snipe-it/app/Http/Controllers/Auth/LoginController.php

576 lines
19 KiB
PHP
Raw Normal View History

2016-03-25 01:18:05 -07:00
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Models\SamlNonce;
2016-03-25 19:26:22 -07:00
use App\Models\Setting;
use App\Models\User;
use App\Models\Ldap;
2020-05-05 07:06:19 -07:00
use App\Services\Saml;
2019-03-27 22:01:38 -07:00
use Com\Tecnick\Barcode\Barcode;
2019-03-26 14:10:56 -07:00
use Google2FA;
use Illuminate\Foundation\Auth\ThrottlesLogins;
2016-03-25 01:18:05 -07:00
use Illuminate\Http\Request;
use Illuminate\Support\Carbon;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\Validator;
2016-03-25 01:18:05 -07:00
use Log;
2019-03-26 14:10:56 -07:00
use Redirect;
2016-03-25 01:18:05 -07:00
2016-04-07 13:21:09 -07:00
/**
* This controller handles authentication for the user, including local
* database users and LDAP users.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @version v1.0
*/
class LoginController extends Controller
2016-03-25 01:18:05 -07:00
{
use ThrottlesLogins;
2016-03-25 01:18:05 -07:00
// This tells the auth controller to use username instead of email address
protected $username = 'username';
/**
* Where to redirect users after login / registration.
*
* @var string
*/
protected $redirectTo = '/';
2020-05-05 07:06:19 -07:00
/**
* @var Saml
*/
protected $saml;
2016-03-25 01:18:05 -07:00
/**
* Create a new authentication controller instance.
*
2020-05-05 07:06:19 -07:00
* @param Saml $saml
*
2016-03-25 01:18:05 -07:00
* @return void
*/
public function __construct(Saml $saml)
2016-03-25 01:18:05 -07:00
{
parent::__construct();
$this->middleware('guest', ['except' => ['logout', 'postTwoFactorAuth', 'getTwoFactorAuth', 'getTwoFactorEnroll']]);
Session::put('backUrl', \URL::previous());
2020-05-05 07:06:19 -07:00
$this->saml = $saml;
2016-03-25 01:18:05 -07:00
}
public function showLoginForm(Request $request)
2016-03-25 01:18:05 -07:00
{
$this->loginViaRemoteUser($request);
2020-05-05 07:06:19 -07:00
$this->loginViaSaml($request);
2016-03-25 01:18:05 -07:00
if (Auth::check()) {
2020-05-05 07:06:19 -07:00
return redirect()->intended('/');
}
if (!$request->session()->has('loggedout')) {
// If the environment is set to ALWAYS require SAML, go straight to the SAML route.
// We don't need to check other settings, as this should override those.
if (config('app.require_saml')) {
return redirect()->route('saml.login');
}
if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == '1' && ! ($request->has('nosaml') || $request->session()->has('error'))) {
return redirect()->route('saml.login');
}
2016-03-25 01:18:05 -07:00
}
if (Setting::getSettings()->login_common_disabled == '1') {
return view('errors.403');
}
return view('auth.login');
2016-03-25 01:18:05 -07:00
}
2020-05-05 07:06:19 -07:00
/**
* Log in a user by SAML
*
2020-05-05 07:06:19 -07:00
* @author Johnson Yi <jyi.dev@outlook.com>
*
2020-05-05 07:06:19 -07:00
* @since 5.0.0
*
* @param Request $request
*
2020-05-05 07:06:19 -07:00
* @return User
*
2020-05-05 07:06:19 -07:00
* @throws \Exception
*/
private function loginViaSaml(Request $request)
{
$saml = $this->saml;
$samlData = $request->session()->get('saml_login');
if ($saml->isEnabled() && ! empty($samlData)) {
2020-05-05 07:06:19 -07:00
try {
$user = $saml->samlLogin($samlData);
$notValidAfter = new \Carbon\Carbon(@$samlData['assertionNotOnOrAfter']);
if(\Carbon::now()->greaterThanOrEqualTo($notValidAfter)) {
abort(400,"Expired SAML Assertion");
}
if(SamlNonce::where('nonce', @$samlData['nonce'])->count() > 0) {
abort(400,"Assertion has already been used");
}
Log::debug("okay, fine, this is a new nonce then. Good for you.");
if (!is_null($user)) {
Auth::login($user);
2020-05-05 07:06:19 -07:00
} else {
$username = $saml->getUsername();
\Log::debug("SAML user '$username' could not be found in database.");
2020-05-05 07:06:19 -07:00
$request->session()->flash('error', trans('auth/message.signin.error'));
$saml->clearData();
}
if ($user = Auth::user()) {
$user->last_login = \Carbon::now();
$user->saveQuietly();
2020-05-05 07:06:19 -07:00
}
$s = new SamlNonce();
$s->nonce = @$samlData['nonce'];
$s->not_valid_after = $notValidAfter;
$s->save();
2020-05-05 07:06:19 -07:00
} catch (\Exception $e) {
\Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
throw $e;
2020-05-05 07:06:19 -07:00
}
// Fallthrough with better logging
} else {
// Better logging
if (empty($samlData)) {
\Log::debug("SAML page requested, but samlData seems empty.");
}
2020-05-05 07:06:19 -07:00
}
2020-05-05 07:06:19 -07:00
}
/**
* Log in a user by LDAP
*
* @author Wes Hulette <jwhulette@gmail.com>
*
* @since 5.0.0
*
* @param Request $request
*
* @return User
*
* @throws \Exception
*/
private function loginViaLdap(Request $request): User
{
Log::debug("Binding user to LDAP.");
$ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
if (!$ldap_user) {
Log::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
throw new \Exception("Could not find user in LDAP directory");
} else {
Log::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
}
// Check if the user already exists in the database and was imported via LDAP
$user = User::where('username', '=', $request->input('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->where('activated', '=', '1')->first(); // FIXME - if we get more than one we should fail. and we sure about this ldap_import thing?
Log::debug("Local auth lookup complete");
// The user does not exist in the database. Try to get them from LDAP.
// If user does not exist and authenticates successfully with LDAP we
// will create it on the fly and sign in with default permissions
if (!$user) {
Log::debug("Local user ".$request->input('username')." does not exist");
Log::debug("Creating local user ".$request->input('username'));
if ($user = Ldap::createUserFromLdap($ldap_user, $request->input('password'))) {
Log::debug("Local user created.");
} else {
Log::debug("Could not create local user.");
throw new \Exception("Could not create local user");
}
// If the user exists and they were imported from LDAP already
} else {
Log::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
$ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
$user->password = $user->noPassword();
if (Setting::getSettings()->ldap_pw_sync=='1') {
$user->password = bcrypt($request->input('password'));
}
$user->email = $ldap_attr['email'];
$user->first_name = $ldap_attr['firstname'];
$user->last_name = $ldap_attr['lastname']; //FIXME (or TODO?) - do we need to map additional fields that we now support? E.g. country, phone, etc.
$user->saveQuietly();
} // End if(!user)
return $user;
}
private function loginViaRemoteUser(Request $request)
{
$header_name = Setting::getSettings()->login_remote_user_header_name ?: 'REMOTE_USER';
$remote_user = $request->server($header_name);
if (!isset($remote_user)) {
$remote_user = $request->server('REDIRECT_'.$header_name);
}
if (Setting::getSettings()->login_remote_user_enabled == '1' && isset($remote_user) && ! empty($remote_user)) {
Log::debug("Authenticating via HTTP header $header_name.");
$strip_prefixes = [
// IIS/AD
// https://github.com/snipe/snipe-it/pull/5862
'\\',
// Google Cloud IAP
// https://cloud.google.com/iap/docs/identity-howto#getting_the_users_identity_with_signed_headers
'accounts.google.com:',
];
$pos = 0;
foreach ($strip_prefixes as $needle) {
if (($pos = strpos($remote_user, $needle)) !== false) {
$pos += strlen($needle);
break;
}
}
if ($pos > 0) {
$remote_user = substr($remote_user, $pos);
}
try {
2018-07-19 10:22:08 -07:00
$user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
Log::debug('Remote user auth lookup complete');
if (! is_null($user)) {
Auth::login($user, $request->input('remember'));
}
} catch (Exception $e) {
Log::debug('There was an error authenticating the Remote user: '.$e->getMessage());
}
}
}
2016-12-01 02:25:53 -08:00
2016-03-25 01:18:05 -07:00
/**
* Account sign in form processing.
*
* @return Redirect
*/
public function login(Request $request)
2016-03-25 01:18:05 -07:00
{
//If the environment is set to ALWAYS require SAML, return access denied
if (config('app.require_saml')) {
\Log::debug('require SAML is enabled in the .env - return a 403');
return view('errors.403');
}
if (Setting::getSettings()->login_common_disabled == '1') {
\Log::debug('login_common_disabled is set to 1 - return a 403');
return view('errors.403');
}
$validator = $this->validator($request->all());
2016-03-25 01:18:05 -07:00
if ($validator->fails()) {
2016-04-28 21:06:41 -07:00
return redirect()->back()->withInput()->withErrors($validator);
2016-03-25 01:18:05 -07:00
}
$this->maxLoginAttempts = config('auth.passwords.users.throttle.max_attempts');
$this->lockoutTime = config('auth.passwords.users.throttle.lockout_duration');
if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
$user = null;
2016-03-25 01:18:05 -07:00
// Should we even check for LDAP users?
if (Setting::getSettings()->ldap_enabled) { // avoid hitting the $this->ldap
LOG::debug('LDAP is enabled.');
try {
LOG::debug('Attempting to log user in by LDAP authentication.');
$user = $this->loginViaLdap($request);
Auth::login($user, $request->input('remember'));
// If the user was unable to login via LDAP, log the error and let them fall through to
// local authentication.
} catch (\Exception $e) {
Log::debug('There was an error authenticating the LDAP user: '.$e->getMessage());
}
}
2016-03-25 01:18:05 -07:00
// If the user wasn't authenticated via LDAP, skip to local auth
if (! $user) {
Log::debug('Authenticating user against database.');
// Try to log the user in
if (! Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {
if (! $lockedOut) {
2016-12-29 14:02:18 -08:00
$this->incrementLoginAttempts($request);
}
Log::debug('Local authentication failed.');
2016-12-29 14:02:18 -08:00
return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
} else {
$this->clearLoginAttempts($request);
2016-12-29 14:02:18 -08:00
}
}
2017-03-03 18:28:13 -08:00
if ($user = Auth::user()) {
$user->last_login = \Carbon::now();
$user->activated = 1;
$user->saveQuietly();
2017-03-03 18:28:13 -08:00
}
// Redirect to the users page
return redirect()->intended()->with('success', trans('auth/message.signin.success'));
}
2016-03-25 01:18:05 -07:00
/**
* Two factor enrollment page
*
* @return Redirect
*/
public function getTwoFactorEnroll()
{
2016-03-25 01:18:05 -07:00
// Make sure the user is logged in
if (! Auth::check()) {
return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
}
2016-03-25 01:18:05 -07:00
$settings = Setting::getSettings();
$user = Auth::user();
2016-07-14 23:49:32 -07:00
// We wouldn't normally see this page if 2FA isn't enforced via the
// \App\Http\Middleware\CheckForTwoFactor middleware AND if a device isn't enrolled,
// but let's check check anyway in case there's a browser history or back button thing.
// While you can access this page directly, enrolling a device when 2FA isn't enforced
// won't cause any harm.
2016-07-14 23:49:32 -07:00
if (($user->two_factor_secret != '') && ($user->two_factor_enrolled == 1)) {
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.already_enrolled'));
}
2019-03-27 22:01:38 -07:00
$secret = Google2FA::generateSecretKey();
$user->two_factor_secret = $secret;
2016-03-25 01:18:05 -07:00
2019-03-27 22:01:38 -07:00
$barcode = new Barcode();
$barcode_obj =
$barcode->getBarcodeObj(
'QRCODE',
sprintf(
'otpauth://totp/%s:%s?secret=%s&issuer=Snipe-IT&period=30',
urlencode($settings->site_name),
urlencode($user->username),
urlencode($secret)
),
300,
300,
'black',
[-2, -2, -2, -2]
);
$user->saveQuietly(); // make sure to save *AFTER* displaying the barcode, or else we might save a two_factor_secret that we never actually displayed to the user if the barcode fails
2019-03-27 22:01:38 -07:00
return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
}
2016-03-25 01:18:05 -07:00
/**
* Two factor code form page
*
* @return Redirect
*/
2016-12-29 14:02:18 -08:00
public function getTwoFactorAuth()
{
// Check that the user is logged in
if (! Auth::check()) {
return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
}
$user = Auth::user();
// Check whether there is a device enrolled.
// This *should* be handled via the \App\Http\Middleware\CheckForTwoFactor middleware
// but we're just making sure (in case someone edited the database directly, etc)
if (($user->two_factor_secret == '') || ($user->two_factor_enrolled != 1)) {
return redirect()->route('two-factor-enroll');
}
return view('auth.two_factor');
}
2016-03-25 01:18:05 -07:00
/**
* Two factor code submission
*
* @param Request $request
*
* @return Redirect
*/
2016-12-29 14:02:18 -08:00
public function postTwoFactorAuth(Request $request)
{
if (! Auth::check()) {
return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
}
if (! $request->filled('two_factor_secret')) {
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
2016-03-25 01:18:05 -07:00
}
if (! $request->has('two_factor_secret')) { // TODO this seems almost the same as above?
return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
}
$user = Auth::user();
$secret = $request->input('two_factor_secret');
2019-03-27 22:01:38 -07:00
if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
$user->two_factor_enrolled = 1;
$user->saveQuietly();
$request->session()->put('2fa_authed', $user->id);
return redirect()->route('home')->with('success', 'You are logged in!');
}
return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
2016-03-25 01:18:05 -07:00
}
2016-03-25 01:18:05 -07:00
/**
* Logout page.
*
* @param Request $request
*
2016-03-25 01:18:05 -07:00
* @return Redirect
*/
public function logout(Request $request)
2016-03-25 01:18:05 -07:00
{
2022-05-14 04:59:34 -07:00
// Logout is only allowed with a http POST but we need to allow GET for SAML SLO
2020-05-05 07:06:19 -07:00
$settings = Setting::getSettings();
$saml = $this->saml;
2022-05-14 04:59:34 -07:00
$samlLogout = $request->session()->get('saml_logout');
2020-05-05 07:06:19 -07:00
$sloRedirectUrl = null;
$sloRequestUrl = null;
2022-05-14 04:59:34 -07:00
// Only allow GET if we are doing SAML SLO otherwise abort with 405
if ($request->isMethod('GET') && !$samlLogout) {
abort(405);
}
2020-05-05 07:06:19 -07:00
if ($saml->isEnabled()) {
$auth = $saml->getAuth();
$sloRedirectUrl = $request->session()->get('saml_slo_redirect_url');
if (! empty($auth->getSLOurl()) && $settings->saml_slo == '1' && $saml->isAuthenticated() && empty($sloRedirectUrl)) {
$sloRequestUrl = $auth->logout(null, [], $saml->getNameId(), $saml->getSessionIndex(), true, $saml->getNameIdFormat(), $saml->getNameIdNameQualifier(), $saml->getNameIdSPNameQualifier());
2020-05-05 07:06:19 -07:00
}
$saml->clearData();
}
if (! empty($sloRequestUrl)) {
2020-05-05 07:06:19 -07:00
return redirect()->away($sloRequestUrl);
}
Squashed commit of the following: commit e321aeabaed580f8de6ee309b377654620f117be Merge: 8ec99ff43 37568ae9e Author: snipe <snipe@snipe.net> Date: Mon Aug 31 12:14:44 2020 -0700 Merge branch 'master' into integrations/2020-08-31-v5-rc # Conflicts: # .all-contributorsrc # .nvmrc # README.md # app/Console/Commands/LdapSync.php # app/Http/Controllers/Api/ConsumablesController.php # app/Http/Controllers/Api/ImportController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/LoginController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/UsersController.php # app/Importer/import_mappings.md # app/Models/Ldap.php # app/Models/Loggable.php # composer.json # composer.lock # config/version.php # public/css/build/all.css # public/css/dist/all.css # public/css/skins/skin-contrast.css # public/css/skins/skin-contrast.css.map # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/dist/all.js # public/mix-manifest.json # resources/assets/js/components/importer/importer-file.vue # resources/assets/less/overrides.less # resources/macros/macros.php # resources/views/custom_fields/fieldsets/view.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/labels.blade.php # resources/views/hardware/view.blade.php # resources/views/layouts/default.blade.php # resources/views/modals/model.blade.php # resources/views/modals/user.blade.php # resources/views/users/index.blade.php # routes/api.php # routes/web/fields.php # tests/unit/UserTest.php commit 37568ae9ec021789d910de91bdef5f64e517451a Merge: 01a832169 32ad9050c Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:49:37 2020 -0700 Merge pull request #8365 from snipe/fixes/8338_google_maps_CSP Fixed #8338 - Added google maps to CSP commit 32ad9050cff8a9bfc89e5a832a9bbf1ad03dadd3 Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:48:53 2020 -0700 Added google maps to CSP commit 01a832169c7572960340e743e569fe9ffdc3f996 Merge: bcad49ce7 3c6883489 Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:38:31 2020 -0700 Merge pull request #8364 from snipe/fixes/8335_assigned_to_null_on_status_assetlist Fixed #8335 - added assignedTo scope on status labels API call for assetlist commit 3c6883489c030df8d90e2f18cab3ad96121205e5 Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:37:30 2020 -0700 Added assignedTo scope commit bcad49ce79ad7aab99bec8b273a78bb531c48ef0 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 16:10:22 2020 -0700 Try to better handle slack “too many requests” issue commit b5acca89d72a43f42fb81a4bf06e8b7c3da0b93b Author: snipe <snipe@snipe.net> Date: Fri Aug 14 16:02:15 2020 -0700 Check for admin for slack notifications commit e52919cf1b17871c6bf294cfb1a9be59f6033289 Merge: 714576be4 29f3a5c48 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:35:15 2020 -0700 Merge pull request #8327 from snipe/features/checkin_license_from_all_users Checkin license from all users cli tool commit 29f3a5c48f9b9fc4fcfb19cc6eebb1ce1e0e5a91 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:27:40 2020 -0700 Use more verbose annotation for Auth::user if/else commit 134e8e6fb9958e71b8fa960de53c041324bd9e1c Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:25:07 2020 -0700 Moved user email nulling until after the save commit 714576be45dabe9a2b23d3090ec0c72ab8ec28da Merge: b999c50a2 512899294 Author: Brady Wetherington <bwetherington@grokability.com> Date: Fri Aug 14 15:24:03 2020 -0700 Merge pull request #8328 from snipe/fix_deprecation_report Fix deprecation report for customers with many active assets commit 5128992940b8565e5e87a2a917d3bcde8e21b711 Author: Brady Wetherington <uberbrady@gmail.com> Date: Fri Aug 14 15:03:03 2020 -0700 Fix deprecation report for customers with many active assets commit 02913235020d242e959f274fec588d9ebf8e39fa Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:57:58 2020 -0700 Use the user as the target commit e0f6f9b83972ef9fde79dbc342555580a0574591 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:43:37 2020 -0700 Artisan command to check in licenses from all users commit f1a6308002caa865fe1a9b17b91d34fbfdd94a75 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:43:07 2020 -0700 Check for Auth::user before trying to log id (for cli) commit b999c50a2eef14bdf44be8e4359f794194170d2d Merge: 9ca20e496 e3906b245 Author: snipe <snipe@snipe.net> Date: Wed Aug 12 12:37:47 2020 -0700 Merge pull request #8316 from Godmartinz/bug/ch15028/missing-or-incorrect-error-message-translation Looks great, thank you! commit e3906b245c9b85eca723bffa88b9af28f290e0fe Author: Godfrey M <godmartinz@gmail.com> Date: Wed Aug 12 12:27:18 2020 -0700 added translation for admin/licenses/message.not_found commit 9ca20e4964e57621af8f6b2e790e0d68b69b1afb Merge: e0644dbbf 456a74d88 Author: Brady Wetherington <bwetherington@grokability.com> Date: Tue Aug 11 17:33:19 2020 -0700 Merge pull request #8313 from snipe/improve_ldap_search_error_reporting Improve ldap search error reporting commit 456a74d88c1b1f14828aaf63e5122eb8b6831755 Author: Brady Wetherington <uberbrady@gmail.com> Date: Tue Aug 11 16:41:20 2020 -0700 De-merge out incorrectly merged files. Whoops! commit 799c059070eff849c81550423d16344748522bc7 Author: Brady Wetherington <uberbrady@gmail.com> Date: Tue Aug 11 16:21:18 2020 -0700 Add internationalized version of LDAP error message commit c62d43a77831dd798054b95e7ad9e72210f6accf Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Aug 10 17:04:17 2020 -0700 Improve Exception management in Artisan LDAP Sync method. Still need to localize this better commit b725bd0fae2b062d81a460283aa07b2186a99197 Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Aug 10 17:23:04 2020 -0700 Add @PeterUpfold as a contributor commit e0644dbbf6b5601b6712ca16877b481799e9652c Merge: 5b6925b00 004ecad05 Author: Brady Wetherington <bwetherington@grokability.com> Date: Mon Aug 10 17:22:31 2020 -0700 Merge pull request #8105 from PeterUpfold/PeterUpfold-7661workaround Propose workaround for #7661 — suppress E_DEPRECATED on ldap_control_paged_result() commit 5b6925b00c04b1abdea0235d04dda32c89215201 Author: snipe <snipe@snipe.net> Date: Tue Aug 4 21:00:37 2020 -0700 Removed debugging :( commit df17a859bfab8876d3e849c42692e01bdfdbd886 Author: snipe <snipe@snipe.net> Date: Tue Aug 4 20:59:54 2020 -0700 Changed modal IDs so manager creation modal works on user creation main page commit 24c43056ba9e738334eb2310db7c9920d9ab0613 Author: snipe <snipe@snipe.net> Date: Tue Aug 4 20:58:28 2020 -0700 Moved pGenerator script to default layout footer This fixes an issue where the password generator wouldn’t load in a modal in Chrome commit 606b7e905df1918336cef64984e54207ca6a7644 Author: snipe <snipe@snipe.net> Date: Fri Jul 31 17:02:33 2020 -0700 Small edits to PR template Slight text changes to ask specifics about versions commit d73ddad477cb9c675f15fbd54bdb1486bf8f14fc Author: snipe <snipe@snipe.net> Date: Fri Jul 31 16:59:26 2020 -0700 Created a PR template First draft of the PR guidelines template commit 9a39cf721e82aa25623e41eeb280d7bed3b3c178 Merge: 7410b1683 8994f3e15 Author: snipe <snipe@snipe.net> Date: Fri Jul 31 12:18:49 2020 -0700 Merge pull request #8258 from ballertv/features/consumable-api This looks great, thank you! commit 7410b16835bab1563bf2b7baaddb55377083a3a0 Merge: e955c983a b09e7d19b Author: Brady Wetherington <bwetherington@grokability.com> Date: Fri Jul 24 16:22:44 2020 -0700 Merge pull request #8270 from snipe/improve_ad_useraccountcontrol_v4 Add new useraccountcontrol value for valid AD users commit 8994f3e15e9fef5d1ec9c44764b424fa7edf9448 Author: andres <andresgutierrez535@gmail.com> Date: Wed Jul 22 19:57:06 2020 -0400 cleanup commit d23f1a77cac396a3a4962c5993cf1bdbfcf52a29 Author: andres <andresgutierrez535@gmail.com> Date: Wed Jul 22 18:46:02 2020 -0400 implement checkout API commit e955c983a3a9bd7793cf9a5f63b6e2c56d53d63f Merge: 2fa17ac18 eed41e454 Author: snipe <snipe@snipe.net> Date: Wed Jul 22 13:43:29 2020 -0700 Merge pull request #8250 from snipe/features/adds_addr_city_state_to_importer Added address, city, state and country to importer and city to bulk editor commit b09e7d19b3bc424d5960de9f5ffd272b2f19c272 Author: Brady Wetherington <uberbrady@gmail.com> Date: Wed Jul 22 13:32:16 2020 -0700 Add new useraccountcontrol value for valid AD users; document algorithm and values commit 2fa17ac18557969f5627953f6d041610207656a6 Merge: b90515437 3b1e46f72 Author: snipe <snipe@snipe.net> Date: Wed Jul 22 12:06:31 2020 -0700 Merge pull request #8254 from Godmartinz/gmartinez_adds_email_formats Added firstinitial.lastname, lastname_firstinitial, firstnamelastname… commit 3b1e46f72b81bd27e5ba0783c88f9d0d0038d611 Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com> Date: Wed Jul 22 11:25:57 2020 -0700 Update general.php commit 0c1a1de2a21dfd3639e3d2d2df995c3452c15a11 Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com> Date: Wed Jul 22 11:24:36 2020 -0700 Update general.php fixed typo commit 20c9ae5818ae22846bf2149f261e7f70cc8a7c71 Author: Godfrey M <godmartinz@gmail.com> Date: Wed Jul 22 10:21:19 2020 -0700 Added firstinitial.lastname, lastname_firstinitial, firstnamelastname and firstnamelastinitial to username formats commit eed41e454962bb6e9e6cbcf79cb4aed292ac2bbf Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:57:32 2020 -0700 Moved address down further, fixed broken HTML commit b750f4754f5f4245c0f490f6b6832b4c10615f27 Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:49:54 2020 -0700 Added city to bulk user importer commit c17a06792a76ee11215bd576f2df9732416b3e9d Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:49:38 2020 -0700 Added address, city, state, country to user importer commit 4f76cc6cfbad1eeded1981e8569e915ca37b87d9 Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:46:13 2020 -0700 I don’t actually know what this file is for commit b905154373bcf0b1ef64d57bb95f184557caba37 Author: snipe <snipe@snipe.net> Date: Mon Jul 20 14:29:32 2020 -0700 Fixed #8247 - added notes field to user details display commit daf748e531324215bfd746b406407fee7476d0ab Author: snipe <snipe@snipe.net> Date: Fri Jul 17 12:32:01 2020 -0700 Bumped hash commit 799a93c46a198a8235bbce1527ea7bf4929129c2 Author: snipe <snipe@snipe.net> Date: Fri Jul 17 12:11:32 2020 -0700 Allow for email/username search on users commit 34aa12e229fef497b355a492b5ef2c003337786b Merge: 81a633288 897757bd0 Author: snipe <snipe@snipe.net> Date: Thu Jul 16 17:44:13 2020 -0700 Merge pull request #8239 from snipe/fixes/api_rtd_to_location_on_create Set location_id to rtd_location_id on asset creation commit 897757bd0461cefd2e82aba344d416ed6843c49c Author: snipe <snipe@snipe.net> Date: Thu Jul 16 17:43:44 2020 -0700 Removed added line for location commit c7125c39375b101f852930536dabcc079f2d5e88 Author: snipe <snipe@snipe.net> Date: Thu Jul 16 16:34:39 2020 -0700 Set location_id to rtd_location_id on asset creation commit 81a6332889e9e4684ee65a669bc2b3bc1a3ced50 Author: snipe <snipe@snipe.net> Date: Tue Jul 14 13:55:38 2020 -0700 Removed license ID from seats table cookie info This typically wouldn’t be necessary, since most people would want to view the same *types* of data across licenses commit 6e563f6e4bfd9f8b52c8c8d39a60b466e64ba654 Merge: 5320f5c67 7f69ae953 Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:54 2020 -0700 Merge branch 'master' of https://github.com/snipe/snipe-it commit 5320f5c67ce7dbf4605cc5b7fd7be8773c8ee157 Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:45 2020 -0700 Disallow non-super users from editing their own permissions commit 7f69ae953b7990107bd0db3de16621e5238136e9 Merge: c79f8c1ba 17f6fbabf Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:00 2020 -0700 Merge pull request #8227 from snipe/fix_select2_ajax_pulldowns Changes how we do AJAX calls via Select2 for dynamic drop-down menus commit 17f6fbabfaa15f203a6accecf6a7b83c35d56ef8 Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Jul 13 21:12:03 2020 -0700 Switch to 'items' to maintain compatbility with other internal API's commit c79f8c1baf920f41d43827094691275eec529448 Merge: 12c92e30b 536401fe0 Author: snipe <snipe@snipe.net> Date: Mon Jul 13 17:42:16 2020 -0700 Merge pull request #8207 from EDVLeer/patch-1 Update snipeit.sh commit e7a820f7c91c14280f96e0e58f9921f73cf88c43 Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Jul 13 17:14:31 2020 -0700 Changes how we do AJAX calls via Select2 for dynamic drop-down menus commit 12c92e30b7a20ecd0e45b5a052b43c81dd35cc97 Author: snipe <snipe@snipe.net> Date: Fri Jul 10 16:21:27 2020 -0700 Show whether or not the user was imported via LDAP in the view page commit fd10b755b0241e354a265454c13965228a265a85 Author: snipe <snipe@snipe.net> Date: Fri Jul 10 11:30:01 2020 -0700 Removed the sr-only tag in table headers It was breaking Bootstrap Tables column selector :( commit dbbb7680d9d92ab42ffcca825fd93ff6cc3e5f89 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 21:12:50 2020 -0700 A few more fixes for the cli Do not check out a piece of software if it’s already been checked out to the user commit cf0dd5bbadef3689dd9110d96e7d060ddb5fc827 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:43:13 2020 -0700 Small fixes for cli tool commit 25e53d8c7f4ba1d5977bb5fbc5265ac9c8c543d9 Merge: ec6ed256f 89d433b41 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:27:01 2020 -0700 Merge pull request #8216 from snipe/features/checkout_license_to_all_users Added CLI tool to checkout license to all users commit 89d433b41aa0de862cb60142c8d6ef80f339a958 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:26:02 2020 -0700 Removed duplicate seat call commit e2570ada6f158dfc9acead583a0b2fa7fae17ca6 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:04:05 2020 -0700 CLI tool to checkout a license to ALL users commit 45afe725a1f039dddd87537e16470963684f0711 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:03:47 2020 -0700 Only try to get the company if there is an auth’d user (Needed for command line tools, where no Auth::user() is present) commit 536401fe0ff97cd6a8077cef993bfe755ed46851 Author: EDVLeer <32170051+EDVLeer@users.noreply.github.com> Date: Tue Jul 7 08:21:36 2020 +0200 Update snipeit.sh Ubuntu 20.04 commit ec6ed256fbc7740f76ee22867b6fe2008ff7873e Author: snipe <snipe@snipe.net> Date: Mon Jul 6 18:45:43 2020 -0700 Bumped minor version commit 2aaa7bed2d4fad6e8f7b101ecdae1f46ab8a00c2 Merge: 339bdddc3 cc9f1577a Author: snipe <snipe@snipe.net> Date: Thu Jun 25 18:37:41 2020 -0700 Merge pull request #8183 from snipe/features/merge_users Added merge utility commit cc9f1577a47708a6e11dffeab4797982be243cfa Author: snipe <snipe@snipe.net> Date: Thu Jun 25 17:43:53 2020 -0700 Removed unused use directives commit ab1fe8be0c72522273c468dfd5551553d9f92665 Author: snipe <snipe@snipe.net> Date: Thu Jun 25 17:42:39 2020 -0700 Added merge utility commit 339bdddc384aa655fa186dc36e02cc587487d4af Author: snipe <snipe@snipe.net> Date: Thu Jun 25 11:00:33 2020 -0700 Fix for Vue js not loading due to CSP :( commit 35b9cf4b703b9ced785daec1d35973ca266cdc49 Author: snipe <snipe@snipe.net> Date: Tue Jun 23 02:41:59 2020 -0700 Fixed missing db prefix on scopeDueOrOverdueForAudit commit 7ccb41371e0efc46d51abc790f49a9fb73e9b8bc Author: snipe <snipe@snipe.net> Date: Tue Jun 23 01:09:39 2020 -0700 Removed unoptimized images directive securityheaders.com is claiming it’s onrecognized, even though I got that directive from their site, so… whatever. ¯\_(ツ)_/¯ commit 2e60a457bf45640a0563a2bc4b66e02b0d226271 Author: snipe <snipe@snipe.net> Date: Tue Jun 23 01:07:00 2020 -0700 Dumb fix for feature-policy being dumb. commit 2390d2160bff7b4b340696fa527b1bc871bddff1 Merge: b42801f6a 00b051b8c Author: snipe <snipe@snipe.net> Date: Tue Jun 23 00:27:47 2020 -0700 Merge pull request #8164 from snipe/features/additional_security_headers Additional security headers commit 00b051b8c7f1af5218a11f2b33fcab37934bd894 Author: snipe <snipe@snipe.net> Date: Tue Jun 23 00:26:09 2020 -0700 Added a few more comments commit 05b3a9ad7e72cc71b09ed8ef2e87db19fa3700ee Author: snipe <snipe@snipe.net> Date: Mon Jun 22 23:17:27 2020 -0700 Config variable for HSTS commit 4fb880384fd455bd59a3b91c4244c392d7198c48 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:37:14 2020 -0700 Changed comment commit 43042ad8412d8d89a9b09e47e5da8b276c9655f2 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:35:59 2020 -0700 Consolidated ReferrerPolicy into new SecurityHeaders file commit a716382ac43d0a58b96604a3ec15e389b7ae97c2 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:33:37 2020 -0700 Removed CSP middleware (it’s added in the general header) commit 36c8f7f4f116666c63ae7bc0d12e15f77a8fd6bc Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:31:01 2020 -0700 Additional security headers commit b42801f6ae635e843d9e062b4119d86fb3d05fc6 Merge: de4934f21 946129f20 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:47:35 2020 -0700 Merge pull request #8163 from snipe/fixes/fix-for-css-on-column-selector Fixed weird padlock display in asset listing with encrypted custom fields commit 946129f20614e65bbbecbbda70cfba81b89d0937 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:45:20 2020 -0700 Made quote style consistent commit b941ef1e08f84f40f503db6ebe67d0e8dca9c74a Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:41:40 2020 -0700 Pulled CSS font awesome styles out of the blade and into overrides.css commit d1aa11ec89347fb2c139d751719c4459c2448321 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:29:19 2020 -0700 Fix for weird padlock display in asset listing with encrypted custom fields commit de4934f21d34a628e57992fc6a59813f42c55d90 Merge: af06e4205 b10076b01 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 17:28:38 2020 -0700 Merge pull request #8162 from Godmartinz/godfreymartinez-ghi-font-size-of-qr_text Fixed #8161 and #8114 - font-size for labels used static values in blade instead of using values from settings commit b10076b015ac0034fded62548135aaff3f1b2a0a Author: Godfrey M <godmartinz@gmail.com> Date: Mon Jun 22 17:04:39 2020 -0700 corrected an error where font-size for labels were static in settings. commit af06e4205627b29f583b2e2e770fd2913fce5e46 Author: snipe <snipe@snipe.net> Date: Wed Jun 17 11:17:25 2020 -0700 Bumped version commit 9a2440dc4b98a9c12b38a04504875c7c196a510c Merge: beae8efb2 2ac1c1636 Author: snipe <snipe@snipe.net> Date: Tue Jun 16 20:20:07 2020 -0700 Merge pull request #8141 from snipe/fixes/better_handling_when_license_is_invalid Better handle the logic to determine if we should display the license checkout blade [ch13792] commit 2ac1c1636c672db59d601bd5c73d4a8023533ec9 Author: snipe <snipe@snipe.net> Date: Tue Jun 16 16:12:57 2020 -0700 Better handle the logic to determine if we should display the license checkout blade commit 004ecad059d636cc5be62aa5f112e3c4f9762326 Author: Peter Upfold <pgithub@upfold.org.uk> Date: Wed Jun 3 08:59:50 2020 +0100 Force suppress deprecation warning on ldap_control_paged_result() commit beae8efb21c2675b3da4308a87d911c534e70361 Merge: d14ab7e3e 9839e5e56 Author: snipe <snipe@snipe.net> Date: Wed May 27 23:01:33 2020 -0700 Merge pull request #8088 from Godmartinz/Label_Woes Barcode resizing and text adjustment commit 9839e5e566f51f85abe6860dfc8377042834c89b Author: Godfrey M <godmartinz@gmail.com> Date: Wed May 27 12:27:40 2020 -0700 adjusted for all label text, removed local variable commit d14ab7e3e1bf09c931ad148fdb6b65ee5a3dc7b8 Author: snipe <snipe@snipe.net> Date: Wed May 27 00:22:44 2020 -0700 Porting change from #8053 to master Signed-off-by: snipe <snipe@snipe.net> commit e7f74d94c179730f8b8502da5e2c1c90fa8ec594 Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:22:45 2020 -0700 Label_Woes commit e97cf011b65df9e66826c26464fed7bf4001917a Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:15:39 2020 -0700 Label_Woes commit ed23505054cd1bdf2ef695b6b010e025382f38da Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:10:45 2020 -0700 Label_Woes commit 001e721530c41fd8ad8e925cecdef2eb8c96ab4c Merge: f88683766 8210da6e8 Author: snipe <snipe@snipe.net> Date: Wed May 20 10:21:52 2020 -0700 Merge pull request #8063 from dmeltzer/backport-8092 BACKPORT: Fix Missing Category selection in Asset Model Modal dialog - [ch14635] commit 8210da6e82018afab07197abe591a7666a56af21 Author: Daniel Meltzer <dmeltzer.devel@gmail.com> Date: Wed May 20 10:29:27 2020 -0400 Fix Missing Category selection in Asset Model Modal dialog. A select html tag needs a full closing tag. is not valid. This was causing the select2 js to barf and eat additional information. commit f88683766b1c7e9636aebe2fc952e6f036d3882c Author: snipe <snipe@snipe.net> Date: Thu May 14 00:55:47 2020 -0700 Roll back previous change Signed-off-by: snipe <snipe@snipe.net> commit e4385c0f8c584061670a1f98b13bbe90a124ac05 Author: snipe <snipe@snipe.net> Date: Thu May 14 00:48:30 2020 -0700 Fixes #8051 regression Signed-off-by: snipe <snipe@snipe.net> commit 0550fe0ffa4e5569bd7ca28354ca282ca2ef2825 Author: snipe <snipe@snipe.net> Date: Tue May 12 10:31:54 2020 -0700 Fix for session fixation vulnerability Signed-off-by: snipe <snipe@snipe.net> commit 7fb3a9b82c09b3aab65bf2b00f76efc66356155e Merge: 9a2ed804c ecb1e87fe Author: snipe <snipe@snipe.net> Date: Mon May 11 22:41:36 2020 -0700 Merge pull request #8043 from snipe/features/backup-optional-in-import-and-ldap Added option to disable backup in import commit ecb1e87fe6e7ab67900936a0f158670cc4c21c56 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:45:15 2020 -0700 Updated assets Signed-off-by: snipe <snipe@snipe.net> commit f43df5f04147ded31cc625ef92f87127993e94b3 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:44:46 2020 -0700 Fixed form label Signed-off-by: snipe <snipe@snipe.net> commit 95cc48e422e54b373d3a88d20d15d7536a323dce Author: snipe <snipe@snipe.net> Date: Mon May 11 20:41:10 2020 -0700 Added option to disable backup in import Signed-off-by: snipe <snipe@snipe.net> commit 9a2ed804ca9f71a9705da604a2c721ceeb9a5567 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:28:42 2020 -0700 Fixed mismatched HTML header tags Signed-off-by: snipe <snipe@snipe.net> commit d20fad28e5e807c7577d9bd0e5146e5607affa33 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:28:24 2020 -0700 Use more modern request helper Signed-off-by: snipe <snipe@snipe.net> commit ae813ddf75b21c45420016033c667ee35a9fc52b Author: snipe <snipe@snipe.net> Date: Mon May 11 18:11:16 2020 -0700 Add @alek13 as a contributor commit bb42109c0c76b6709f39190ae4a1daa55865d306 Author: snipe <snipe@snipe.net> Date: Mon May 11 18:10:45 2020 -0700 Added a clarifying comment Signed-off-by: snipe <snipe@snipe.net> commit f46ecf8ec0c1723e2e04036357c74644c30d4cb7 Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:20 2020 -0700 Updated composer lock Signed-off-by: snipe <snipe@snipe.net> commit b9e821c0e65e0745064b42aa6cccf9627c5df3e6 Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:14 2020 -0700 Small fix for Group Functional Tests Signed-off-by: snipe <snipe@snipe.net> commit 9ee28c7513616018f8ff0b8f5b167469e19070eb Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:02 2020 -0700 Switched to use info instead of danger on undeployable statuses Signed-off-by: snipe <snipe@snipe.net> commit 1a8ba06702727b1de870d05df53443270b35b8b7 Merge: 0fd232e70 ee4d69b1c Author: snipe <snipe@snipe.net> Date: Mon May 11 17:53:32 2020 -0700 Merge branch 'master' of https://github.com/snipe/snipe-it commit 0fd232e70d2be9ce845a73745ac98800bcfef9e2 Author: snipe <snipe@snipe.net> Date: Mon May 11 17:53:24 2020 -0700 Fixed group functional test (We had changed the minimum to 2 instead of 3) Signed-off-by: snipe <snipe@snipe.net> commit ee4d69b1c59c6baf832574da9e9bbbe67248a4bc Merge: 31c535094 d1ad11194 Author: snipe <snipe@snipe.net> Date: Mon May 11 17:52:45 2020 -0700 Merge pull request #8041 from alek13/patch-1 use supported package for slack commit d1ad11194936c51050d2e7a77d01c0daa1dde4fd Author: Alexander Chibrikin <alek13.me@gmail.com> Date: Mon May 11 20:31:13 2020 +0300 use supported package for slack see https://github.com/maknz/slack/issues/94 commit 31c5350941c7330aed01652b0670b61f6660b15b Author: snipe <snipe@snipe.net> Date: Fri May 1 01:05:48 2020 -0700 Fixed incorrect route for groups edit Signed-off-by: snipe <snipe@snipe.net> commit 7eb70e17e0b4d0f1ed1fe3ed7fbff1728eb077fb Merge: 5bb4f271a 3dfcb4699 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:50:37 2020 -0700 Merge pull request #7993 from snipe/fixes/7989_column_selector Fixed #7989 - Converted table heading icons in People to CSS glyphs commit 3dfcb469910456b3213e00c5cd2f839d25dbf2c7 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:41:08 2020 -0700 Minor formatting changes Signed-off-by: snipe <snipe@snipe.net> commit 96eb96f964c40b798d5ceed25eff2bbef4f0bc51 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:27:00 2020 -0700 Removed stray val (typo) Signed-off-by: snipe <snipe@snipe.net> commit a2f08bd3baa6fb23633ceb58e5408b125b0f0029 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:08:54 2020 -0700 Added comments Signed-off-by: snipe <snipe@snipe.net> commit e009fbe59f39a717a4ad7bea5027d39cb5323225 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:04:53 2020 -0700 Converted table heading icons in People to CSS glyphs Signed-off-by: snipe <snipe@snipe.net> commit 5bb4f271aaa42a0c211d25e06a500a76c5a224f4 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 00:47:19 2020 -0700 Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets Signed-off-by: snipe <snipe@snipe.net>
2020-08-31 12:17:19 -07:00
$request->session()->regenerate(true);
if ($request->session()->has('password_hash_'.Auth::getDefaultDriver())){
$request->session()->remove('password_hash_'.Auth::getDefaultDriver());
}
2016-03-25 01:18:05 -07:00
Auth::logout();
if (! empty($sloRedirectUrl)) {
2020-05-05 07:06:19 -07:00
return redirect()->away($sloRedirectUrl);
}
$customLogoutUrl = $settings->login_remote_user_custom_logout_url;
if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
return redirect()->away($customLogoutUrl);
}
2020-05-05 07:06:19 -07:00
return redirect()->route('login')->with(['success' => trans('auth/message.logout.success'), 'loggedout' => true]);
2016-03-25 01:18:05 -07:00
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'username' => 'required',
'password' => 'required',
]);
}
public function username()
{
return 'username';
}
/**
* Redirect the user after determining they are locked out.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse
*/
protected function sendLockoutResponse(Request $request)
{
2016-12-14 06:30:51 -08:00
$seconds = $this->limiter()->availableIn(
$this->throttleKey($request)
);
$minutes = round($seconds / 60);
2016-12-29 14:02:18 -08:00
$message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);
2016-12-14 06:30:51 -08:00
return redirect()->back()
2016-12-14 06:30:51 -08:00
->withInput($request->only($this->username(), 'remember'))
->withErrors([$this->username() => $message]);
}
2016-12-14 06:30:51 -08:00
/**
* Override the lockout time and duration
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
2016-12-14 06:30:51 -08:00
protected function hasTooManyLoginAttempts(Request $request)
{
$lockoutTime = config('auth.passwords.users.throttle.lockout_duration');
$maxLoginAttempts = config('auth.passwords.users.throttle.max_attempts');
2016-12-14 06:30:51 -08:00
return $this->limiter()->tooManyAttempts(
2016-12-29 14:02:18 -08:00
$this->throttleKey($request),
$maxLoginAttempts,
$lockoutTime
2016-12-14 06:30:51 -08:00
);
}
2017-02-02 18:14:25 -08:00
public function legacyAuthRedirect()
{
2017-02-02 18:14:25 -08:00
return redirect()->route('login');
}
2017-10-02 16:00:42 -07:00
public function redirectTo()
{
return Session::get('backUrl') ? Session::get('backUrl') : $this->redirectTo;
2017-10-02 16:00:42 -07:00
}
2016-03-25 01:18:05 -07:00
}