DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-09 23:24:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #13457 from snipe/fixes/remove_autocomplete_off_on_login

Browse source 
Fixed #13365 - Added LOGIN_AUTOCOMPLETE as env var
This commit is contained in:
snipe 2023-08-15 20:55:05 +01:00 committed by GitHub
parent 297390ae63 24a3e0ee83
commit 7eaf3174ab
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.example
View file

@ -149,6 +149,7 @@ AWS_DEFAULT_REGION=null
# --------------------------------------------
LOGIN_MAX_ATTEMPTS=5
LOGIN_LOCKOUT_DURATION=60
LOGIN_AUTOCOMPLETE=false
# --------------------------------------------
# OPTIONAL: FORGOTTEN PASSWORD SETTINGS

12
config/auth.php
View file

@ -132,4 +132,16 @@ return [
'password_timeout' => env('PASSWORD_CONFIRM_TIMEOUT', 10800),
/*
|--------------------------------------------------------------------------
| Login form autocomplete
|--------------------------------------------------------------------------
|
| Determine whether to include autocomplete="off" on the login form. Some users may want to disable
| autocomplete for compliance with security requirements.
|
*/
'login_autocomplete' => env('LOGIN_AUTOCOMPLETE', false),
];

7
resources/views/auth/login.blade.php
View file

@ -4,9 +4,10 @@
{{-- Page content --}}
@section('content')
<form role="form" action="{{ url('/login') }}" method="POST" autocomplete="false">
<form role="form" action="{{ url('/login') }}" method="POST" autocomplete="{{ (config('auth.login_autocomplete') === true) ? 'on' : 'off' }}">
<input type="hidden" name="_token" value="{{ csrf_token() }}" />
<!-- this is a hack to prevent Chrome from trying to autocomplete fields -->
<input type="text" name="prevent_autofill" id="prevent_autofill" value="" style="display:none;" aria-hidden="true">
<input type="password" name="password_fake" id="password_fake" value="" style="display:none;" aria-hidden="true">
@ -45,12 +46,12 @@
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}">
<label for="username"><i class="fas fa-user" aria-hidden="true"></i> {{ trans('admin/users/table.username') }}</label>
<input class="form-control" placeholder="{{ trans('admin/users/table.username') }}" name="username" type="text" id="username" autocomplete="off" autofocus>
<input class="form-control" placeholder="{{ trans('admin/users/table.username') }}" name="username" type="text" id="username" autocomplete="{{ (config('auth.login_autocomplete') === true) ? 'on' : 'off' }}" autofocus>
{!! $errors->first('username', '<span class="alert-msg" aria-hidden="true"><i class="fas fa-times" aria-hidden="true"></i> :message</span>') !!}
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password"><i class="fa fa-key" aria-hidden="true"></i> {{ trans('admin/users/table.password') }}</label>
<input class="form-control" placeholder="{{ trans('admin/users/table.password') }}" name="password" type="password" id="password" autocomplete="off">
<input class="form-control" placeholder="{{ trans('admin/users/table.password') }}" name="password" type="password" id="password" autocomplete="{{ (config('auth.login_autocomplete') === true) ? 'on' : 'off' }}">
{!! $errors->first('password', '<span class="alert-msg" aria-hidden="true"><i class="fas fa-times" aria-hidden="true"></i> :message</span>') !!}
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">