PUSH

-> 2Fa setup works and login also <3

.vscode/settings.json

@@ -1,5 +1,6 @@
 {
     "cSpell.words": [
+        "Adminannouncements",
         "mythicalclient",
         "mythicaldash",
         "Predis",

backend/app/Api/User/Auth/Login.php

@@ -96,6 +96,9 @@
             $appInstance->BadRequest('Account is deleted', ['error_code' => 'ACCOUNT_DELETED']);
         }
 
+        if (User::getInfo($login, UserColumns::TWO_FA_ENABLED, false) == 'true') {
+            User::updateInfo($login, UserColumns::TWO_FA_BLOCKED, 'true', false);
+        }
         $appInstance->OK('Successfully logged in', []);
     }
 });

backend/app/Api/User/Auth/TwoFactor.php

@@ -30,17 +30,76 @@
  */
 
 use MythicalClient\App;
+use MythicalClient\Chat\User;
+use MythicalClient\Chat\Session;
 use PragmaRX\Google2FA\Google2FA;
+use MythicalSystems\CloudFlare\Turnstile;
+use MythicalClient\Config\ConfigInterface;
+use MythicalClient\Chat\columns\UserColumns;
 
 $router->get('/api/user/auth/2fa/setup', function (): void {
     App::init();
     $appInstance = App::getInstance(true);
-    $config = $appInstance->getConfig();
 
     $appInstance->allowOnlyGET();
     $google2fa = new Google2FA();
+    $session = new Session($appInstance);
 
     $secret = $google2fa->generateSecretKey();
-
+    $session->setInfo(UserColumns::TWO_FA_KEY, $secret, true);
     $appInstance->OK('Successfully generated secret key', ['secret' => $secret]);
 });
+
+$router->post('/api/user/auth/2fa/setup', function (): void {
+    App::init();
+    $appInstance = App::getInstance(true);
+    $config = $appInstance->getConfig();
+    $appInstance->allowOnlyPOST();
+    /**
+     * Process the turnstile response.
+     *
+     * IF the turnstile is enabled
+     */
+    if ($appInstance->getConfig()->getSetting(ConfigInterface::TURNSTILE_ENABLED, 'false') == 'true') {
+        if (!isset($_POST['turnstileResponse']) || $_POST['turnstileResponse'] == '') {
+            $appInstance->BadRequest('Bad Request', ['error_code' => 'TURNSTILE_FAILED']);
+        }
+        $cfTurnstileResponse = $_POST['turnstileResponse'];
+        if (!Turnstile::validate($cfTurnstileResponse, MythicalClient\CloudFlare\CloudFlareRealIP::getRealIP(), $config->getSetting(ConfigInterface::TURNSTILE_KEY_PRIV, 'XXXX'))) {
+            $appInstance->BadRequest('Invalid TurnStile Key', ['error_code' => 'TURNSTILE_FAILED']);
+        }
+    }
+
+    $google2fa = new Google2FA();
+
+    if (!isset($_POST['code'])) {
+        $appInstance->getLogger()->debug('Code missing');
+        $appInstance->BadRequest('Bad Request', ['error_code' => 'MISSING_CODE']);
+    }
+
+    $secret = User::getInfo($_COOKIE['user_token'], UserColumns::TWO_FA_KEY, true);
+    $code = $_POST['code'];
+
+    if ($google2fa->verifyKey($secret, $code, null, null, null)) {
+        User::updateInfo($_COOKIE['user_token'], UserColumns::TWO_FA_ENABLED, 'true', encrypted: false);
+        User::updateInfo($_COOKIE['user_token'], UserColumns::TWO_FA_BLOCKED, 'false', false);
+        $appInstance->OK('Code valid go on!', ['secret' => $secret]);
+    } else {
+        $appInstance->Unauthorized('Code invalid', ['error_code' => 'INVALID_CODE']);
+    }
+});
+
+$router->get('/api/auth/2fa/setup/kill', function () {
+    App::init();
+    $appInstance = App::getInstance(true);
+    $appInstance->allowOnlyGET();
+
+    $session = new Session($appInstance);
+
+    $session->setInfo(UserColumns::TWO_FA_ENABLED, 'false', false);
+    $session->setInfo(UserColumns::TWO_FA_KEY, '', false);
+
+    header('location: /?href=api');
+
+    exit;
+});

backend/app/Api/User/Session.php

@@ -147,9 +147,7 @@
     $appInstance->allowOnlyGET();
 
     $session = new Session($appInstance);
-    if (isset($_GET['ip']) && $_GET['ip'] != '') {
-        $session->setInfo(UserColumns::LAST_IP, $_GET['ip'], false);
-    }
+
     $accountToken = $session->SESSION_KEY;
     try {
         $billing = Billing::getBillingData(User::getInfo($accountToken, UserColumns::UUID, false));

backend/app/App.php

@@ -97,7 +97,7 @@ public function __construct(bool $softBoot)
          */
         Plugins\PluginManager::loadKernel();
         define('LOGGER', $this->getLogger());
-        
+
         $router = new rt();
         $this->registerApiRoutes($router);
 

backend/app/Chat/Session.php

@@ -51,6 +51,9 @@ public function __construct(App $app)
                     $this->app = $app;
                     $this->SESSION_KEY = $_COOKIE['user_token'];
                     $this->updateLastSeen();
+                    if ($this->getInfo(UserColumns::TWO_FA_BLOCKED, false) == 'true') {
+                        $app->Unauthorized('Please verify 2fa to access this endpoint.', ['error_code' => 'TW0_FA_BLOCKED']);
+                    }
                 } catch (\Exception) {
                     $app->Unauthorized('Bad Request', ['error_code' => 'INVALID_ACCOUNT_TOKEN']);
                 }

backend/app/Cli/App.php

@@ -156,25 +156,25 @@ private function handleCustomCommands(string $cmdName, array $subCmd): void
                 $this->sendOutput($this->prefix . 'Failed to start lint process.');
             }
             exit;
-        } else if ($cmdName == "backend:watch") {
-            $process = popen("tail -f backend/storage/logs/mythicalclient.log backend/storage/logs/framework.log", "r");
-            $this->sendOutput("Please wait while we attach to the process...");
+        } elseif ($cmdName == 'backend:watch') {
+            $process = popen('tail -f backend/storage/logs/mythicalclient.log backend/storage/logs/framework.log', 'r');
+            $this->sendOutput('Please wait while we attach to the process...');
             $this->sendOutput(message: "\n");
             sleep(5);
             if (is_resource($process)) {
-                $this->sendOutput("Attached to the process.");
+                $this->sendOutput('Attached to the process.');
                 $this->sendOutput(message: "\n");
                 while (!feof($process)) {
                     $output = fgets($process);
-                    if (strpos($output, "[DEBUG]") !== false) {
+                    if (strpos($output, '[DEBUG]') !== false) {
                         $this->sendOutput($this->prefix . "\e[34m" . $output . "\e[0m"); // Blue for DEBUG
-                    } elseif (strpos($output, "[INFO]") !== false) {
+                    } elseif (strpos($output, '[INFO]') !== false) {
                         $this->sendOutput($this->prefix . "\e[32m" . $output . "\e[0m"); // Green for INFO
-                    } elseif (strpos($output, "[WARNING]") !== false) {
+                    } elseif (strpos($output, '[WARNING]') !== false) {
                         $this->sendOutput($this->prefix . "\e[33m" . $output . "\e[0m"); // Yellow for WARNING
-                    } elseif (strpos($output, "[ERROR]") !== false) {
+                    } elseif (strpos($output, '[ERROR]') !== false) {
                         $this->sendOutput($this->prefix . "\e[31m" . $output . "\e[0m"); // Red for ERROR
-                    } elseif (strpos($output, "[CRITICAL]") !== false) {
+                    } elseif (strpos($output, '[CRITICAL]') !== false) {
                         $this->sendOutput($this->prefix . "\e[35m" . $output . "\e[0m"); // Magenta for CRITICAL
                     } else {
                         $this->sendOutput($this->prefix . $output);

backend/app/Cli/CommandBuilder.php

@@ -43,7 +43,7 @@ public static function getDescription(): string;
     /**
      * The subcommands of the command.
      */
-    public static function getSubCommands(int $index): array;
+    public static function getSubCommands(): array;
 
     /**
      * Execute the command.

backend/app/Cli/Commands/Addon.php

@@ -0,0 +1,127 @@
+<?php
+
+/*
+ * This file is part of MythicalClient.
+ * Please view the LICENSE file that was distributed with this source code.
+ *
+ * MIT License
+ *
+ * (c) MythicalSystems <mythicalsystems.xyz> - All rights reserved
+ * (c) NaysKutzu <nayskutzu.xyz> - All rights reserved
+ * (c) Cassian Gherman <nayskutzu.xyz> - All rights reserved
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace MythicalClient\Cli\Commands;
+
+use MythicalClient\Cli\App;
+use MythicalClient\Cli\CommandBuilder;
+use MythicalClient\Plugins\PluginTypes;
+
+class Addon extends App implements CommandBuilder
+{
+    public static function execute(array $args): void
+    {
+
+        /**
+         * Initialize the plugin manager.
+         */
+        require __DIR__ . '/../../../boot/kernel.php';
+        define('APP_ADDONS_DIR', __DIR__ . '/../../../storage/addons');
+        define('APP_DEBUG', false);
+        \MythicalClient\Plugins\PluginManager::loadKernel();
+
+        if (count($args) > 0) {
+            switch ($args[1]) {
+                case 'install':
+                    // Install an addon.
+                    break;
+                case 'uninstall':
+                    // Uninstall an addon.
+                    break;
+                case 'list':
+                    self::getInstance()->send('&5&lMythical&d&lDash &7- &d&lAddons');
+                    self::getInstance()->send('');
+                    $addons = \MythicalClient\Plugins\PluginManager::getLoadedMemoryPlugins();
+
+                    $types = [
+                        PluginTypes::$event,
+                        PluginTypes::$provider,
+                        PluginTypes::$gateway,
+                        PluginTypes::$components,
+                    ];
+
+                    foreach ($types as $type) {
+                        if ($type == PluginTypes::$event) {
+                            self::getInstance()->send('&5&lEvents Plugins:');
+                            self::getInstance()->send('&f(Typical plugins that listen to events)');
+                            self::getInstance()->send('');
+                        } elseif ($type == PluginTypes::$provider) {
+                            self::getInstance()->send('&5&lProviders Plugins:');
+                            self::getInstance()->send('&f(Typical plugins that process purchases and create services!)');
+                            self::getInstance()->send('');
+                        } elseif ($type == PluginTypes::$gateway) {
+                            self::getInstance()->send('&5&lGateways Plugins:');
+                            self::getInstance()->send('&f(Typical plugins that handle payment gateways!)');
+                            self::getInstance()->send('');
+                        } elseif ($type == PluginTypes::$components) {
+                            self::getInstance()->send('&5&lComponents Plugins:');
+                            self::getInstance()->send('&f(Typical plugins that add new components to the frontend!)');
+                            self::getInstance()->send('');
+                        }
+                        foreach ($addons as $plugin) {
+                            $addonConfig = \MythicalClient\Plugins\PluginConfig::getConfig($plugin);
+                            $name = $addonConfig['plugin']['name'];
+                            $version = $addonConfig['plugin']['version'];
+                            $description = $addonConfig['plugin']['description'];
+                            if ($addonConfig['plugin']['type'] == $type) {
+                                self::getInstance()->send("&7 - &b{$name} &8> &d{$version} &8> &7{$description}");
+                                self::getInstance()->send('');
+                            }
+                        }
+                    }
+                    self::getInstance()->send('');
+                    break;
+                case 'update':
+                    // Update an addon.
+                    break;
+                default:
+                    self::getInstance()->send('&cInvalid subcommand!');
+                    break;
+            }
+        } else {
+            self::getInstance()->send('&cPlease provide a subcommand!');
+        }
+    }
+
+    public static function getDescription(): string
+    {
+        return 'Manage your addons form the command line.';
+    }
+
+    public static function getSubCommands(): array
+    {
+        return [
+            'install' => 'Install an addon.',
+            'uninstall ' => 'Uninstall an addon.',
+            'list' => 'List all installed addons.',
+        ];
+    }
+}

backend/app/Cli/Commands/Colors.php

@@ -51,7 +51,7 @@ public static function getDescription(): string
         return '&c&l&n&oS&6&l&n&ou&e&l&n&op&a&l&n&op&3&l&n&oo&9&l&n&or&5&l&n&ot&c&l&n&oe&6&l&n&od&e&l&n&o &a&l&n&oC&3&l&n&oo&9&l&n&ol&5&l&n&oo&c&l&n&or&6&l&n&os&e&l&n&o &a&l&n&oB&3&l&n&oy&9&l&n&o &5&l&n&oO&c&l&n&ou&6&l&n&or&e&l&n&o &a&l&n&oA&3&l&n&ow&9&l&n&os&5&l&n&oo&c&l&n&om&6&l&n&oe&e&l&n&o &a&l&n&oC&3&l&n&oL&9&l&n&oI';
     }
 
-    public static function getSubCommands(int $index): array
+    public static function getSubCommands(): array
     {
         return [];
     }

backend/app/Cli/Commands/Decrypt.php

@@ -0,0 +1,55 @@
+<?php
+
+/*
+ * This file is part of MythicalClient.
+ * Please view the LICENSE file that was distributed with this source code.
+ *
+ * MIT License
+ *
+ * (c) MythicalSystems <mythicalsystems.xyz> - All rights reserved
+ * (c) NaysKutzu <nayskutzu.xyz> - All rights reserved
+ * (c) Cassian Gherman <nayskutzu.xyz> - All rights reserved
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace MythicalClient\Cli\Commands;
+
+use MythicalClient\Cli\App;
+use MythicalClient\Cli\CommandBuilder;
+
+class Decrypt extends App implements CommandBuilder
+{
+    public static function execute(array $args): void
+    {
+        $app = App::getInstance();
+        $string = readline('Enter the encrypted string: ');
+        $app->sendOutputWithNewLine('String: ' . \MythicalClient\App::getInstance(true)->decrypt($string) . '');
+    }
+
+    public static function getDescription(): string
+    {
+        return 'Decrypt a MythicalClient encrypted string';
+    }
+
+    public static function getSubCommands(): array
+    {
+        return [];
+    }
+}

backend/app/Cli/Commands/Down.php

@@ -58,7 +58,7 @@ public static function getDescription(): string
         return 'Put the server from maintenance mode';
     }
 
-    public static function getSubCommands(int $index): array
+    public static function getSubCommands(): array
     {
         return [];
     }

backend/app/Cli/Commands/Help.php

@@ -62,8 +62,15 @@ public static function execute(array $args): void
 
             $description = $commandClass::getDescription();
             $command = lcfirst($command);
-
+            $subCommands = $commandClass::getSubCommands();
             $cmdInstance->send("&b{$command} &8> &7{$description}");
+
+            if (!empty($subCommands)) {
+                foreach ($subCommands as $subCommand => $description) {
+                    $cmdInstance->send("    &8> &b{$command} {$subCommand} &8- &7{$description}");
+                }
+            }
+
         }
         $cmdInstance->send('');
         $cmdInstance->send($cmdInstance->bars);
@@ -74,7 +81,7 @@ public static function getDescription(): string
         return 'Get help for all commands';
     }
 
-    public static function getSubCommands(int $index): array
+    public static function getSubCommands(): array
     {
         return [];
     }