1
0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-07-10 02:56:22 +02:00

Commit Graph

  • cc8c212acb Update migration guide master Marco 2025-06-04 19:48:25 +02:00
  • ef996fd2ae Update dependencies v9.0.0 Marco 2025-05-28 17:47:58 +02:00
  • 245e10b390 Explain commercial support in README Marco 2025-05-28 17:42:57 +02:00
  • 288bc1d967 Save all relevant user actions on 'Auth' interface to audit log Marco 2025-05-27 11:28:12 +02:00
  • ed7fb0b2eb Implement method 'Auth#logForAudit' for saving records to audit log Marco 2025-05-27 10:49:13 +02:00
  • 68beb69984 Track which mechanism was used when successfully providing OTP for 2FA Marco 2025-05-27 10:46:50 +02:00
  • 10cf5a3855 Capture 2FA configuration in variable before returning it Marco 2025-05-27 10:10:29 +02:00
  • cdcc82040f Determine if configuration had actually been active when disabling 2FA Marco 2025-05-27 09:59:15 +02:00
  • 2d2ff46121 Improve code style Marco 2025-05-27 09:32:59 +02:00
  • 1fc2a87232 Add database structure for audit log for SQLite Marco 2025-05-26 19:48:44 +02:00
  • f4514372f6 Add database structure for audit log for PostgreSQL Marco 2025-05-26 19:44:12 +02:00
  • 5249a75fcd Add database structure for audit log for MySQL Marco 2025-05-26 19:41:29 +02:00
  • 0a4100b8c7 Create function 'IpAddress::mask' Marco 2025-05-22 22:19:10 +02:00
  • db97bbaed7 Fix missing ToC entry in README Marco 2025-05-22 21:14:31 +02:00
  • f1d2476fb9 Improve language Marco 2025-05-22 21:08:37 +02:00
  • e6c827cd79 Improve documentation on excluding unwanted characters for usernames Marco 2025-05-22 20:43:46 +02:00
  • 5cc4745fc7 Document method 'Auth#changeUsername' in README Marco 2025-05-22 09:06:11 +02:00
  • 8875697eec Add tests for method 'Auth#changeUsername' Marco 2025-05-22 08:44:23 +02:00
  • 7a20e96600 Implement method 'Auth#changeUsername' Marco 2025-05-22 08:41:13 +02:00
  • 15e9761b6b Improve notes on passwords and hashing in README Marco 2025-05-19 18:29:16 +02:00
  • 293d57f243 Loosen length restriction for passwords from 72 bytes to 2048 bytes Marco 2025-05-19 13:24:54 +02:00
  • e087c9af2f Implement pre-hashing for passwords when using bcrypt Marco 2025-05-19 12:55:28 +02:00
  • 1cac1a5188 Extract usages of hashing for tokens to new class 'TokenHash' Marco 2025-05-17 18:32:13 +02:00
  • 3625622670 Extract usages of hashing for passwords to new class 'PasswordHash' Marco 2025-05-17 18:19:07 +02:00
  • 6b7ef7c93c Improve documentation for two-factor authentication in README Marco 2025-05-05 22:56:11 +02:00
  • d73a1bf919 Document two-factor authentication in README Marco 2025-05-01 00:28:22 +02:00
  • ff4e52d111 Deprecate 'onBeforeSuccess' callback and 'AttemptCancelledException' Marco 2025-04-30 14:35:07 +02:00
  • 05854dad61 Restrict new passwords to 72 characters in length Marco 2025-04-30 13:54:16 +02:00
  • 233640502c Add length constraints to SQLite text columns to match MySQL/Postgres Marco 2025-04-24 09:04:10 +02:00
  • ea6cbf6089 Improve DDL for SQLite Marco 2025-03-20 14:28:20 +01:00
  • e771398527 Drop 'UNSIGNED' for 'FLOAT' in DDL for MySQL Marco 2025-03-17 09:20:37 +01:00
  • 3defd87461 Drop integer display widths in DDL for MySQL Marco 2025-03-16 16:13:36 +01:00
  • c0a289c352 Improve DDL for PostgreSQL Marco 2025-03-15 16:05:33 +01:00
  • 5609c80af0 Remove trailing commas (syntax errors) in PostgreSQL Marco 2025-03-12 15:42:41 +01:00
  • efae015004 Do not use 'IF NOT EXISTS' with 'CREATE TABLE' for MySQL Marco 2025-03-12 15:34:49 +01:00
  • fcdb946042 Add tests for four methods 'Auth#disableTwoFactor*' Marco 2024-09-24 16:40:22 +02:00
  • 61e4367c31 Create four methods 'Auth#disableTwoFactor*' to let users disable 2FA Marco 2024-09-24 16:38:02 +02:00
  • 60175e1889 Add tests for four methods 'Auth#hasTwoFactor*' Marco 2024-08-29 13:51:43 +02:00
  • df31a85e4a Create four methods 'Auth#hasTwoFactor*' to check if user has 2FA Marco 2024-08-29 13:50:21 +02:00
  • 663268c712 Use full and valid HTML page markup in tests Marco 2024-08-16 09:15:50 +02:00
  • bf64593ebf Emphasize that spaces or special chars are fine in supplied OTPs Marco 2024-08-16 07:12:45 +02:00
  • 960dc7ffdc Display masked recipients for OTPs as well in tests Marco 2024-08-16 07:10:55 +02:00
  • ff3038386c Additionally pass masked recipients to 'SecondFactorRequiredException' Marco 2024-08-16 07:08:14 +02:00
  • 0e82d095cf Accept masked SMS/email recipients in 'SecondFactorRequiredException' Marco 2024-08-16 07:06:42 +02:00
  • ceac62c3f3 Swap order of arguments for 'addSmsOption' and 'addEmailOption' Marco 2024-08-16 07:02:38 +02:00
  • e5ccc81988 Always cast integers from database to 'int' before strict comparisons Marco 2024-08-16 06:55:59 +02:00
  • 2a37898560 Create function 'PhoneNumber::mask' Marco 2024-08-16 06:46:26 +02:00
  • a25b57cd7b Create function 'EmailAddress::mask' Marco 2024-08-16 06:44:17 +02:00
  • e5bc48eaa6 Prefer numerical OTPs for setup and usage of 2FA via SMS and email Marco 2024-07-04 17:58:22 +02:00
  • d2602121ab Delete OTPs from incomplete attempts to set up 2FA Marco 2024-07-04 13:53:07 +02:00
  • eba7cd2657 Extract sanitization of OTP values into separate method Marco 2024-07-04 13:35:27 +02:00
  • 2ffe09c52e Prevent text in README from being detected by tooling Marco 2024-06-14 14:18:12 +02:00
  • 75c372198d Add tests for method 'Auth#enableTwoFactorViaEmail' Marco 2024-06-14 13:34:28 +02:00
  • 4dc67aaa30 Add tests for method 'Auth#enableTwoFactorViaSms' Marco 2024-06-14 13:03:14 +02:00
  • 87c4ad0b92 Improve language Marco 2024-06-11 12:19:36 +02:00
  • aebaea128b Implement 'enableTwoFactorViaEmail' using 'enableTwoFactor' Marco 2024-06-11 11:40:37 +02:00
  • 0f71c335e6 Implement 'enableTwoFactorViaSms' using 'enableTwoFactor' Marco 2024-06-11 11:12:04 +02:00
  • 1f231d0a94 Re-implement 'enableTwoFactorViaTotp' using 'enableTwoFactor' Marco 2024-06-11 11:06:17 +02:00
  • e447e972af Turn 'enableTwoFactorViaTotp' into generalized 'enableTwoFactor' Marco 2024-06-11 09:49:26 +02:00
  • 9464d754bd Add tests for method 'Auth#prepareTwoFactorViaEmail' Marco 2024-04-04 19:52:29 +02:00
  • 804141f1d4 Add tests for method 'Auth#prepareTwoFactorViaSms' Marco 2024-04-04 19:51:18 +02:00
  • 8b870567e7 Update documentation for 'provideOneTimePasswordAsSecondFactor' Marco 2024-04-04 19:46:57 +02:00
  • b0965525de Implement 'prepareTwoFactorViaEmail' using 'prepareTwoFactor' Marco 2024-04-04 19:42:23 +02:00
  • ea7b1208ad Implement 'prepareTwoFactorViaSms' using 'prepareTwoFactor' Marco 2024-04-04 19:39:54 +02:00
  • 0ff92ce870 Re-implement 'prepareTwoFactorViaTotp' using 'prepareTwoFactor' Marco 2024-04-04 19:34:24 +02:00
  • c249c3b060 Turn 'prepareTwoFactorViaTotp' into generalized 'prepareTwoFactor' Marco 2024-04-04 19:25:11 +02:00
  • e266178f95 Extract code into separate 'generateAndStoreRandomOneTimePassword' Marco 2024-04-04 19:09:40 +02:00
  • c21f59d4d5 Use method 'Auth#isWaitingForSecondFactor' in tests Marco 2024-04-04 19:03:06 +02:00
  • 68f5b23fc5 Implement method 'Auth#isWaitingForSecondFactor' Marco 2024-04-04 19:01:43 +02:00
  • 4d92ca24c2 Add SQLite schema for new tables 'users_2fa' and 'users_otps' Marco 2024-04-04 18:48:51 +02:00
  • 8f249d0080 Add PostgreSQL schema for new tables 'users_2fa' and 'users_otps' Marco 2024-04-04 17:47:08 +02:00
  • 96b72f0be9 Add MySQL schema for new tables 'users_2fa' and 'users_otps' Marco 2024-04-02 18:57:57 +02:00
  • bc15776348 Require 'delight-im/otp' as dependency Marco 2024-04-02 16:03:12 +02:00
  • 9cab58ecb4 Add tests for 'Auth#provideOneTimePasswordAsSecondFactor' Marco 2024-04-02 14:39:23 +02:00
  • 561d6cd450 In tests show whether 2FA is currently pending for any user Marco 2024-04-02 13:52:22 +02:00
  • e919eec2a9 Add tests for 'Auth#enableTwoFactorViaTotp' Marco 2024-04-01 14:15:11 +02:00
  • 8b0f5f3407 Add tests for 'Auth#prepareTwoFactorViaTotp' Marco 2024-04-01 09:37:38 +02:00
  • 3c7e17fca8 Handle 'SecondFactorRequiredException' in four relevant cases in tests Marco 2024-03-26 09:15:45 +01:00
  • fc468397e2 Add method 'Auth#provideOneTimePasswordAsSecondFactor' Marco 2024-03-25 11:32:03 +01:00
  • 76c756118b Replace calls on successful login with 'finishSingleFactorOrThrow' Marco 2024-03-21 12:45:52 +01:00
  • dc04d52249 Implement method 'Auth#finishSingleFactorOrThrow' Marco 2024-03-20 08:16:03 +01:00
  • 29fbd7b480 Create method 'Auth#enableTwoFactorViaTotp' Marco 2024-03-17 10:31:22 +01:00
  • b79246ff40 Create method 'Auth#prepareTwoFactorViaTotp' Marco 2024-03-15 07:47:53 +01:00
  • 8256fd11e8 Create method 'Auth::createSelectorForOneTimePassword' Marco 2024-03-14 14:37:07 +01:00
  • e5310aa699 Document methods supposed to throw 'SecondFactorRequiredException' Marco 2024-03-14 13:57:50 +01:00
  • bcfbc1d2f8 Add constants for designated mechanisms for OTP generation/delivery Marco 2024-03-13 08:18:35 +01:00
  • 3d19df85fc Create session fields to track pending 2FA after login Marco 2024-03-13 08:13:44 +01:00
  • db7480be38 Create class 'SecondFactorRequiredException' Marco 2024-03-11 11:14:12 +01:00
  • 67b4cba4d9 Create class 'InvalidOneTimePasswordException' Marco 2024-03-05 09:42:15 +01:00
  • d58519d831 Create class 'InvalidStateError' Marco 2024-03-05 09:39:31 +01:00
  • 759a523a92 Create class 'TwoFactorMechanismAlreadyEnabledException' Marco 2024-03-05 09:38:44 +01:00
  • 88fcc61562 Create class 'TwoFactorMechanismNotInitializedException' Marco 2024-03-05 09:37:16 +01:00
  • ada9553919 Improve code style Marco 2023-03-20 09:25:29 +01:00
  • f9700fcae6 Move unaffected code outside of try/catch statement Marco 2023-03-20 09:23:13 +01:00
  • 892512f6e1 Move unaffected code outside of try/catch statement Marco 2023-03-20 08:19:43 +01:00
  • 79cc249318 Clarify parameter to 'Auth#register' to omit to disable verification Marco 2022-01-12 14:55:18 +01:00
  • 0d240e4322 Add guidance on using email or SMS for token delivery to README Marco 2021-11-16 18:21:20 +01:00
  • 7bce546def Allow for 'Auth#throttle' to be used even when throttling is disabled v8.3.0 Marco 2021-04-21 16:39:10 +02:00
  • df16db9b2b Refer to constructor docs for throttling parameter in related section Marco 2021-04-16 21:26:51 +02:00
  • fa655c4908 Update links for examples of bad password policies in README Sikander Iqbal 2021-03-12 19:24:41 +01:00