php-auth

mirror/php-auth

Fork 0

mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-07-10 02:56:22 +02:00

Commit Graph

Select branches

Hide Pull Requests

master

#125

#125

#128

#128

#178

#195

#196

#243

#249

#306

#33

#33

#39

#39

#61

#61

#84

#84

#88

#88

#89

#89

v1.0.0

v1.1.0

v2.0.0

v2.0.1

v2.1.0

v3.0.0

v3.1.0

v4.0.0

v4.0.1

v4.1.0

v4.1.1

v4.2.0

v4.3.0

v5.0.0

v5.0.1

v5.1.0

v5.1.1

v5.2.0

v6.0.0

v6.1.0

v6.1.1

v7.0.0

v7.1.0

v7.2.0

v7.3.0

v7.4.0

v7.5.0

v7.5.1

v7.5.2

v7.6.0

v8.0.0

v8.0.1

v8.0.2

v8.1.0

v8.2.0

v8.2.1

v8.2.2

v8.3.0

v9.0.0

cc8c212acb Update migration guide master Marco 2025-06-04 19:48:25 +02:00
ef996fd2ae Update dependencies v9.0.0 Marco 2025-05-28 17:47:58 +02:00
245e10b390 Explain commercial support in README Marco 2025-05-28 17:42:57 +02:00
288bc1d967 Save all relevant user actions on 'Auth' interface to audit log Marco 2025-05-27 11:28:12 +02:00
ed7fb0b2eb Implement method 'Auth#logForAudit' for saving records to audit log Marco 2025-05-27 10:49:13 +02:00
68beb69984 Track which mechanism was used when successfully providing OTP for 2FA Marco 2025-05-27 10:46:50 +02:00
10cf5a3855 Capture 2FA configuration in variable before returning it Marco 2025-05-27 10:10:29 +02:00
cdcc82040f Determine if configuration had actually been active when disabling 2FA Marco 2025-05-27 09:59:15 +02:00
2d2ff46121 Improve code style Marco 2025-05-27 09:32:59 +02:00
1fc2a87232 Add database structure for audit log for SQLite Marco 2025-05-26 19:48:44 +02:00
f4514372f6 Add database structure for audit log for PostgreSQL Marco 2025-05-26 19:44:12 +02:00
5249a75fcd Add database structure for audit log for MySQL Marco 2025-05-26 19:41:29 +02:00
0a4100b8c7 Create function 'IpAddress::mask' Marco 2025-05-22 22:19:10 +02:00
db97bbaed7 Fix missing ToC entry in README Marco 2025-05-22 21:14:31 +02:00
f1d2476fb9 Improve language Marco 2025-05-22 21:08:37 +02:00
e6c827cd79 Improve documentation on excluding unwanted characters for usernames Marco 2025-05-22 20:43:46 +02:00
5cc4745fc7 Document method 'Auth#changeUsername' in README Marco 2025-05-22 09:06:11 +02:00
8875697eec Add tests for method 'Auth#changeUsername' Marco 2025-05-22 08:44:23 +02:00
7a20e96600 Implement method 'Auth#changeUsername' Marco 2025-05-22 08:41:13 +02:00
15e9761b6b Improve notes on passwords and hashing in README Marco 2025-05-19 18:29:16 +02:00
293d57f243 Loosen length restriction for passwords from 72 bytes to 2048 bytes Marco 2025-05-19 13:24:54 +02:00
e087c9af2f Implement pre-hashing for passwords when using bcrypt Marco 2025-05-19 12:55:28 +02:00
1cac1a5188 Extract usages of hashing for tokens to new class 'TokenHash' Marco 2025-05-17 18:32:13 +02:00
3625622670 Extract usages of hashing for passwords to new class 'PasswordHash' Marco 2025-05-17 18:19:07 +02:00
6b7ef7c93c Improve documentation for two-factor authentication in README Marco 2025-05-05 22:56:11 +02:00
d73a1bf919 Document two-factor authentication in README Marco 2025-05-01 00:28:22 +02:00
ff4e52d111 Deprecate 'onBeforeSuccess' callback and 'AttemptCancelledException' Marco 2025-04-30 14:35:07 +02:00
05854dad61 Restrict new passwords to 72 characters in length Marco 2025-04-30 13:54:16 +02:00
233640502c Add length constraints to SQLite text columns to match MySQL/Postgres Marco 2025-04-24 09:04:10 +02:00
ea6cbf6089 Improve DDL for SQLite Marco 2025-03-20 14:28:20 +01:00
e771398527 Drop 'UNSIGNED' for 'FLOAT' in DDL for MySQL Marco 2025-03-17 09:20:37 +01:00
3defd87461 Drop integer display widths in DDL for MySQL Marco 2025-03-16 16:13:36 +01:00
c0a289c352 Improve DDL for PostgreSQL Marco 2025-03-15 16:05:33 +01:00
5609c80af0 Remove trailing commas (syntax errors) in PostgreSQL Marco 2025-03-12 15:42:41 +01:00
efae015004 Do not use 'IF NOT EXISTS' with 'CREATE TABLE' for MySQL Marco 2025-03-12 15:34:49 +01:00
fcdb946042 Add tests for four methods 'Auth#disableTwoFactor*' Marco 2024-09-24 16:40:22 +02:00
61e4367c31 Create four methods 'Auth#disableTwoFactor*' to let users disable 2FA Marco 2024-09-24 16:38:02 +02:00
60175e1889 Add tests for four methods 'Auth#hasTwoFactor*' Marco 2024-08-29 13:51:43 +02:00
df31a85e4a Create four methods 'Auth#hasTwoFactor*' to check if user has 2FA Marco 2024-08-29 13:50:21 +02:00
663268c712 Use full and valid HTML page markup in tests Marco 2024-08-16 09:15:50 +02:00
bf64593ebf Emphasize that spaces or special chars are fine in supplied OTPs Marco 2024-08-16 07:12:45 +02:00
960dc7ffdc Display masked recipients for OTPs as well in tests Marco 2024-08-16 07:10:55 +02:00
ff3038386c Additionally pass masked recipients to 'SecondFactorRequiredException' Marco 2024-08-16 07:08:14 +02:00
0e82d095cf Accept masked SMS/email recipients in 'SecondFactorRequiredException' Marco 2024-08-16 07:06:42 +02:00
ceac62c3f3 Swap order of arguments for 'addSmsOption' and 'addEmailOption' Marco 2024-08-16 07:02:38 +02:00
e5ccc81988 Always cast integers from database to 'int' before strict comparisons Marco 2024-08-16 06:55:59 +02:00
2a37898560 Create function 'PhoneNumber::mask' Marco 2024-08-16 06:46:26 +02:00
a25b57cd7b Create function 'EmailAddress::mask' Marco 2024-08-16 06:44:17 +02:00
e5bc48eaa6 Prefer numerical OTPs for setup and usage of 2FA via SMS and email Marco 2024-07-04 17:58:22 +02:00
d2602121ab Delete OTPs from incomplete attempts to set up 2FA Marco 2024-07-04 13:53:07 +02:00
eba7cd2657 Extract sanitization of OTP values into separate method Marco 2024-07-04 13:35:27 +02:00
2ffe09c52e Prevent text in README from being detected by tooling Marco 2024-06-14 14:18:12 +02:00
75c372198d Add tests for method 'Auth#enableTwoFactorViaEmail' Marco 2024-06-14 13:34:28 +02:00
4dc67aaa30 Add tests for method 'Auth#enableTwoFactorViaSms' Marco 2024-06-14 13:03:14 +02:00
87c4ad0b92 Improve language Marco 2024-06-11 12:19:36 +02:00
aebaea128b Implement 'enableTwoFactorViaEmail' using 'enableTwoFactor' Marco 2024-06-11 11:40:37 +02:00
0f71c335e6 Implement 'enableTwoFactorViaSms' using 'enableTwoFactor' Marco 2024-06-11 11:12:04 +02:00
1f231d0a94 Re-implement 'enableTwoFactorViaTotp' using 'enableTwoFactor' Marco 2024-06-11 11:06:17 +02:00
e447e972af Turn 'enableTwoFactorViaTotp' into generalized 'enableTwoFactor' Marco 2024-06-11 09:49:26 +02:00
9464d754bd Add tests for method 'Auth#prepareTwoFactorViaEmail' Marco 2024-04-04 19:52:29 +02:00
804141f1d4 Add tests for method 'Auth#prepareTwoFactorViaSms' Marco 2024-04-04 19:51:18 +02:00
8b870567e7 Update documentation for 'provideOneTimePasswordAsSecondFactor' Marco 2024-04-04 19:46:57 +02:00
b0965525de Implement 'prepareTwoFactorViaEmail' using 'prepareTwoFactor' Marco 2024-04-04 19:42:23 +02:00
ea7b1208ad Implement 'prepareTwoFactorViaSms' using 'prepareTwoFactor' Marco 2024-04-04 19:39:54 +02:00
0ff92ce870 Re-implement 'prepareTwoFactorViaTotp' using 'prepareTwoFactor' Marco 2024-04-04 19:34:24 +02:00
c249c3b060 Turn 'prepareTwoFactorViaTotp' into generalized 'prepareTwoFactor' Marco 2024-04-04 19:25:11 +02:00
e266178f95 Extract code into separate 'generateAndStoreRandomOneTimePassword' Marco 2024-04-04 19:09:40 +02:00
c21f59d4d5 Use method 'Auth#isWaitingForSecondFactor' in tests Marco 2024-04-04 19:03:06 +02:00
68f5b23fc5 Implement method 'Auth#isWaitingForSecondFactor' Marco 2024-04-04 19:01:43 +02:00
4d92ca24c2 Add SQLite schema for new tables 'users_2fa' and 'users_otps' Marco 2024-04-04 18:48:51 +02:00
8f249d0080 Add PostgreSQL schema for new tables 'users_2fa' and 'users_otps' Marco 2024-04-04 17:47:08 +02:00
96b72f0be9 Add MySQL schema for new tables 'users_2fa' and 'users_otps' Marco 2024-04-02 18:57:57 +02:00
bc15776348 Require 'delight-im/otp' as dependency Marco 2024-04-02 16:03:12 +02:00
9cab58ecb4 Add tests for 'Auth#provideOneTimePasswordAsSecondFactor' Marco 2024-04-02 14:39:23 +02:00
561d6cd450 In tests show whether 2FA is currently pending for any user Marco 2024-04-02 13:52:22 +02:00
e919eec2a9 Add tests for 'Auth#enableTwoFactorViaTotp' Marco 2024-04-01 14:15:11 +02:00
8b0f5f3407 Add tests for 'Auth#prepareTwoFactorViaTotp' Marco 2024-04-01 09:37:38 +02:00
3c7e17fca8 Handle 'SecondFactorRequiredException' in four relevant cases in tests Marco 2024-03-26 09:15:45 +01:00
fc468397e2 Add method 'Auth#provideOneTimePasswordAsSecondFactor' Marco 2024-03-25 11:32:03 +01:00
76c756118b Replace calls on successful login with 'finishSingleFactorOrThrow' Marco 2024-03-21 12:45:52 +01:00
dc04d52249 Implement method 'Auth#finishSingleFactorOrThrow' Marco 2024-03-20 08:16:03 +01:00
29fbd7b480 Create method 'Auth#enableTwoFactorViaTotp' Marco 2024-03-17 10:31:22 +01:00
b79246ff40 Create method 'Auth#prepareTwoFactorViaTotp' Marco 2024-03-15 07:47:53 +01:00
8256fd11e8 Create method 'Auth::createSelectorForOneTimePassword' Marco 2024-03-14 14:37:07 +01:00
e5310aa699 Document methods supposed to throw 'SecondFactorRequiredException' Marco 2024-03-14 13:57:50 +01:00
bcfbc1d2f8 Add constants for designated mechanisms for OTP generation/delivery Marco 2024-03-13 08:18:35 +01:00
3d19df85fc Create session fields to track pending 2FA after login Marco 2024-03-13 08:13:44 +01:00
db7480be38 Create class 'SecondFactorRequiredException' Marco 2024-03-11 11:14:12 +01:00
67b4cba4d9 Create class 'InvalidOneTimePasswordException' Marco 2024-03-05 09:42:15 +01:00
d58519d831 Create class 'InvalidStateError' Marco 2024-03-05 09:39:31 +01:00
759a523a92 Create class 'TwoFactorMechanismAlreadyEnabledException' Marco 2024-03-05 09:38:44 +01:00
88fcc61562 Create class 'TwoFactorMechanismNotInitializedException' Marco 2024-03-05 09:37:16 +01:00
ada9553919 Improve code style Marco 2023-03-20 09:25:29 +01:00
f9700fcae6 Move unaffected code outside of try/catch statement Marco 2023-03-20 09:23:13 +01:00
892512f6e1 Move unaffected code outside of try/catch statement Marco 2023-03-20 08:19:43 +01:00
79cc249318 Clarify parameter to 'Auth#register' to omit to disable verification Marco 2022-01-12 14:55:18 +01:00
0d240e4322 Add guidance on using email or SMS for token delivery to README Marco 2021-11-16 18:21:20 +01:00
7bce546def Allow for 'Auth#throttle' to be used even when throttling is disabled v8.3.0 Marco 2021-04-21 16:39:10 +02:00
df16db9b2b Refer to constructor docs for throttling parameter in related section Marco 2021-04-16 21:26:51 +02:00
fa655c4908 Update links for examples of bad password policies in README Sikander Iqbal 2021-03-12 19:24:41 +01:00