Added LOGIN_AUTOCOMPLETE as env var

Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2023-08-15 01:56:01 +01:00
parent d3fbbec92c
commit 24a3e0ee83
3 changed files with 17 additions and 3 deletions

View file

@ -149,6 +149,7 @@ AWS_DEFAULT_REGION=null
# --------------------------------------------
LOGIN_MAX_ATTEMPTS=5
LOGIN_LOCKOUT_DURATION=60
LOGIN_AUTOCOMPLETE=false
# --------------------------------------------
# OPTIONAL: FORGOTTEN PASSWORD SETTINGS

View file

@ -132,4 +132,16 @@ return [
'password_timeout' => env('PASSWORD_CONFIRM_TIMEOUT', 10800),
/*
|--------------------------------------------------------------------------
| Login form autocomplete
|--------------------------------------------------------------------------
|
| Determine whether to include autocomplete="off" on the login form. Some users may want to disable
| autocomplete for compliance with security requirements.
|
*/
'login_autocomplete' => env('LOGIN_AUTOCOMPLETE', false),
];

View file

@ -4,9 +4,10 @@
{{-- Page content --}}
@section('content')
<form role="form" action="{{ url('/login') }}" method="POST" autocomplete="false">
<form role="form" action="{{ url('/login') }}" method="POST" autocomplete="{{ (config('auth.login_autocomplete') === true) ? 'on' : 'off' }}">
<input type="hidden" name="_token" value="{{ csrf_token() }}" />
<!-- this is a hack to prevent Chrome from trying to autocomplete fields -->
<input type="text" name="prevent_autofill" id="prevent_autofill" value="" style="display:none;" aria-hidden="true">
<input type="password" name="password_fake" id="password_fake" value="" style="display:none;" aria-hidden="true">
@ -45,12 +46,12 @@
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}">
<label for="username"><i class="fas fa-user" aria-hidden="true"></i> {{ trans('admin/users/table.username') }}</label>
<input class="form-control" placeholder="{{ trans('admin/users/table.username') }}" name="username" type="text" id="username" autocomplete="off" autofocus>
<input class="form-control" placeholder="{{ trans('admin/users/table.username') }}" name="username" type="text" id="username" autocomplete="{{ (config('auth.login_autocomplete') === true) ? 'on' : 'off' }}" autofocus>
{!! $errors->first('username', '<span class="alert-msg" aria-hidden="true"><i class="fas fa-times" aria-hidden="true"></i> :message</span>') !!}
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password"><i class="fa fa-key" aria-hidden="true"></i> {{ trans('admin/users/table.password') }}</label>
<input class="form-control" placeholder="{{ trans('admin/users/table.password') }}" name="password" type="password" id="password" autocomplete="off">
<input class="form-control" placeholder="{{ trans('admin/users/table.password') }}" name="password" type="password" id="password" autocomplete="{{ (config('auth.login_autocomplete') === true) ? 'on' : 'off' }}">
{!! $errors->first('password', '<span class="alert-msg" aria-hidden="true"><i class="fas fa-times" aria-hidden="true"></i> :message</span>') !!}
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">