/// <reference types="express" />
import { Options } from '@loopback/repository';
import { Request } from '@loopback/rest';
import { BaseUserRepository } from '../repositories';
/**
 * Handles everything connected to two factor authentication.
 */
export declare class TwoFactorService<RoleType extends string> {
    protected readonly forceTwoFactor: boolean;
    protected readonly baseUserRepository: BaseUserRepository<RoleType>;
    protected readonly twoFactorHeader: string;
    protected readonly twoFactorLabel?: string | undefined;
    constructor(forceTwoFactor: boolean, baseUserRepository: BaseUserRepository<RoleType>, twoFactorHeader: string, twoFactorLabel?: string | undefined);
    /**
     * Generates a secret and a two factor auth url to use for a qr code.
     * Both values gets saved to the user credentials of the user with the given id.
     * @param userId - The id of the user that wants to activate two factor authentication.
     * @param options - Additional options eg. Transaction.
     * @returns The qr code url.
     */
    turnOn2FA(userId: string, options?: Options): Promise<string>;
    /**
     * Confirms the setup of two factor authentication for the user with the given id.
     * @param userId - The id of the user that wants to activate two factor authentication.
     * @param code - The code that is used to confirm that the user has the correct secret setup.
     * @param options - Additional options eg. Transaction.
     */
    confirmTurnOn2FA(userId: string, code: string, options?: Options): Promise<void>;
    /**
     * Turns off 2fa for the user with the given id.
     * @param userId - The id of the user to turn 2fa off for.
     * @param options - Additional options eg. Transaction.
     */
    turnOff2FA(userId: string, options?: Options): Promise<void>;
    /**
     * Extracts a two factor code from the given request by reading the custom header.
     * @param request - The request of which the two factor code should be read.
     * @returns The found two factor code.
     * @throws When the custom header wasn't found, is empty or not 6 digits long.
     */
    extractCodeFromRequest(request: Request): string;
    /**
     * Validates the given two factor code for the user with the given id.
     * @param userId - The id of the user that tries to do something that requires a 2fa code.
     * @param code - The two factor code to validate.
     * @param options - Additional options eg. Transaction.
     */
    validateCode(userId: string, code: string, options?: Options): Promise<void>;
    private generateSecret;
}