;
 use function view;
 
@@ -50,6 +50,7 @@ public function __construct(
         protected string $sessionKey,
         protected bool $useFlash,
         protected string $input = '2fa_code',
+        protected string $redirect = '',
     ) {
         //
     }
@@ -119,6 +120,19 @@ public function guard(string $guard): static
         return $this;
     }
 
+    /**
+     * Set the route to redirect the user on failed authentication.
+     *
+     * @param  string  $route
+     * @return $this
+     */
+    public function redirect(string $route): static
+    {
+        $this->redirect = $route;
+
+        return $this;
+    }
+
     /**
      * Attempt to authenticate a user using the given credentials.
      *
@@ -145,7 +159,7 @@ public function attempt(array $credentials = [], $remember = false): bool
         } catch (InvalidCodeException $e) {
             $this->flashData($credentials, $remember);
 
-            $this->throwConfirmView($this->input, $this->request->has($this->input) ? $e->errors() : []);
+            $this->throwResponse($this->input, $this->request->has($this->input) ? $e->errors() : []);
         }
 
         // @codeCoverageIgnoreStart
@@ -225,9 +239,13 @@ protected function flashData(array $credentials, bool $remember): void
      * @param  array  $errors
      * @return void
      */
-    protected function throwConfirmView(string $input, array $errors): void
+    protected function throwResponse(string $input, array $errors): void
     {
-        // @phpstan-ignore-next-line
-        response(view($this->view, ['input' => $input])->withErrors($errors))->throwResponse();
+        $response = $this->redirect
+            ? redirect($this->redirect)->withInput(['input' => $input])->withErrors($errors)
+            // @phpstan-ignore-next-line
+            : response(view($this->view, ['input' => $input])->withErrors($errors));
+
+        $response->throwResponse();
     }
 }

tests/TwoFactorLoginHelperTest.php

@@ -20,7 +20,6 @@
 use Mockery;
 use Tests\Stubs\UserStub;
 use Tests\Stubs\UserTwoFactorStub;
-
 use function app;
 use function config;
 use function get_class;
@@ -302,4 +301,42 @@ public function test_reflashes_credentials_if_2fa_code_fails(): void
 
         $this->assertGuest();
     }
+
+    public function test_throws_redirection_on_failure(): void
+    {
+        $this->app->make('router')->post('login-with-redirect', function (Request $request) {
+            try {
+                return Auth2FA::redirect('foo')->attempt($request->only('email', 'password'))
+                    ? 'is authenticated'
+                    : 'is unauthenticated';
+            } catch (\Throwable $exception) {
+                if (! $exception instanceof HttpResponseException) {
+                    var_dump([get_class($exception), $exception->getMessage()]);
+                }
+
+                throw $exception;
+            }
+        });
+
+        $this->post('login-with-redirect', $this->credentials)
+            ->assertRedirect('foo')
+            ->assertSessionHasInput('input', '2fa_code')
+            ->assertSessionHas('_2fa_login.credentials.email', function (string $email): bool {
+                static::assertSame($this->user->email, Crypt::decryptString($email));
+
+                return true;
+            })
+            ->assertSessionHas('_2fa_login.credentials.password', static function (string $password): bool {
+                static::assertSame('secret', Crypt::decryptString($password));
+
+                return true;
+            })
+            ->assertSessionHas('_2fa_login.remember', static function ($remember) {
+                static::assertFalse($remember);
+
+                return true;
+            });
+
+        $this->assertGuest();
+    }
 }