mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-25 17:00:49 +02:00
Code Issues Releases Wiki Activity
552 Commits 1 Branch 39 Tags
v9.0.0
Commit Graph

276 Commits

Author SHA1 Message Date
Marco
288bc1d967 Save all relevant user actions on 'Auth' interface to audit log 2025-05-27 11:28:12 +02:00
Marco
ed7fb0b2eb Implement method 'Auth#logForAudit' for saving records to audit log 2025-05-27 10:49:13 +02:00
Marco
68beb69984 Track which mechanism was used when successfully providing OTP for 2FA 2025-05-27 10:46:50 +02:00
Marco
10cf5a3855 Capture 2FA configuration in variable before returning it 2025-05-27 10:10:29 +02:00
Marco
cdcc82040f Determine if configuration had actually been active when disabling 2FA 2025-05-27 09:59:15 +02:00
Marco
2d2ff46121 Improve code style 2025-05-27 09:32:59 +02:00
Marco
0a4100b8c7 Create function 'IpAddress::mask' 2025-05-22 22:19:10 +02:00
Marco
f1d2476fb9 Improve language 2025-05-22 21:08:37 +02:00
Marco
7a20e96600 Implement method 'Auth#changeUsername' 2025-05-22 08:41:13 +02:00
Marco
293d57f243 Loosen length restriction for passwords from 72 bytes to 2048 bytes 2025-05-19 13:24:54 +02:00
Marco
e087c9af2f Implement pre-hashing for passwords when using bcrypt 
This enables support for passwords with more than 72 bytes (or more
than 18-72 characters) and for passwords containing null bytes
 2025-05-19 12:55:28 +02:00
Marco
1cac1a5188 Extract usages of hashing for tokens to new class 'TokenHash' 2025-05-17 18:32:13 +02:00
Marco
3625622670 Extract usages of hashing for passwords to new class 'PasswordHash' 2025-05-17 18:19:07 +02:00
Marco
ff4e52d111 Deprecate 'onBeforeSuccess' callback and 'AttemptCancelledException' 2025-04-30 14:35:07 +02:00
Marco
05854dad61 Restrict new passwords to 72 characters in length 2025-04-30 13:54:16 +02:00
Marco
61e4367c31 Create four methods 'Auth#disableTwoFactor*' to let users disable 2FA 2024-09-24 16:38:02 +02:00
Marco
df31a85e4a Create four methods 'Auth#hasTwoFactor*' to check if user has 2FA 2024-08-29 13:50:21 +02:00
Marco
bf64593ebf Emphasize that spaces or special chars are fine in supplied OTPs 2024-08-16 07:12:45 +02:00
Marco
ff3038386c Additionally pass masked recipients to 'SecondFactorRequiredException' 2024-08-16 07:08:14 +02:00
Marco
0e82d095cf Accept masked SMS/email recipients in 'SecondFactorRequiredException' 2024-08-16 07:06:42 +02:00
Marco
ceac62c3f3 Swap order of arguments for 'addSmsOption' and 'addEmailOption' 2024-08-16 07:02:38 +02:00
Marco
e5ccc81988 Always cast integers from database to 'int' before strict comparisons 2024-08-16 06:55:59 +02:00
Marco
2a37898560 Create function 'PhoneNumber::mask' 2024-08-16 06:46:26 +02:00
Marco
a25b57cd7b Create function 'EmailAddress::mask' 2024-08-16 06:44:17 +02:00
Marco
e5bc48eaa6 Prefer numerical OTPs for setup and usage of 2FA via SMS and email 2024-07-04 17:58:22 +02:00
Marco
d2602121ab Delete OTPs from incomplete attempts to set up 2FA 2024-07-04 13:53:07 +02:00
Marco
eba7cd2657 Extract sanitization of OTP values into separate method 2024-07-04 13:35:27 +02:00
Marco
87c4ad0b92 Improve language 2024-06-11 12:19:36 +02:00
Marco
aebaea128b Implement 'enableTwoFactorViaEmail' using 'enableTwoFactor' 2024-06-11 11:40:37 +02:00
Marco
0f71c335e6 Implement 'enableTwoFactorViaSms' using 'enableTwoFactor' 2024-06-11 11:12:04 +02:00
Marco
1f231d0a94 Re-implement 'enableTwoFactorViaTotp' using 'enableTwoFactor' 2024-06-11 11:06:17 +02:00
Marco
e447e972af Turn 'enableTwoFactorViaTotp' into generalized 'enableTwoFactor' 2024-06-11 09:49:26 +02:00
Marco
8b870567e7 Update documentation for 'provideOneTimePasswordAsSecondFactor' 2024-04-04 19:46:57 +02:00
Marco
b0965525de Implement 'prepareTwoFactorViaEmail' using 'prepareTwoFactor' 2024-04-04 19:42:23 +02:00
Marco
ea7b1208ad Implement 'prepareTwoFactorViaSms' using 'prepareTwoFactor' 2024-04-04 19:39:54 +02:00
Marco
0ff92ce870 Re-implement 'prepareTwoFactorViaTotp' using 'prepareTwoFactor' 2024-04-04 19:34:24 +02:00
Marco
c249c3b060 Turn 'prepareTwoFactorViaTotp' into generalized 'prepareTwoFactor' 2024-04-04 19:25:11 +02:00
Marco
e266178f95 Extract code into separate 'generateAndStoreRandomOneTimePassword' 2024-04-04 19:09:40 +02:00
Marco
68f5b23fc5 Implement method 'Auth#isWaitingForSecondFactor' 2024-04-04 19:01:43 +02:00
Marco
fc468397e2 Add method 'Auth#provideOneTimePasswordAsSecondFactor' 2024-03-25 11:32:03 +01:00
Marco
76c756118b Replace calls on successful login with 'finishSingleFactorOrThrow' 2024-03-21 12:45:52 +01:00
Marco
dc04d52249 Implement method 'Auth#finishSingleFactorOrThrow' 2024-03-20 08:16:03 +01:00
Marco
29fbd7b480 Create method 'Auth#enableTwoFactorViaTotp' 2024-03-17 10:31:22 +01:00
Marco
b79246ff40 Create method 'Auth#prepareTwoFactorViaTotp' 2024-03-15 07:47:53 +01:00
Marco
8256fd11e8 Create method 'Auth::createSelectorForOneTimePassword' 2024-03-14 14:37:07 +01:00
Marco
e5310aa699 Document methods supposed to throw 'SecondFactorRequiredException' 2024-03-14 13:57:50 +01:00
Marco
bcfbc1d2f8 Add constants for designated mechanisms for OTP generation/delivery 2024-03-13 08:18:35 +01:00
Marco
3d19df85fc Create session fields to track pending 2FA after login 2024-03-13 08:13:44 +01:00
Marco
db7480be38 Create class 'SecondFactorRequiredException' 2024-03-11 11:14:12 +01:00
Marco
67b4cba4d9 Create class 'InvalidOneTimePasswordException' 2024-03-05 09:42:15 +01:00