mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-10-23 20:06:05 +02:00
Code Issues Releases Wiki Activity
445 Commits 1 Branch 39 Tags
dcd893a12cbf9fb9bb64fa966944e88f1963d141
Commit Graph

216 Commits

Author SHA1 Message Date
Marco
ab1c54fae2 Optimize order of throttling in 'changeEmail' method from class 'Auth' 2017-11-08 20:40:37 +01:00
Marco
23acb66cc7 Reduce permitted frequency of requests to change one's email address 2017-11-08 20:38:16 +01:00
Marco
a7a9d45302 Drop constant 'CONFIRMATION_REQUESTS_TTL_IN_SECONDS' in 'UserManager' 2017-11-08 20:30:09 +01:00
Marco
ba4dc29ca5 Optimize order of throttling in 'resendConfirmationForColumnValue' 2017-11-08 20:23:34 +01:00
Marco
0a97f67515 Enforce limits for resending confirmations solely via throttling 2017-11-08 20:21:35 +01:00
Marco
7a94c6acef Improve documentation in 'confirmEmail' method from 'Auth' class 2017-11-08 19:23:22 +01:00
Marco
dbbbf1b193 Remove superfluous comment in 'UserManager' 2017-11-08 19:18:14 +01:00
Marco
47d1e303aa Implement methods for impersonating users in class 'Administration' 2017-11-03 15:21:45 +01:00
Marco
67443c122a Move core logic of 'onLoginSuccessful' from 'Auth' to 'UserManager' 2017-11-03 08:50:59 +01:00
Marco
24056e89a4 Move constants holding names of session fields to 'UserManager' 2017-11-03 08:49:10 +01:00
Marco
c06bc7da1a Improve documentation for method 'onLoginSuccessful' in class 'Auth' 2017-11-03 08:38:17 +01:00
Marco
aedd2125fc Document constants holding names of session fields 2017-11-03 08:36:03 +01:00
Marco
425cf9b6f6 Write to session fields directly instead of using accessor methods 2017-11-03 08:33:41 +01:00
Marco
81091df66b Drop constructor arguments 'useHttps' and 'allowCookiesScriptAccess' 2017-10-20 23:07:36 +02:00
Marco
eec450677f Do not duplicate and overwrite parts of cookie configuration anymore 
Previously, PHP's configuration directives 'session.cookie_httponly'
and 'session.cookie_secure' were always overwritten with duplicated
and separately tracked variants of each directive
 2017-10-20 22:30:16 +02:00
Marco
f1360dceba Improve code style 2017-10-20 08:53:02 +02:00
Marco
2cf7b27ba3 Support empty path scope for cookies to restrict to current directory 2017-10-20 08:47:56 +02:00
Marco
1eedfd0e02 Simplify code based on assumptions about new 'Delight\Cookie' behavior 2017-10-20 01:12:04 +02:00
Marco
757579523c Use constants from 'Delight\Cookie\Cookie' class for cookie prefixes 2017-10-19 22:33:18 +02:00
Marco
71506eaa05 Rename two methods for logout to highlight the better default version 2017-10-19 20:25:11 +02:00
Marco
ce8dbbc436 Delete 'remember me' cookies from previous major versions as well 2017-10-19 20:19:19 +02:00
Marco
891cef2511 Do not make repeated attempts to use invalid 'remember me' cookies 2017-10-19 03:00:28 +02:00
Marco
f70613b2b8 Ignore defined but empty selectors and tokens from 'remember me' 2017-10-19 02:55:49 +02:00
Marco
59816d1a40 Re-use 'remember me' cookie from previous major versions if available 2017-10-19 02:50:24 +02:00
Marco
1284f64f04 Fix documentation for method 'setRememberCookie' in class 'Auth' 2017-10-19 02:27:42 +02:00
Marco
8165e8917b Change name of 'remember me' cookie to be dependent on session name 2017-10-19 01:44:19 +02:00
Marco
36880b87c9 Implement method 'createRememberCookieName' in class 'Auth' 2017-10-18 23:03:41 +02:00
Marco
e7b590dc80 Implement method 'createCookieName' in class 'Auth' 2017-10-18 22:52:00 +02:00
Marco
33d2384c93 Add list of available cookie prefixes as constant in class 'Auth' 2017-10-18 22:48:14 +02:00
Marco
1169856217 Improve code style 2017-10-18 22:47:24 +02:00
Marco
fa8fa4887e Improve documentation in class 'Auth' 2017-10-18 21:59:25 +02:00
Marco
8fecb86f15 Improve code style 2017-10-12 02:42:40 +02:00
Pavel Levin
04c466b309 Drop superfluous check using 'isset' 2017-10-12 02:32:13 +02:00
Marco
61041cc6fd Invalidate outstanding password reset tokens on email address change 2017-09-27 21:58:28 +02:00
Marco
404739634d Compose 'logout' using new 'logOutButKeepSession' and 'destroySession' 2017-09-18 16:08:32 +02:00
Marco
82a24fbbca Implement method 'destroySession' in class 'Auth' 2017-09-18 16:07:05 +02:00
Marco
1a195adf39 Implement method 'logOutButKeepSession' in class 'Auth' 2017-09-18 16:01:47 +02:00
Marco
5e4d4fd072 Improve language 2017-09-18 15:53:59 +02:00
Marco
6162092618 Catch undefined IP address in rare use cases such as CLI usage 2017-09-18 14:54:39 +02:00
Marco
3d8c583823 Remove exception from PHPDoc that cannot reasonably appear in practice 2017-08-19 00:46:38 +02:00
Marco
52ba03248d Make 'throttle' method for throttling or rate limiting a public method 2017-08-19 00:42:53 +02:00
Marco
a66312bbcf Re-implement internal throttling or rate limiting from scratch 2017-08-19 00:22:21 +02:00
Marco
c9a4e28c7b Implement methods for re-sending confirmation requests in class 'Auth' 2017-08-07 21:08:06 +02:00
Marco
f83ac969d4 Add class 'ConfirmationRequestNotFound' 2017-08-07 19:36:13 +02:00
Marco
e3873f2d15 Use alternative 'LIMIT' syntax with wider compatibility in SQL query 2017-08-07 18:52:36 +02:00
Marco
b7a47fc707 Extract TTL in seconds of (email) confirmation requests into constant 2017-08-07 18:51:21 +02:00
Marco
62c5fab1ad Re-implement 'changePassword' method using two existing methods 
Make use of 'reconfirmPassword' and 'changePasswordWithoutOldPassword'
 2017-08-04 00:35:50 +02:00
Marco
1800525b51 Implement new method 'changePasswordWithoutOldPassword' in 'Auth' 2017-08-04 00:31:35 +02:00
Marco
d5ae78a418 Hint at related methods for email confirmation where required 2017-07-30 20:53:18 +02:00
Marco
e925a73ef8 Implement method 'changeEmail' in class 'Auth' 2017-07-30 20:51:58 +02:00