Sign upLogin

badgeteam/Hatchery

View on GitHub
Star
app/Http/Controllers/Auth/TwoFAController.php

Summary

Maintainability
A
0 mins
Test Coverage

Avoid using static access to class '\Illuminate\Support\Facades\Hash' in method 'disable2fa'.
Open

        if (!(Hash::check($request->get('current-password'), $user->password))) {
Severity: Minor
Found in app/Http/Controllers/Auth/TwoFAController.php by phpmd

StaticAccess

Since: 1.4.0

Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.

Example

class Foo
{
    public function bar()
    {
        Bar::baz();
    }
}

Source https://phpmd.org/rules/cleancode.html#staticaccess

Define a constant instead of duplicating this literal "success" 3 times.
Open

        return redirect()->route('2fa')->with('success', 'Secret key has been created, enter OTP to activate 2FA.');
Severity: Critical
Found in app/Http/Controllers/Auth/TwoFAController.php by sonar-php

Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

Noncompliant Code Example

With the default threshold of 3:

function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

Compliant Solution

ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

Exceptions

To prevent generating some false-positives, literals having less than 5 characters are excluded.

Define a constant instead of duplicating this literal "error" 4 times.
Open

            return redirect()->route('2fa')->with('error', 'User already has OTP secret.');
Severity: Critical
Found in app/Http/Controllers/Auth/TwoFAController.php by sonar-php

Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

Noncompliant Code Example

With the default threshold of 3:

function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

Compliant Solution

ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

Exceptions

To prevent generating some false-positives, literals having less than 5 characters are excluded.

Define a constant instead of duplicating this literal "pragmarx.google2fa" 4 times.
Open

            $google2fa = app('pragmarx.google2fa');
Severity: Critical
Found in app/Http/Controllers/Auth/TwoFAController.php by sonar-php

Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

Noncompliant Code Example

With the default threshold of 3:

function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

Compliant Solution

ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

Exceptions

To prevent generating some false-positives, literals having less than 5 characters are excluded.

The variable $google2fa_url is not named in camelCase.
Open

    public function show2faForm(Request $request)
    {
        /** @var User $user */
        $user = Auth::guard()->user();
Severity: Minor
Found in app/Http/Controllers/Auth/TwoFAController.php by phpmd

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $google2fa_url is not named in camelCase.
Open

    public function show2faForm(Request $request)
    {
        /** @var User $user */
        $user = Auth::guard()->user();
Severity: Minor
Found in app/Http/Controllers/Auth/TwoFAController.php by phpmd

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

The variable $google2fa_url is not named in camelCase.
Open

    public function show2faForm(Request $request)
    {
        /** @var User $user */
        $user = Auth::guard()->user();
Severity: Minor
Found in app/Http/Controllers/Auth/TwoFAController.php by phpmd

CamelCaseVariableName

Since: 0.2

It is considered best practice to use the camelCase notation to name variables.

Example

class ClassName {
    public function doSomething() {
        $data_module = new DataModule();
    }
}

Source

There are no issues that match your filters.

Category
Status