extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2024-12-03 22:01:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,446 Commits 4 Branches 48 Tags 26 MiB
39bbc8c134
Commit Graph

419 Commits

Author SHA1 Message Date
Bubka
720eb16750 Refactoring - Move OTPHP logic to TwoFAccount model 2022-07-06 17:10:50 +02:00
Bubka
c998356ba5 Add steamtotp to validation requests 2022-06-25 17:31:39 +02:00
Bubka
c20e5f79ef Move G-Auth import logic from controller to service 2022-06-20 17:55:40 +02:00
Bubka
0cccdf32ed Add back-end route|controller|request for import feature 2022-06-20 17:55:40 +02:00
Bubka
5940cbf93f Generate protobuf classes for Google Authenticator import 2022-06-20 17:55:40 +02:00
Bubka
f2b7664a2f Fix logging of deleted ids 2022-06-01 00:10:29 +02:00
Bubka
f2716782f7 Log twofaccount deletion 2022-05-31 23:37:26 +02:00
Bubka
abce20419b Fix #80 - Cannot access accounts with proxy header auth 2022-05-19 16:42:43 +02:00
Bubka
9deb821d53 Render proxy authentication exception as 407 response 2022-05-19 15:47:34 +02:00
Bubka
0199ad3a77 Fix #84 - Reverse proxy guard authenticates even with invalid headers 2022-05-18 23:58:29 +02:00
Bubka
c2edd69c54 Fix missing email address of remote user 2022-05-18 22:50:13 +02:00
Bubka
6fab8abb9a Fix user creation issue in remote user provider 2022-05-18 16:09:41 +02:00
Bubka
6ef67fbc64 Fix #82 - Add a proxy logout URL and skip auto lock when it is not set 2022-05-16 23:51:33 +02:00
Bubka
070c6a2486 Fix #73 - CSRF token mismatch 2022-05-14 13:45:12 +02:00
Bubka
233c61d659 Clean logout mixin and session middleware 2022-05-13 16:44:01 +02:00
Bubka
5e0ea50e76 Restore Demo flags 2022-05-10 08:57:45 +02:00
Bubka
7f2806e7d9 Fix test error on kick-out inactive user 2022-05-10 00:59:07 +02:00
Bubka
ebdca6bb42 Force logout of inactive users 2022-05-09 18:39:06 +02:00
Bubka
02ebccb4de Use single quote in raw SQL to fix postgres error 2022-04-14 15:13:10 +02:00
Bubka
bf495f9019 Add trusted proxies as an env var 2022-04-14 11:34:40 +02:00
Bubka
0999ad5a24 Fix possible MySQL index length issue when using MyISAM engine in WAMP 2022-04-04 09:23:23 +02:00
Bubka
b0b648cf80 Add & validate MySQL tests 2022-04-01 13:35:59 +02:00
Bubka
ee22e24cf1 Fix and complete tests 2022-03-31 11:24:02 +02:00
Bubka
5eee3de134 Refactor routes rejection using middlewares 2022-03-31 11:24:02 +02:00
Bubka
ff93fb313d Complete the ResetDemo artisan command with newly added db tables 2022-03-31 11:24:01 +02:00
Bubka
a786efc6e8 Apply Demo restrictions on more routes 2022-03-31 11:24:01 +02:00
Bubka
cdfda1591b Add possibility to delete the registered user and reset 2FAuth data 2022-03-31 11:24:01 +02:00
Bubka
dbb17b3f12 Remove useless routeMiddlewares 2022-03-31 11:24:01 +02:00
Bubka
9b96c5fd70 Code cleaning 2022-03-31 11:24:01 +02:00
Bubka
725c012042 Fix and complete reverse-proxy support & Adjust front-end views 2022-03-31 11:24:01 +02:00
Bubka
911e18c9c4 Add reverse-proxy guard to support authentication proxy 2022-03-31 11:24:01 +02:00
Bubka
f3c6b9da5b Add WebAuthn authentication 2022-03-31 11:24:01 +02:00
Bubka
9f574feada Add support of the Accept_language header for UI localization 2022-03-31 11:24:01 +02:00
Bubka
20856d62c6 Upgrade to Laravel 8 2022-03-31 11:24:01 +02:00
Bubka
65da59db64 Drop appstract/laravel-options package 2022-03-31 11:24:01 +02:00
Bubka
8b0871e8ba Complete Unit, Feature and Api tests 2022-03-31 11:24:01 +02:00
Bubka
054b8a2c21 Update services doc block 2022-03-31 11:24:01 +02:00
Bubka
4ee3557cc1 Refactor login FormRequest and email case sensitive validation rule 2022-03-31 11:24:01 +02:00
Bubka
0a22fb4cf1 Move model events from eloquent closures to dedicated event classes 2022-03-31 11:24:01 +02:00
Bubka
97aefcbbe5 Use real-time facade to inject Setting service to ensure testability 2022-03-31 11:24:01 +02:00
Bubka
531cd74758 Refactor db encryption feature 2022-03-31 11:24:01 +02:00
Bubka
776b2b5093 Update controllers doc block 2022-03-31 11:24:01 +02:00
Bubka
3669dd7e31 Replace deprecated method from Laravel 6.x 2022-03-31 11:24:01 +02:00
Bubka
77234ddc66 Fix type hinting for TwoFAccount resources 2022-03-31 11:24:01 +02:00
Bubka
91fd43b528 Fix get method not returning all possible settings 2022-03-31 11:24:01 +02:00
Bubka
d537c98b76 Fix default group not being defined correctly 2022-03-31 11:24:01 +02:00
Bubka
923ff04e3c Remove useless method parameter 2022-03-31 11:24:01 +02:00
Bubka
025cfc5e58 Restrict comparison to null value only 2022-03-31 11:24:01 +02:00
Bubka
45b835bbd5 Reorganize and enhance tests 2022-03-31 11:24:01 +02:00
Bubka
eea7cec043 Fix inactivity middleware trying to logout stateless request 2022-03-31 11:24:01 +02:00
Bubka
6533f844d9 Fix null group_id on twofaccount creation with specific default group 2022-03-31 11:24:01 +02:00
Bubka
a6d4b6c5f6 Fix reset-demo artisan command and its test 2022-03-31 11:24:01 +02:00
Bubka
c8218c8cd7 Authorize FormRequests to authenticated user only 2022-03-31 11:24:01 +02:00
Bubka
f5e632b4e5 Fix assignAccounts not returning a group resource 2022-03-31 11:24:01 +02:00
Bubka
6bc3f74459 Refresh twofaccounts count after group assignment 2022-03-31 11:24:01 +02:00
Bubka
ca4b16a7cc Fix Group resource returning null twofaccounts_count 2022-03-31 11:24:01 +02:00
Bubka
7efa86b232 Set up paths & namespace to match versioned routes 2022-03-31 11:24:01 +02:00
Bubka
0383f07ad7 Add versioning to Laravel routes 2022-03-31 11:24:01 +02:00
Bubka
9ca9fcc9ef Reorganize files to prepare API versioning 2022-03-31 11:24:01 +02:00
Bubka
affd4bdf8d Enable CORS 2022-03-31 11:24:01 +02:00
Bubka
8318f0f7a6 Disable inactivity tracking for user authenticated against bearer token 2022-03-31 11:24:01 +02:00
Bubka
d6306e5dd0 Use FreshApiToken instead of Personal access token for front-end auth 2022-03-31 11:24:01 +02:00
Bubka
6fab74368f Cast Number settings as integer instead of float 2022-03-31 11:24:01 +02:00
Bubka
5db549fe5e Add logs 2022-03-31 11:24:01 +02:00
Bubka
9e899aab53 Add Artisan command to fix inconsistent accounts after migration 2022-03-31 11:24:01 +02:00
Bubka
c7b43de835 Replace DbProtection class by an Encryption service 2022-03-31 11:24:01 +02:00
Bubka
bb76f851d8 Reset default/active group when deleting a group 2022-03-31 11:24:01 +02:00
Bubka
aa7321ce81 Change returned type to handle exceptions correctly 2022-03-31 11:24:01 +02:00
Bubka
2cb4578109 Move options to config/2fauth 2022-03-31 11:24:01 +02:00
Bubka
a58a4a3def Handle comma-separated ids correctly 2022-03-31 11:24:01 +02:00
Bubka
194eb54335 Fix TwoFAccounts assignment when destination group does not exist 2022-03-31 11:24:01 +02:00
Bubka
faada93720 Remove inconsistent icon delete 2022-03-31 11:24:01 +02:00
Bubka
7bef68e731 Fix TwoFAccount update validation rules again 2022-03-31 11:24:01 +02:00
Bubka
8eae21e4da Fix TwoFAccount controller update method not returning an API resource 2022-03-31 11:24:01 +02:00
Bubka
1d503ca313 Fix TwoFAccount update validation rules 2022-03-31 11:24:01 +02:00
Bubka
0f34736e4e Fix token algorithm not being updated 2022-03-31 11:24:01 +02:00
Bubka
d329b82a30 Fix comma-separated regex rule for ids 2022-03-31 11:24:01 +02:00
Bubka
c927f3f9ab Fix single TwoFAccount association to group 2022-03-31 11:24:01 +02:00
Bubka
72db88e9fa Fix error when submitting null OTP parameters 2022-03-31 11:24:01 +02:00
Bubka
52f9867fee Rename valid_for property to period 2022-03-31 11:24:01 +02:00
Bubka
f19fb0adad Add otp_type property when returning an OTP object 2022-03-31 11:24:01 +02:00
Bubka
c27bef1819 Fix change password validation rule not checking for confirmation 2022-03-31 11:24:01 +02:00
Bubka
69c3f08f7b Fix MySQL foreign key constraint error on Group delete 2022-03-31 11:24:01 +02:00
Bubka
b79570bcd9 Fix regex validation rule for TwoFAccounts batch delete 2022-03-31 11:24:01 +02:00
Bubka
361ee38cf2 Change Settings attributes and routes 2022-03-31 11:24:01 +02:00
Bubka
8dc5e7d6e9 Fix Group resource overriding TwoFAccounts count 2022-03-31 11:24:01 +02:00
Bubka
a5514ba06b Refactor Auth controllers : thicker, with Form requests & API resource 2022-03-31 11:24:01 +02:00
Bubka
1a51cf967a Remove useless overrides since json is the default response format 2022-03-31 11:24:01 +02:00
Bubka
77cf15cf5e Move isDemoApp to a new 2FAuth config file 2022-03-31 11:24:01 +02:00
Bubka
350d00902e Add a new Exception to be gracefully rendered 2022-03-31 11:24:01 +02:00
Bubka
3aef29717f Clean unused namespaces 2022-03-31 11:24:01 +02:00
Bubka
10fc144246 Refactor Options to a Setting service bound with the service container 2022-03-31 11:24:01 +02:00
Bubka
afaa1a0a7a Update phpdocs 2022-03-31 11:24:01 +02:00
Bubka
037ebaa8ba Add groups accounts fetching with dedicated route 2022-03-31 11:24:01 +02:00
Bubka
6761b9e40b Set controllers to use Group service & API resources 2022-03-31 11:24:01 +02:00
Bubka
c7e273a580 Add Form Requests for Groups validation 2022-03-31 11:24:01 +02:00
Bubka
672e189e55 Refactor Group for thin model & Add a dedicated business service 2022-03-31 11:24:01 +02:00
Bubka
1091b95e49 Set mass DELETE according to REST (no request body) for twofaccounts 2022-03-31 11:24:00 +02:00
Bubka
5959b692de Change order saving endpoint and remove position property 2022-03-31 11:24:00 +02:00
Bubka
59a63f5a2a Move TwoFAccounts order saving to business service 2022-03-31 11:24:00 +02:00
Bubka
898ba1629e Make some cleaning 2022-03-31 11:24:00 +02:00
Bubka
0d91fb5aa2 Set controllers to use TwoFAccount business service 2022-03-31 11:24:00 +02:00
Bubka
719ea3854f Refactor TwoFAccount for thin model & Add a dedicated business service 2022-03-31 11:24:00 +02:00
Bubka
f22f389487 Set JSON resources without wrapping 2022-03-31 11:24:00 +02:00
Bubka
a2c67d1558 Add Form Requests for TwoFAccounts validation 2022-03-31 11:24:00 +02:00
Bubka
f7fcef77f1 Add new exceptions 2022-03-31 11:24:00 +02:00
Bubka
297b55f66f Reformat some responses 2022-03-31 11:24:00 +02:00
Bubka
f3adb0b5dd Move some TwoFAccount validations to Form Requests 2022-03-31 11:24:00 +02:00
Bubka
3036e534e7 Move QrCode controller logic to a business service 2022-03-31 11:24:00 +02:00
Bubka
9af39a469c Force JSON responses everywhere 2022-03-31 11:24:00 +02:00
Bubka
0e703d3c84 Add artisan command to check db connection 2022-03-31 11:24:00 +02:00
Bubka
cff545d936 Fix query to return the user even if userId > 0 2020-12-02 23:50:17 +01:00
Bubka
4d6ae849d8 Force lowercase on email to prevent capitalization issue with SQLite 2020-12-02 23:48:16 +01:00
Bubka
b80f7b6b3b Complete fix for #17 2020-12-01 18:34:44 +01:00
Bubka
e7156d0650 Fix too long key error during migration for some MySQL setup 2020-12-01 09:19:58 +01:00
Bubka
92be5976ff Fix #17 : Capitalization of email address during login should not matter 2020-12-01 07:06:01 +01:00
Bubka
0374bc4994 Fix phpunit tests 2020-11-24 23:09:06 +01:00
Bubka
893f29849e Refactor checkUser controller 2020-11-24 23:08:21 +01:00
Bubka
747eb98de3 Add punchlines to auth forms 2020-11-24 22:57:32 +01:00
Bubka
7df763073b Push to Register form or hide it from Login form 2020-11-24 16:54:19 +01:00
Bubka
c895e95b87 Apply group filtering on client side to save an api call 2020-11-23 12:58:44 +01:00
Bubka
13dc8b75e5 Cast model attributes that should be integer 2020-11-23 12:54:06 +01:00
Bubka
fa90fb0867 Remove useless assignation 2020-11-22 12:26:20 +01:00
Bubka
742107a270 Return account even if the uri stored in db is still encrypted (or invalid) 2020-11-22 11:00:55 +01:00
Bubka
ed1ac10f59 Fix exception type declaration 2020-11-22 10:56:27 +01:00
Bubka
630d3b9a87 Hide created/updated timestamp group attributes from api response 2020-11-21 21:50:33 +01:00
Bubka
7a32998b4c Return only essentials attributes when a token is requested to back-end 2020-11-21 21:46:31 +01:00
Bubka
b4ce39e9d5 Define accountCount internally instead of as a props 2020-11-21 21:34:45 +01:00
Bubka
af5b52dcf8 Reset exception handler to the Laravel 7.* definition 2020-11-20 19:06:58 +01:00
Bubka
019d380cb2 Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00
Bubka
101a26b035 Prefill icon field with imageLink resource 2020-11-18 23:48:51 +01:00
Bubka
523c857d18 Code refactoring 2020-11-18 01:13:00 +01:00
Bubka
b113109340 Prevent exception if the requested Option does not exist 2020-11-17 21:59:07 +01:00
Bubka
d9b48e8806 Revert unwanted previous change 2020-11-17 21:39:02 +01:00
Bubka
03981bc12b Fix base32 Encoding usage 2020-11-17 21:27:55 +01:00
Bubka
efff5ecd1f Fix missing attributes during store 2020-11-17 15:45:01 +01:00
Bubka
648c8f8006 Run populateFromUri() from uri setter instead of external call 2020-11-17 15:30:50 +01:00
Bubka
7bdd286fb2 Update Edit form to match with the new TwoFAccount model 2020-11-16 14:45:24 +01:00
Bubka
50f956957c Fix wrong parameter call 2020-11-16 14:36:19 +01:00
Bubka
17eb3d46c6 Always use lowercase for otpType and apply uppercase with CSS if needed 2020-11-16 14:15:33 +01:00
Bubka
27dd64a965 Add route to get TwoFAccount with sensitive data 2020-11-16 14:10:54 +01:00
Bubka
8253d28102 Fix #11 : Set TOTP loop duration on remaining time instead of remaining dots 2020-11-16 09:38:28 +01:00
Bubka
02798a05f3 Move token generation from dedicated class to TwoFAccount model class 2020-11-14 18:55:10 +01:00
Bubka
acd1b2deca Enforce Create form validation 2020-11-14 18:48:27 +01:00
Bubka
657b9288da Force URI (re)generation at TwoFAccount model saving 2020-11-14 18:43:30 +01:00
Bubka
9dd8b1f169 Add Original message from Exception to the error page 2020-11-14 18:37:46 +01:00
Bubka
207ee2d3fb Convert the standard Create form to an advanced form 2020-11-13 15:45:17 +01:00
Bubka
2f32551e99 Make URI visible in the QrCode controller response 2020-11-13 14:52:24 +01:00
Bubka
45a3f60fc6 Update QrCode controller to work with new TwoFAccount model 2020-11-12 00:18:38 +01:00
Bubka
8baa2156a8 Update OTP generation to work with new TwoFAccount model 2020-11-12 00:15:55 +01:00
Bubka
783fc82fc9 Rebuild TwoFAccount model on top of an OTPHP object 2020-11-12 00:09:33 +01:00
Bubka
428c83ad82 Add IsConsistent property to identify undecipherable accounts 2020-11-07 00:23:38 +01:00
Bubka
289a208847 Push to Error view when ProtectDB option fail 2020-11-06 17:49:28 +01:00
Bubka
d1d4734031 Avoid uri to be sent to front-end 2020-11-06 15:51:52 +01:00
Bubka
67fa859b2a Complete exception handling 2020-11-05 22:54:06 +01:00
Bubka
544e916d60 Enhance OTP type detection 2020-11-05 22:50:49 +01:00
Bubka
d448ed9122 Code cleaning & refactoring 2020-11-05 22:47:59 +01:00
Bubka
6712613a20 Move DB protection logic to a dedicated class 2020-11-05 22:46:25 +01:00
Bubka
38fba9e44e Fix typo 2020-11-04 23:20:59 +01:00
Bubka
a8e5535d6b Add Default group option in Settings 2020-11-02 22:41:40 +01:00
Bubka
bf31a9b599 Fix #9 2020-11-02 21:51:53 +01:00
Bubka
04af792b58 Set persisted ordering back 2020-11-02 15:32:09 +01:00
Bubka
7a3f9b526f Add 'Show QR code' feature to the manage view 2020-11-02 13:39:43 +01:00
Bubka
53bb3b9c54 Add a user option to encrypt/decrypt sensitive db data 2020-10-31 01:16:15 +01:00
Bubka
fe02bac6d6 Complete Move to group feature 2020-10-28 17:51:32 +01:00
Bubka
afc2095e27 Add Group scope to TwoFAccount model 2020-10-25 23:52:42 +01:00
Bubka
273aaa9840 Add Group model & controller 2020-10-25 23:50:13 +01:00
Bubka
b566c233e6 Complete phpunit tests 2020-10-12 15:44:11 +02:00
Bubka
4303af509f Show inoperative Request pwd form in Demo 2020-10-12 14:00:09 +02:00
Bubka
06d5c62e8d Upgrade to Laravel 7.0 2020-10-12 08:05:33 +02:00
Bubka
6d1424e195 Fix typos to comply with psr-4 autoloading 2020-10-11 19:14:56 +02:00
Bubka
d716213ece Update and complete phpunit tests 2020-10-09 13:35:03 +02:00
Bubka
9b34159c4c Add auto-lock option 2020-10-08 15:38:36 +02:00
Bubka
9f398933ea Set the uploader as a vue component with qrcode-reader as default 2020-04-24 09:03:00 +02:00
Bubka
fd3d016b80 Change Options getter to return a single option 2020-04-02 10:40:13 +02:00
Bubka
eaabe6e9e3 Make the accounts sortable and persist new order. 
Deactivate Pull-to-refresh feature to prevent side effects
 2020-03-27 22:36:01 +01:00
Bubka
a70606d57d Set TwoFAccount controller to return an ordered collection 2020-03-25 22:05:11 +01:00
Bubka
2295613263 Set TwoFAccount model to be sortable 2020-03-25 21:58:05 +01:00
Bubka
358ce983b8 Use config() helper in place of env() to prevent null value when config:cache is used 2020-03-24 13:24:33 +01:00
Bubka
05f1813a25 Test 2fauth console command 2020-03-21 23:08:00 +01:00
Bubka
297948e0f2 Clean forgotten code in previous commit #ecd92c1 2020-03-21 12:57:17 +01:00
Bubka
ecd92c0b0b Reset demo in a lighter way 2020-03-20 23:15:36 +01:00
Bubka
e2b9b5b685 Add --no-confirm option to Artisan reset-demo command 2020-03-20 21:46:06 +01:00
Bubka
743e644fd6 Add Artisan command and seeder to reset a demo App 2020-03-19 22:25:04 +01:00
Bubka
f12557c4aa Prevent account and password change while in demo mode 2020-03-18 22:59:45 +01:00
Bubka
76ebf847df Set Options with fallback values and better boolean handling 2020-03-13 22:10:36 +01:00
Bubka
80d9433774 Refactore Profile to Settings & Setting to Options 2020-03-09 20:24:25 +01:00
Bubka
98c02a48dc Enhance test code coverage 2020-03-08 20:16:56 +01:00
Bubka
8927a4c7c0 Restore native ResetPassword notification and test it 2020-03-06 15:07:09 +01:00
Bubka
20970606a3 Fix and test Redirection when already authenticated 2020-03-05 17:14:57 +01:00
Bubka
48e3d22446 Cleaning 2020-03-05 16:41:55 +01:00
Bubka
53ada0bfaa Try to fix TravisCI failing on route test 2020-03-05 12:56:35 +01:00
Bubka
6a694280cd Move appSettings generation from blade template to controller 2020-03-05 12:30:35 +01:00
Bubka
ecc7447980 Refactore Register controller 2020-03-04 21:49:45 +01:00
Bubka
b07d599fb8 Fix logout test 2020-03-04 17:19:42 +01:00
Bubka
9f3a770f21 Refactore login controller and add login attempts throttling 2020-03-04 12:59:55 +01:00
Bubka
fe5f4c8b88 Fix error handler not displaying exception message in debug env 2020-03-04 12:37:36 +01:00
Bubka
7090cd8b33 Refactore Profile controllers and routes 2020-03-03 22:09:06 +01:00
Bubka
b30219f407 Handle Language setting from Laravel side 2020-02-27 12:18:46 +01:00
Bubka
be4e678080 Handle correctly counter update in case of HOTP preview 2020-02-06 16:06:02 +01:00