wip

chrysanthos · chrysanthos · commit 8ec5e84692b7 · 2022-12-02T01:18:01.000+02:00
diff --git a/config/otp.php b/config/otp.php
@@ -2,8 +2,27 @@
 
 return [
 
+    /**
+     * Whether the package will register the routes and listeners.
+     */
     'enabled' => false,
 
+    /**
+     * The notification to be sent to the logged-in user.
+     * Override this with your own implementation so that
+     * you can customize the channels, message format etc.
+     */
     'notification' => \Chrysanthos\LaravelOtp\Notifications\SendOtpToUserNotification::class,
 
+    /**
+     * The paths that should be protected by otp. This must be
+     * relative paths with no slashes at the start of the string.
+     * Use this option in case you have admin login area with tools
+     * like Nova/Backpack/Filament and only nedd otp in the main site
+     *
+     * Sadly the paths must point to the uri path of the route that the login form is submitted to.
+     */
+    'paths' => [
+        '*',
+    ]
 ];
diff --git a/src/Middleware/RedirectToOtpPage.php b/src/Middleware/RedirectToOtpPage.php
@@ -34,6 +34,10 @@ public function handle(Request $request, Closure $next)
 
         $otpService = app(OtpService::class);
 
+        if (!$otpService->shouldCoverRoutePath($request->path())) {
+            return $next($request);
+        }
+
         if (! Session::has($otpService->generateVerifiedKey($user))) {
             if (! Session::has($otpService->generateOtpSentKey($user))) {
                 $otpService->generateOtpAndSend($user);
diff --git a/src/Support/OtpService.php b/src/Support/OtpService.php
@@ -4,6 +4,7 @@
 
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Foundation\Auth\User;
+use Illuminate\Support\Arr;
 use Illuminate\Support\Facades\Session;
 
 class OtpService
@@ -52,4 +53,15 @@ public function generateOtpSentKey(Authenticatable $user): string
     {
         return get_class($user).'-'.$user->id.'otp-sent';
     }
+
+    public function shouldCoverRoutePath(string $path): bool
+    {
+        $paths = Arr::wrap(config('otp.paths'));
+
+        if (!is_array($paths) || ($paths[0] ?? null) === '*') {
+            return true;
+        }
+
+        return in_array($path, $paths, true);
+    }
 }
