Commit Graph

254 Commits

Author SHA1 Message Date
Bubka
f3c6b9da5b Add WebAuthn authentication 2022-03-31 11:24:01 +02:00
Bubka
9f574feada Add support of the Accept_language header for UI localization 2022-03-31 11:24:01 +02:00
Bubka
20856d62c6 Upgrade to Laravel 8 2022-03-31 11:24:01 +02:00
Bubka
65da59db64 Drop appstract/laravel-options package 2022-03-31 11:24:01 +02:00
Bubka
4ee3557cc1 Refactor login FormRequest and email case sensitive validation rule 2022-03-31 11:24:01 +02:00
Bubka
eea7cec043 Fix inactivity middleware trying to logout stateless request 2022-03-31 11:24:01 +02:00
Bubka
0383f07ad7 Add versioning to Laravel routes 2022-03-31 11:24:01 +02:00
Bubka
9ca9fcc9ef Reorganize files to prepare API versioning 2022-03-31 11:24:01 +02:00
Bubka
affd4bdf8d Enable CORS 2022-03-31 11:24:01 +02:00
Bubka
8318f0f7a6 Disable inactivity tracking for user authenticated against bearer token 2022-03-31 11:24:01 +02:00
Bubka
d6306e5dd0 Use FreshApiToken instead of Personal access token for front-end auth 2022-03-31 11:24:01 +02:00
Bubka
5db549fe5e Add logs 2022-03-31 11:24:01 +02:00
Bubka
c7b43de835 Replace DbProtection class by an Encryption service 2022-03-31 11:24:01 +02:00
Bubka
2cb4578109 Move options to config/2fauth 2022-03-31 11:24:01 +02:00
Bubka
7bef68e731 Fix TwoFAccount update validation rules again 2022-03-31 11:24:01 +02:00
Bubka
8eae21e4da Fix TwoFAccount controller update method not returning an API resource 2022-03-31 11:24:01 +02:00
Bubka
1d503ca313 Fix TwoFAccount update validation rules 2022-03-31 11:24:01 +02:00
Bubka
d329b82a30 Fix comma-separated regex rule for ids 2022-03-31 11:24:01 +02:00
Bubka
c27bef1819 Fix change password validation rule not checking for confirmation 2022-03-31 11:24:01 +02:00
Bubka
b79570bcd9 Fix regex validation rule for TwoFAccounts batch delete 2022-03-31 11:24:01 +02:00
Bubka
361ee38cf2 Change Settings attributes and routes 2022-03-31 11:24:01 +02:00
Bubka
8dc5e7d6e9 Fix Group resource overriding TwoFAccounts count 2022-03-31 11:24:01 +02:00
Bubka
a5514ba06b Refactor Auth controllers : thicker, with Form requests & API resource 2022-03-31 11:24:01 +02:00
Bubka
1a51cf967a Remove useless overrides since json is the default response format 2022-03-31 11:24:01 +02:00
Bubka
77cf15cf5e Move isDemoApp to a new 2FAuth config file 2022-03-31 11:24:01 +02:00
Bubka
3aef29717f Clean unused namespaces 2022-03-31 11:24:01 +02:00
Bubka
10fc144246 Refactor Options to a Setting service bound with the service container 2022-03-31 11:24:01 +02:00
Bubka
afaa1a0a7a Update phpdocs 2022-03-31 11:24:01 +02:00
Bubka
037ebaa8ba Add groups accounts fetching with dedicated route 2022-03-31 11:24:01 +02:00
Bubka
6761b9e40b Set controllers to use Group service & API resources 2022-03-31 11:24:01 +02:00
Bubka
c7e273a580 Add Form Requests for Groups validation 2022-03-31 11:24:01 +02:00
Bubka
1091b95e49 Set mass DELETE according to REST (no request body) for twofaccounts 2022-03-31 11:24:00 +02:00
Bubka
5959b692de Change order saving endpoint and remove position property 2022-03-31 11:24:00 +02:00
Bubka
59a63f5a2a Move TwoFAccounts order saving to business service 2022-03-31 11:24:00 +02:00
Bubka
898ba1629e Make some cleaning 2022-03-31 11:24:00 +02:00
Bubka
0d91fb5aa2 Set controllers to use TwoFAccount business service 2022-03-31 11:24:00 +02:00
Bubka
a2c67d1558 Add Form Requests for TwoFAccounts validation 2022-03-31 11:24:00 +02:00
Bubka
297b55f66f Reformat some responses 2022-03-31 11:24:00 +02:00
Bubka
f3adb0b5dd Move some TwoFAccount validations to Form Requests 2022-03-31 11:24:00 +02:00
Bubka
3036e534e7 Move QrCode controller logic to a business service 2022-03-31 11:24:00 +02:00
Bubka
9af39a469c Force JSON responses everywhere 2022-03-31 11:24:00 +02:00
Bubka
cff545d936 Fix query to return the user even if userId > 0 2020-12-02 23:50:17 +01:00
Bubka
4d6ae849d8 Force lowercase on email to prevent capitalization issue with SQLite 2020-12-02 23:48:16 +01:00
Bubka
92be5976ff Fix #17 : Capitalization of email address during login should not matter 2020-12-01 07:06:01 +01:00
Bubka
893f29849e Refactor checkUser controller 2020-11-24 23:08:21 +01:00
Bubka
747eb98de3 Add punchlines to auth forms 2020-11-24 22:57:32 +01:00
Bubka
7df763073b Push to Register form or hide it from Login form 2020-11-24 16:54:19 +01:00
Bubka
c895e95b87 Apply group filtering on client side to save an api call 2020-11-23 12:58:44 +01:00
Bubka
fa90fb0867 Remove useless assignation 2020-11-22 12:26:20 +01:00
Bubka
ed1ac10f59 Fix exception type declaration 2020-11-22 10:56:27 +01:00
Bubka
7a32998b4c Return only essentials attributes when a token is requested to back-end 2020-11-21 21:46:31 +01:00
Bubka
b4ce39e9d5 Define accountCount internally instead of as a props 2020-11-21 21:34:45 +01:00
Bubka
019d380cb2 Refactor QRcode handling using the brand new Start view 2020-11-20 14:11:32 +01:00
Bubka
101a26b035 Prefill icon field with imageLink resource 2020-11-18 23:48:51 +01:00
Bubka
d9b48e8806 Revert unwanted previous change 2020-11-17 21:39:02 +01:00
Bubka
03981bc12b Fix base32 Encoding usage 2020-11-17 21:27:55 +01:00
Bubka
efff5ecd1f Fix missing attributes during store 2020-11-17 15:45:01 +01:00
Bubka
648c8f8006 Run populateFromUri() from uri setter instead of external call 2020-11-17 15:30:50 +01:00
Bubka
7bdd286fb2 Update Edit form to match with the new TwoFAccount model 2020-11-16 14:45:24 +01:00
Bubka
27dd64a965 Add route to get TwoFAccount with sensitive data 2020-11-16 14:10:54 +01:00
Bubka
02798a05f3 Move token generation from dedicated class to TwoFAccount model class 2020-11-14 18:55:10 +01:00
Bubka
acd1b2deca Enforce Create form validation 2020-11-14 18:48:27 +01:00
Bubka
207ee2d3fb Convert the standard Create form to an advanced form 2020-11-13 15:45:17 +01:00
Bubka
2f32551e99 Make URI visible in the QrCode controller response 2020-11-13 14:52:24 +01:00
Bubka
45a3f60fc6 Update QrCode controller to work with new TwoFAccount model 2020-11-12 00:18:38 +01:00
Bubka
8baa2156a8 Update OTP generation to work with new TwoFAccount model 2020-11-12 00:15:55 +01:00
Bubka
289a208847 Push to Error view when ProtectDB option fail 2020-11-06 17:49:28 +01:00
Bubka
544e916d60 Enhance OTP type detection 2020-11-05 22:50:49 +01:00
Bubka
d448ed9122 Code cleaning & refactoring 2020-11-05 22:47:59 +01:00
Bubka
6712613a20 Move DB protection logic to a dedicated class 2020-11-05 22:46:25 +01:00
Bubka
a8e5535d6b Add Default group option in Settings 2020-11-02 22:41:40 +01:00
Bubka
bf31a9b599 Fix #9 2020-11-02 21:51:53 +01:00
Bubka
04af792b58 Set persisted ordering back 2020-11-02 15:32:09 +01:00
Bubka
7a3f9b526f Add 'Show QR code' feature to the manage view 2020-11-02 13:39:43 +01:00
Bubka
53bb3b9c54 Add a user option to encrypt/decrypt sensitive db data 2020-10-31 01:16:15 +01:00
Bubka
fe02bac6d6 Complete Move to group feature 2020-10-28 17:51:32 +01:00
Bubka
afc2095e27 Add Group scope to TwoFAccount model 2020-10-25 23:52:42 +01:00
Bubka
273aaa9840 Add Group model & controller 2020-10-25 23:50:13 +01:00
Bubka
4303af509f Show inoperative Request pwd form in Demo 2020-10-12 14:00:09 +02:00
Bubka
6d1424e195 Fix typos to comply with psr-4 autoloading 2020-10-11 19:14:56 +02:00
Bubka
d716213ece Update and complete phpunit tests 2020-10-09 13:35:03 +02:00
Bubka
9b34159c4c Add auto-lock option 2020-10-08 15:38:36 +02:00
Bubka
9f398933ea Set the uploader as a vue component with qrcode-reader as default 2020-04-24 09:03:00 +02:00
Bubka
eaabe6e9e3 Make the accounts sortable and persist new order.
Deactivate Pull-to-refresh feature to prevent side effects
2020-03-27 22:36:01 +01:00
Bubka
a70606d57d Set TwoFAccount controller to return an ordered collection 2020-03-25 22:05:11 +01:00
Bubka
f12557c4aa Prevent account and password change while in demo mode 2020-03-18 22:59:45 +01:00
Bubka
76ebf847df Set Options with fallback values and better boolean handling 2020-03-13 22:10:36 +01:00
Bubka
80d9433774 Refactore Profile to Settings & Setting to Options 2020-03-09 20:24:25 +01:00
Bubka
20970606a3 Fix and test Redirection when already authenticated 2020-03-05 17:14:57 +01:00
Bubka
48e3d22446 Cleaning 2020-03-05 16:41:55 +01:00
Bubka
53ada0bfaa Try to fix TravisCI failing on route test 2020-03-05 12:56:35 +01:00
Bubka
6a694280cd Move appSettings generation from blade template to controller 2020-03-05 12:30:35 +01:00
Bubka
ecc7447980 Refactore Register controller 2020-03-04 21:49:45 +01:00
Bubka
b07d599fb8 Fix logout test 2020-03-04 17:19:42 +01:00
Bubka
9f3a770f21 Refactore login controller and add login attempts throttling 2020-03-04 12:59:55 +01:00
Bubka
7090cd8b33 Refactore Profile controllers and routes 2020-03-03 22:09:06 +01:00
Bubka
b30219f407 Handle Language setting from Laravel side 2020-02-27 12:18:46 +01:00
Bubka
be4e678080 Handle correctly counter update in case of HOTP preview 2020-02-06 16:06:02 +01:00
Bubka
af9e6e13da Replace TOTP with OTP in locales for more generic error messages 2020-02-05 17:17:25 +01:00
Bubka
d097810508 New creation process for a better UX 2020-02-04 17:06:11 +01:00
Bubka
92d8c36a6d Remove useless check in controller 2020-02-02 20:57:21 +01:00
Bubka
7eac209724 Rework the Delete feature to support batch-delete 2020-01-31 23:05:06 +01:00
Bubka
eb28b59d76 Try to fix 403 on web hosting when deleting icon 2020-01-29 22:24:28 +01:00
Bubka
3dfdcb84bd Update username after Profile update 2020-01-27 22:04:47 +01:00
Bubka
59fe66710a Delete possible orphan icon when updating a twofaccount 2020-01-27 13:56:19 +01:00
Bubka
c948bc5f24 Remove unnecessary check 2020-01-27 13:35:47 +01:00
Bubka
c6b7c4e495 Remove unnecessary try|catch 2020-01-26 21:49:39 +01:00
Bubka
6726d85eb0 Add logic to force HOTP counter 2020-01-25 18:44:24 +01:00
Bubka
2233f1119b Refactoring 2020-01-25 18:22:45 +01:00
Bubka
ffaef86909 Check OTP validity before creation 2020-01-25 00:01:30 +01:00
Bubka
24e643ff87 Full support of HOTP 2020-01-24 22:37:48 +01:00
Bubka
a4a780b14f Add HOTP counter field to Edit form 2020-01-24 12:56:38 +01:00
Bubka
4e38e0bbfb Add Password and Profile update 2020-01-23 23:02:54 +01:00
Bubka
7ded76c92e Update User controller 2020-01-23 19:31:54 +01:00
Bubka
2be4e3e4e1 Use and handle default Laravel validation errors response 2020-01-19 23:02:20 +01:00
Bubka
aef68df370 Complete and fix Request/Reset password feature 2020-01-15 11:48:22 +01:00
Bubka
03d1e2aec6 Add reset password form 2020-01-14 23:50:07 +01:00
Bubka
46de6f1da1 Fix validation and response 2020-01-14 23:45:32 +01:00
Bubka
2ffe0b107e Add forgot password form 2020-01-14 17:06:59 +01:00
Bubka
956fb95a48 Better errors handling for TwoFAccount controller 2020-01-14 12:23:31 +01:00
Bubka
9632641702 Better errors handling for user controller 2020-01-14 11:49:35 +01:00
Bubka
efc3f5d61e Better errors handling for user controller 2020-01-13 23:10:32 +01:00
Bubka
289b36d9d0 Check user count to prevent more than one registered user 2020-01-13 22:24:14 +01:00
Bubka
11c7ff20a6 All hardcoded strings replaced by i18n translation 2020-01-12 19:55:17 +01:00
Bubka
ad09f233db Get OTP data from OTPHP parser 2020-01-10 22:52:47 +01:00
Bubka
35a6b0d87c Fix and complete unit tests 2020-01-10 13:43:36 +01:00
Bubka
e9ecbbe057 Handle missing 2FAccount when updating 2020-01-10 08:35:15 +01:00
Bubka
aaab76b7d3 Handle missing 2FAccount when deleting 2020-01-10 00:22:45 +01:00
Bubka
7b5ac91796 Route to 404 view when 2FAccount is missing 2020-01-10 00:07:37 +01:00
Bubka
028ddd0419 Validate 2FAccount edit form only with backend 2020-01-09 21:04:30 +01:00
Bubka
543f6b89db Better bad QR code handling in create form 2020-01-09 20:33:31 +01:00
Bubka
102d98863b Cleaning 2020-01-09 17:32:49 +01:00
Bubka
140cedccf3 Check URI validity after QR code upload 2020-01-09 17:32:27 +01:00
Bubka
93f7c4a709 Refactore generateTOTP() as a dedicated class 2020-01-09 16:41:41 +01:00
Bubka
e966b06a2f Validate 2FAccount create form only with backend 2020-01-09 16:33:32 +01:00
Bubka
77b6ac3e3f Validate User forms only with backend 2020-01-09 11:14:39 +01:00
Bubka
da6d64f9ee Refactore and fix for icon management 2020-01-08 23:22:51 +01:00
Bubka
21c7f20e21 Delete icon backend 2020-01-08 15:24:34 +01:00
Bubka
3a0bf1a596 Remove softDelete on 2FAccounts 2020-01-07 16:46:50 +01:00
Bubka
9e7ea7d0fb refactoring de Name & Email vers Service & Account 2020-01-06 21:45:14 +01:00
Bubka
5ef450566c Icon controller 2020-01-05 23:23:48 +01:00
Bubka
dfc8a70ec8 Icon is set using upload 2020-01-05 23:21:28 +01:00
Bubka
9c25e8f4e3 QR code upload 2020-01-03 17:25:56 +01:00
Bubka
20a2d40a85 Create and Edit update with icon field 2020-01-02 00:09:19 +01:00
Bubka
e58d7ac864 TOTP period and timer based on T0 2019-07-02 00:48:48 +02:00
Bubka
8b5f5223c0 new email field in TwoFAccount entity 2019-06-10 23:42:13 +02:00
Bubka
bf029bc741 API User details and logout 2019-05-29 11:04:12 +02:00
Bubka
24588e5d26 Basic vue frontend with auth 2019-05-28 17:29:15 +02:00
Bubka
e7695b64bc secret property now named uri to match otphp wording 2019-05-26 23:24:22 +02:00
Bubka
6a76a493a2 TOTP integration 2019-05-26 16:42:09 +02:00