Commit Graph

265 Commits

Author SHA1 Message Date
Bubka
9913560787 Enhance logging during authentication (#163) 2023-03-16 15:58:00 +01:00
Bubka
960d1ca5f9 Fix missing login throttling on WebAuthn login controller 2023-03-16 13:23:58 +01:00
Bubka
82717077be Remove invalid calls to the Settings facade 2023-03-15 16:26:32 +01:00
Bubka
4d8180a8c1 Replace the useWebauthnAsDefault option by a client side form toggle 2023-03-15 14:44:51 +01:00
Bubka
f359a1ade3 Fix user preferences not being applied correctly after sign-in 2023-03-15 11:46:37 +01:00
Bubka
5ced8cbf0e Make the User Name unique 2023-03-13 14:53:42 +01:00
Bubka
dce3d16c37 Apply Laravel Pint fixes 2023-03-10 22:59:46 +01:00
Bubka
4753401827 Prevent last admin deletion & Update the Delete user feature 2023-03-10 16:02:56 +01:00
Bubka
fd6941d300 Update the About view and its controller to split user & admin vars 2023-03-10 16:01:23 +01:00
Bubka
a2e0c52189 Add a Unique rule for user email validation in update/store requests 2023-03-10 15:57:34 +01:00
Bubka
9133436020 Update logs messages 2023-02-27 00:33:42 +01:00
Bubka
c8c1530b51 Apply Laravel Pint fixes 2023-02-25 22:23:38 +01:00
Bubka
ed3a17a4fb Add IDs to logs to identify the user concerned by the logged event 2023-02-21 14:09:36 +01:00
Bubka
5c83e17752 Let the WebAuthn form log in any user 2023-02-21 09:29:05 +01:00
Bubka
90f322f3b1 Set the first user to be an admin 2023-02-20 17:12:24 +01:00
Bubka
3c3d35bff5 Enable creation of multiple users 2023-02-20 17:09:59 +01:00
Bubka
373ffa14c8 Fix language definition in blade view 2023-02-19 22:59:20 +01:00
Bubka
5e5e50d053 Add Admin role & split settings between appSettings and userPreferences 2023-02-17 17:12:53 +01:00
Bubka
eadebb41ac Add a Light theme and a theme detection/selection feature 2023-02-01 17:21:55 +01:00
Bubka
dcc6579365 Fix custom base URL support 2023-01-25 16:58:30 +01:00
Bubka
8f6bf85fa8 Add support for custom base URL - resolve #114 2023-01-20 17:36:15 +01:00
Bubka
2d706e61b7 Apply Laravel Pint fixes 2022-12-13 12:07:29 +01:00
Bubka
65c4bbc496 Apply Laravel Pint fixes 2022-12-09 10:55:11 +01:00
Bubka
05a39b6501 Update tests & minor fixes 2022-12-09 10:53:01 +01:00
Bubka
d6fd8e3c52 Apply Laravel Pint fixes 2022-11-25 15:20:36 +01:00
Bubka
d84dd6659e Complete phpDocs type-hints 2022-11-25 15:20:36 +01:00
Bubka
b6a0e5055c Fix multiple issues detected by static analysis 2022-11-25 15:20:36 +01:00
Bubka
017bbc6304 Replace darkghosthunter/larapass with laragear/webauthn 2022-11-25 15:20:36 +01:00
Bubka
0ac04a321d Upgrade to Laravel 9 2022-11-25 15:18:19 +01:00
Bubka
e40e58c0bf Log failed login 2022-10-18 18:51:45 +02:00
Bubka
6276c665a9 Add logs for common Auth actions 2022-10-18 17:34:56 +02:00
Bubka
8d3a97a701 Complete the release radar to notify new 2Fauth releases - Close #127 2022-10-12 11:14:17 +02:00
Bubka
062d809a28 Initiate the Release Radar 2022-09-21 21:50:41 +02:00
Bubka
cc70fdacf6 Remove Auth env var from the About page for anonymous user 2022-09-07 18:07:37 +02:00
Bubka
3e391167c6 Make language detection more robust 2022-09-07 17:56:42 +02:00
Bubka
2123250a5e Fix multiple issues detected by static analysis 2022-09-07 17:54:27 +02:00
Bubka
70c4c271cd Fix some issues detected by static analysis 2022-08-26 16:06:59 +02:00
Bubka
fbb85342c1 Fix #110 - Reset WebAuthn user options after last device revocation 2022-08-10 18:39:41 +02:00
Bubka
3f279f358c Add user logging after WebAuthn authentication - Fix #109 2022-08-02 10:57:16 +02:00
Bubka
6da24f7063 Reinstate user logging middleware for web routes behind auth - Fix #109 2022-08-02 09:27:35 +02:00
Bubka
f7ac1e96c3 Set SettingService behind a Facade 2022-07-30 17:51:02 +02:00
Bubka
e2bfbe5868 Bind TwoFAccountService to Service Container 2022-07-29 19:22:54 +02:00
Bubka
2fa2cf8c99 Add an About view - Close #91 2022-07-21 15:48:23 +02:00
Bubka
68ebeeb53a Close #88 - Remove the "Already authenticated" error on login forms 2022-07-12 12:32:32 +02:00
Bubka
cb2de26e93 Add a reset command to set up a Testing app with data (like Demo) 2022-07-07 16:39:57 +02:00
Bubka
abce20419b Fix #80 - Cannot access accounts with proxy header auth 2022-05-19 16:42:43 +02:00
Bubka
6ef67fbc64 Fix #82 - Add a proxy logout URL and skip auto lock when it is not set 2022-05-16 23:51:33 +02:00
Bubka
070c6a2486 Fix #73 - CSRF token mismatch 2022-05-14 13:45:12 +02:00
Bubka
233c61d659 Clean logout mixin and session middleware 2022-05-13 16:44:01 +02:00
Bubka
5e0ea50e76 Restore Demo flags 2022-05-10 08:57:45 +02:00
Bubka
7f2806e7d9 Fix test error on kick-out inactive user 2022-05-10 00:59:07 +02:00
Bubka
ebdca6bb42 Force logout of inactive users 2022-05-09 18:39:06 +02:00
Bubka
bf495f9019 Add trusted proxies as an env var 2022-04-14 11:34:40 +02:00
Bubka
ee22e24cf1 Fix and complete tests 2022-03-31 11:24:02 +02:00
Bubka
5eee3de134 Refactor routes rejection using middlewares 2022-03-31 11:24:02 +02:00
Bubka
a786efc6e8 Apply Demo restrictions on more routes 2022-03-31 11:24:01 +02:00
Bubka
cdfda1591b Add possibility to delete the registered user and reset 2FAuth data 2022-03-31 11:24:01 +02:00
Bubka
dbb17b3f12 Remove useless routeMiddlewares 2022-03-31 11:24:01 +02:00
Bubka
9b96c5fd70 Code cleaning 2022-03-31 11:24:01 +02:00
Bubka
725c012042 Fix and complete reverse-proxy support & Adjust front-end views 2022-03-31 11:24:01 +02:00
Bubka
911e18c9c4 Add reverse-proxy guard to support authentication proxy 2022-03-31 11:24:01 +02:00
Bubka
f3c6b9da5b Add WebAuthn authentication 2022-03-31 11:24:01 +02:00
Bubka
9f574feada Add support of the Accept_language header for UI localization 2022-03-31 11:24:01 +02:00
Bubka
20856d62c6 Upgrade to Laravel 8 2022-03-31 11:24:01 +02:00
Bubka
65da59db64 Drop appstract/laravel-options package 2022-03-31 11:24:01 +02:00
Bubka
4ee3557cc1 Refactor login FormRequest and email case sensitive validation rule 2022-03-31 11:24:01 +02:00
Bubka
eea7cec043 Fix inactivity middleware trying to logout stateless request 2022-03-31 11:24:01 +02:00
Bubka
0383f07ad7 Add versioning to Laravel routes 2022-03-31 11:24:01 +02:00
Bubka
9ca9fcc9ef Reorganize files to prepare API versioning 2022-03-31 11:24:01 +02:00
Bubka
affd4bdf8d Enable CORS 2022-03-31 11:24:01 +02:00
Bubka
8318f0f7a6 Disable inactivity tracking for user authenticated against bearer token 2022-03-31 11:24:01 +02:00
Bubka
d6306e5dd0 Use FreshApiToken instead of Personal access token for front-end auth 2022-03-31 11:24:01 +02:00
Bubka
5db549fe5e Add logs 2022-03-31 11:24:01 +02:00
Bubka
c7b43de835 Replace DbProtection class by an Encryption service 2022-03-31 11:24:01 +02:00
Bubka
2cb4578109 Move options to config/2fauth 2022-03-31 11:24:01 +02:00
Bubka
7bef68e731 Fix TwoFAccount update validation rules again 2022-03-31 11:24:01 +02:00
Bubka
8eae21e4da Fix TwoFAccount controller update method not returning an API resource 2022-03-31 11:24:01 +02:00
Bubka
1d503ca313 Fix TwoFAccount update validation rules 2022-03-31 11:24:01 +02:00
Bubka
d329b82a30 Fix comma-separated regex rule for ids 2022-03-31 11:24:01 +02:00
Bubka
c27bef1819 Fix change password validation rule not checking for confirmation 2022-03-31 11:24:01 +02:00
Bubka
b79570bcd9 Fix regex validation rule for TwoFAccounts batch delete 2022-03-31 11:24:01 +02:00
Bubka
361ee38cf2 Change Settings attributes and routes 2022-03-31 11:24:01 +02:00
Bubka
8dc5e7d6e9 Fix Group resource overriding TwoFAccounts count 2022-03-31 11:24:01 +02:00
Bubka
a5514ba06b Refactor Auth controllers : thicker, with Form requests & API resource 2022-03-31 11:24:01 +02:00
Bubka
1a51cf967a Remove useless overrides since json is the default response format 2022-03-31 11:24:01 +02:00
Bubka
77cf15cf5e Move isDemoApp to a new 2FAuth config file 2022-03-31 11:24:01 +02:00
Bubka
3aef29717f Clean unused namespaces 2022-03-31 11:24:01 +02:00
Bubka
10fc144246 Refactor Options to a Setting service bound with the service container 2022-03-31 11:24:01 +02:00
Bubka
afaa1a0a7a Update phpdocs 2022-03-31 11:24:01 +02:00
Bubka
037ebaa8ba Add groups accounts fetching with dedicated route 2022-03-31 11:24:01 +02:00
Bubka
6761b9e40b Set controllers to use Group service & API resources 2022-03-31 11:24:01 +02:00
Bubka
c7e273a580 Add Form Requests for Groups validation 2022-03-31 11:24:01 +02:00
Bubka
1091b95e49 Set mass DELETE according to REST (no request body) for twofaccounts 2022-03-31 11:24:00 +02:00
Bubka
5959b692de Change order saving endpoint and remove position property 2022-03-31 11:24:00 +02:00
Bubka
59a63f5a2a Move TwoFAccounts order saving to business service 2022-03-31 11:24:00 +02:00
Bubka
898ba1629e Make some cleaning 2022-03-31 11:24:00 +02:00
Bubka
0d91fb5aa2 Set controllers to use TwoFAccount business service 2022-03-31 11:24:00 +02:00
Bubka
a2c67d1558 Add Form Requests for TwoFAccounts validation 2022-03-31 11:24:00 +02:00
Bubka
297b55f66f Reformat some responses 2022-03-31 11:24:00 +02:00
Bubka
f3adb0b5dd Move some TwoFAccount validations to Form Requests 2022-03-31 11:24:00 +02:00