|string> */ public function rules(): array { return [ 'email' => ['required', 'string', 'email'], 'password' => ['required', 'string'], 'otp_code' => ['nullable', 'string'], ]; } /** * Attempt to authenticate the request's credentials. * * @throws \Illuminate\Validation\ValidationException */ public function authenticate(): void { $this->ensureIsNotRateLimited(); if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) { RateLimiter::hit($this->throttleKey()); throw ValidationException::withMessages([ 'email' => trans('auth.failed'), ]); } $user = Auth::user(); if ($user && method_exists($user, 'hasTwoFactorEnabled') && $user->hasTwoFactorEnabled()) { $otpCode = trim((string) $this->input('otp_code', '')); $totpSecret = $user->getTwoFactorSecretDecrypted(); $totp = app(TotpService::class); if ($otpCode === '' || ! $totpSecret || ! $totp->verify($totpSecret, $otpCode)) { Auth::logout(); RateLimiter::hit($this->throttleKey()); throw ValidationException::withMessages([ 'otp_code' => 'Codice autenticatore non valido.', ]); } } RateLimiter::clear($this->throttleKey()); } /** * Ensure the login request is not rate limited. * * @throws \Illuminate\Validation\ValidationException */ public function ensureIsNotRateLimited(): void { if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) { return; } event(new Lockout($this)); $seconds = RateLimiter::availableIn($this->throttleKey()); throw ValidationException::withMessages([ 'email' => trans('auth.throttle', [ 'seconds' => $seconds, 'minutes' => ceil($seconds / 60), ]), ]); } /** * Get the rate limiting throttle key for the request. */ public function throttleKey(): string { return Str::transliterate(Str::lower($this->string('email')) . '|' . $this->ip()); } }