|
|
cc8c212acb
|
Update migration guide
|
2025-06-04 19:48:25 +02:00 |
|
|
|
ef996fd2ae
|
Update dependencies
v9.0.0
|
2025-05-28 17:47:58 +02:00 |
|
|
|
245e10b390
|
Explain commercial support in README
|
2025-05-28 17:42:57 +02:00 |
|
|
|
288bc1d967
|
Save all relevant user actions on 'Auth' interface to audit log
|
2025-05-27 11:28:12 +02:00 |
|
|
|
ed7fb0b2eb
|
Implement method 'Auth#logForAudit' for saving records to audit log
|
2025-05-27 10:49:13 +02:00 |
|
|
|
68beb69984
|
Track which mechanism was used when successfully providing OTP for 2FA
|
2025-05-27 10:46:50 +02:00 |
|
|
|
10cf5a3855
|
Capture 2FA configuration in variable before returning it
|
2025-05-27 10:10:29 +02:00 |
|
|
|
cdcc82040f
|
Determine if configuration had actually been active when disabling 2FA
|
2025-05-27 09:59:15 +02:00 |
|
|
|
2d2ff46121
|
Improve code style
|
2025-05-27 09:32:59 +02:00 |
|
|
|
1fc2a87232
|
Add database structure for audit log for SQLite
|
2025-05-26 19:48:44 +02:00 |
|
|
|
f4514372f6
|
Add database structure for audit log for PostgreSQL
|
2025-05-26 19:44:12 +02:00 |
|
|
|
5249a75fcd
|
Add database structure for audit log for MySQL
|
2025-05-26 19:41:29 +02:00 |
|
|
|
0a4100b8c7
|
Create function 'IpAddress::mask'
|
2025-05-22 22:19:10 +02:00 |
|
|
|
db97bbaed7
|
Fix missing ToC entry in README
|
2025-05-22 21:14:31 +02:00 |
|
|
|
f1d2476fb9
|
Improve language
|
2025-05-22 21:08:37 +02:00 |
|
|
|
e6c827cd79
|
Improve documentation on excluding unwanted characters for usernames
|
2025-05-22 20:43:46 +02:00 |
|
|
|
5cc4745fc7
|
Document method 'Auth#changeUsername' in README
|
2025-05-22 09:06:11 +02:00 |
|
|
|
8875697eec
|
Add tests for method 'Auth#changeUsername'
|
2025-05-22 08:44:23 +02:00 |
|
|
|
7a20e96600
|
Implement method 'Auth#changeUsername'
|
2025-05-22 08:41:13 +02:00 |
|
|
|
15e9761b6b
|
Improve notes on passwords and hashing in README
|
2025-05-19 18:29:16 +02:00 |
|
|
|
293d57f243
|
Loosen length restriction for passwords from 72 bytes to 2048 bytes
|
2025-05-19 13:24:54 +02:00 |
|
|
|
e087c9af2f
|
Implement pre-hashing for passwords when using bcrypt
This enables support for passwords with more than 72 bytes (or more
than 18-72 characters) and for passwords containing null bytes
|
2025-05-19 12:55:28 +02:00 |
|
|
|
1cac1a5188
|
Extract usages of hashing for tokens to new class 'TokenHash'
|
2025-05-17 18:32:13 +02:00 |
|
|
|
3625622670
|
Extract usages of hashing for passwords to new class 'PasswordHash'
|
2025-05-17 18:19:07 +02:00 |
|
|
|
6b7ef7c93c
|
Improve documentation for two-factor authentication in README
|
2025-05-05 22:56:11 +02:00 |
|
|
|
d73a1bf919
|
Document two-factor authentication in README
|
2025-05-01 00:28:22 +02:00 |
|
|
|
ff4e52d111
|
Deprecate 'onBeforeSuccess' callback and 'AttemptCancelledException'
|
2025-04-30 14:35:07 +02:00 |
|
|
|
05854dad61
|
Restrict new passwords to 72 characters in length
|
2025-04-30 13:54:16 +02:00 |
|
|
|
233640502c
|
Add length constraints to SQLite text columns to match MySQL/Postgres
|
2025-04-24 09:04:10 +02:00 |
|
|
|
ea6cbf6089
|
Improve DDL for SQLite
|
2025-03-20 14:28:20 +01:00 |
|
|
|
e771398527
|
Drop 'UNSIGNED' for 'FLOAT' in DDL for MySQL
|
2025-03-17 09:20:37 +01:00 |
|
|
|
3defd87461
|
Drop integer display widths in DDL for MySQL
|
2025-03-16 16:13:36 +01:00 |
|
|
|
c0a289c352
|
Improve DDL for PostgreSQL
|
2025-03-15 16:05:33 +01:00 |
|
|
|
5609c80af0
|
Remove trailing commas (syntax errors) in PostgreSQL
Thanks, @hauke-97 and @jgmamxmn !
|
2025-03-12 15:42:41 +01:00 |
|
|
|
efae015004
|
Do not use 'IF NOT EXISTS' with 'CREATE TABLE' for MySQL
|
2025-03-12 15:34:49 +01:00 |
|
|
|
fcdb946042
|
Add tests for four methods 'Auth#disableTwoFactor*'
|
2024-09-24 16:40:22 +02:00 |
|
|
|
61e4367c31
|
Create four methods 'Auth#disableTwoFactor*' to let users disable 2FA
|
2024-09-24 16:38:02 +02:00 |
|
|
|
60175e1889
|
Add tests for four methods 'Auth#hasTwoFactor*'
|
2024-08-29 13:51:43 +02:00 |
|
|
|
df31a85e4a
|
Create four methods 'Auth#hasTwoFactor*' to check if user has 2FA
|
2024-08-29 13:50:21 +02:00 |
|
|
|
663268c712
|
Use full and valid HTML page markup in tests
|
2024-08-16 09:15:50 +02:00 |
|
|
|
bf64593ebf
|
Emphasize that spaces or special chars are fine in supplied OTPs
|
2024-08-16 07:12:45 +02:00 |
|
|
|
960dc7ffdc
|
Display masked recipients for OTPs as well in tests
|
2024-08-16 07:10:55 +02:00 |
|
|
|
ff3038386c
|
Additionally pass masked recipients to 'SecondFactorRequiredException'
|
2024-08-16 07:08:14 +02:00 |
|
|
|
0e82d095cf
|
Accept masked SMS/email recipients in 'SecondFactorRequiredException'
|
2024-08-16 07:06:42 +02:00 |
|
|
|
ceac62c3f3
|
Swap order of arguments for 'addSmsOption' and 'addEmailOption'
|
2024-08-16 07:02:38 +02:00 |
|
|
|
e5ccc81988
|
Always cast integers from database to 'int' before strict comparisons
|
2024-08-16 06:55:59 +02:00 |
|
|
|
2a37898560
|
Create function 'PhoneNumber::mask'
|
2024-08-16 06:46:26 +02:00 |
|
|
|
a25b57cd7b
|
Create function 'EmailAddress::mask'
|
2024-08-16 06:44:17 +02:00 |
|
|
|
e5bc48eaa6
|
Prefer numerical OTPs for setup and usage of 2FA via SMS and email
|
2024-07-04 17:58:22 +02:00 |
|
|
|
d2602121ab
|
Delete OTPs from incomplete attempts to set up 2FA
|
2024-07-04 13:53:07 +02:00 |
|
