1
0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-10-24 04:16:17 +02:00
Commit Graph

552 Commits

Author SHA1 Message Date
Marco
ef996fd2ae Update dependencies v9.0.0 2025-05-28 17:47:58 +02:00
Marco
245e10b390 Explain commercial support in README 2025-05-28 17:42:57 +02:00
Marco
288bc1d967 Save all relevant user actions on 'Auth' interface to audit log 2025-05-27 11:28:12 +02:00
Marco
ed7fb0b2eb Implement method 'Auth#logForAudit' for saving records to audit log 2025-05-27 10:49:13 +02:00
Marco
68beb69984 Track which mechanism was used when successfully providing OTP for 2FA 2025-05-27 10:46:50 +02:00
Marco
10cf5a3855 Capture 2FA configuration in variable before returning it 2025-05-27 10:10:29 +02:00
Marco
cdcc82040f Determine if configuration had actually been active when disabling 2FA 2025-05-27 09:59:15 +02:00
Marco
2d2ff46121 Improve code style 2025-05-27 09:32:59 +02:00
Marco
1fc2a87232 Add database structure for audit log for SQLite 2025-05-26 19:48:44 +02:00
Marco
f4514372f6 Add database structure for audit log for PostgreSQL 2025-05-26 19:44:12 +02:00
Marco
5249a75fcd Add database structure for audit log for MySQL 2025-05-26 19:41:29 +02:00
Marco
0a4100b8c7 Create function 'IpAddress::mask' 2025-05-22 22:19:10 +02:00
Marco
db97bbaed7 Fix missing ToC entry in README 2025-05-22 21:14:31 +02:00
Marco
f1d2476fb9 Improve language 2025-05-22 21:08:37 +02:00
Marco
e6c827cd79 Improve documentation on excluding unwanted characters for usernames 2025-05-22 20:43:46 +02:00
Marco
5cc4745fc7 Document method 'Auth#changeUsername' in README 2025-05-22 09:06:11 +02:00
Marco
8875697eec Add tests for method 'Auth#changeUsername' 2025-05-22 08:44:23 +02:00
Marco
7a20e96600 Implement method 'Auth#changeUsername' 2025-05-22 08:41:13 +02:00
Marco
15e9761b6b Improve notes on passwords and hashing in README 2025-05-19 18:29:16 +02:00
Marco
293d57f243 Loosen length restriction for passwords from 72 bytes to 2048 bytes 2025-05-19 13:24:54 +02:00
Marco
e087c9af2f Implement pre-hashing for passwords when using bcrypt
This enables support for passwords with more than 72 bytes (or more
than 18-72 characters) and for passwords containing null bytes
2025-05-19 12:55:28 +02:00
Marco
1cac1a5188 Extract usages of hashing for tokens to new class 'TokenHash' 2025-05-17 18:32:13 +02:00
Marco
3625622670 Extract usages of hashing for passwords to new class 'PasswordHash' 2025-05-17 18:19:07 +02:00
Marco
6b7ef7c93c Improve documentation for two-factor authentication in README 2025-05-05 22:56:11 +02:00
Marco
d73a1bf919 Document two-factor authentication in README 2025-05-01 00:28:22 +02:00
Marco
ff4e52d111 Deprecate 'onBeforeSuccess' callback and 'AttemptCancelledException' 2025-04-30 14:35:07 +02:00
Marco
05854dad61 Restrict new passwords to 72 characters in length 2025-04-30 13:54:16 +02:00
Marco
233640502c Add length constraints to SQLite text columns to match MySQL/Postgres 2025-04-24 09:04:10 +02:00
Marco
ea6cbf6089 Improve DDL for SQLite 2025-03-20 14:28:20 +01:00
Marco
e771398527 Drop 'UNSIGNED' for 'FLOAT' in DDL for MySQL 2025-03-17 09:20:37 +01:00
Marco
3defd87461 Drop integer display widths in DDL for MySQL 2025-03-16 16:13:36 +01:00
Marco
c0a289c352 Improve DDL for PostgreSQL 2025-03-15 16:05:33 +01:00
Marco
5609c80af0 Remove trailing commas (syntax errors) in PostgreSQL
Thanks, @hauke-97 and @jgmamxmn !
2025-03-12 15:42:41 +01:00
Marco
efae015004 Do not use 'IF NOT EXISTS' with 'CREATE TABLE' for MySQL 2025-03-12 15:34:49 +01:00
Marco
fcdb946042 Add tests for four methods 'Auth#disableTwoFactor*' 2024-09-24 16:40:22 +02:00
Marco
61e4367c31 Create four methods 'Auth#disableTwoFactor*' to let users disable 2FA 2024-09-24 16:38:02 +02:00
Marco
60175e1889 Add tests for four methods 'Auth#hasTwoFactor*' 2024-08-29 13:51:43 +02:00
Marco
df31a85e4a Create four methods 'Auth#hasTwoFactor*' to check if user has 2FA 2024-08-29 13:50:21 +02:00
Marco
663268c712 Use full and valid HTML page markup in tests 2024-08-16 09:15:50 +02:00
Marco
bf64593ebf Emphasize that spaces or special chars are fine in supplied OTPs 2024-08-16 07:12:45 +02:00
Marco
960dc7ffdc Display masked recipients for OTPs as well in tests 2024-08-16 07:10:55 +02:00
Marco
ff3038386c Additionally pass masked recipients to 'SecondFactorRequiredException' 2024-08-16 07:08:14 +02:00
Marco
0e82d095cf Accept masked SMS/email recipients in 'SecondFactorRequiredException' 2024-08-16 07:06:42 +02:00
Marco
ceac62c3f3 Swap order of arguments for 'addSmsOption' and 'addEmailOption' 2024-08-16 07:02:38 +02:00
Marco
e5ccc81988 Always cast integers from database to 'int' before strict comparisons 2024-08-16 06:55:59 +02:00
Marco
2a37898560 Create function 'PhoneNumber::mask' 2024-08-16 06:46:26 +02:00
Marco
a25b57cd7b Create function 'EmailAddress::mask' 2024-08-16 06:44:17 +02:00
Marco
e5bc48eaa6 Prefer numerical OTPs for setup and usage of 2FA via SMS and email 2024-07-04 17:58:22 +02:00
Marco
d2602121ab Delete OTPs from incomplete attempts to set up 2FA 2024-07-04 13:53:07 +02:00
Marco
eba7cd2657 Extract sanitization of OTP values into separate method 2024-07-04 13:35:27 +02:00