Commit graph

157 commits

Author SHA1 Message Date
snipe ae9085b11f Modernize use statements, switch to auth()
Signed-off-by: snipe <snipe@snipe.net>
2024-07-04 20:49:22 +01:00
snipe 9a0db72eb4 More strings
Signed-off-by: snipe <snipe@snipe.net>
2024-06-20 15:40:38 +01:00
snipe e11a42cf68 Re-use login string
Signed-off-by: snipe <snipe@snipe.net>
2024-06-20 15:32:00 +01:00
snipe 9594596b8a Fixed another hard-coded string
Signed-off-by: snipe <snipe@snipe.net>
2024-06-20 15:22:27 +01:00
snipe df1cef59d5 Fixes path for redirect response
Signed-off-by: snipe <snipe@snipe.net>
2024-05-29 18:01:40 +01:00
snipe fb233c0aa4 Cleaned up facade names and references
Signed-off-by: snipe <snipe@snipe.net>
2024-05-29 12:38:15 +01:00
Brady Wetherington 81b8243e1d Enforce SAML assertion ID uniqueness and notValidOnOrAfter attribute 2024-01-25 19:53:24 +00:00
snipe 45d9119733 Removed debugging/comments
Signed-off-by: snipe <snipe@snipe.net>
2023-11-22 22:32:34 +00:00
snipe 8481768c3d Save quietly for login methods
Signed-off-by: snipe <snipe@snipe.net>
2023-11-22 21:42:21 +00:00
snipe b54e7dc3ee Fixed #13336 - Save unhashed password if no password provided
Signed-off-by: snipe <snipe@snipe.net>
2023-07-19 17:44:40 +01:00
snipe 29c2ff56ec
Merge pull request #12188 from snipe/fixes/decrease_logging_for_saml_when_not_enabled
Removed extra logging case that was very noisy
2022-12-15 11:26:49 -08:00
snipe c3a6874b16 Add throttle for password reset form
Signed-off-by: snipe <snipe@snipe.net>
2022-12-06 20:42:40 -08:00
snipe 1fe0bfe17e Removed extra logging case that was very noisy
Signed-off-by: snipe <snipe@snipe.net>
2022-11-28 19:27:42 -08:00
Ivan Nieto Vivanco 3aff97ace1 Remove the previous user hashed password 2022-09-06 18:43:35 -05:00
snipe af7ccf3beb Handle logout route names
Signed-off-by: snipe <snipe@snipe.net>
2022-08-01 16:17:40 -07:00
snipe ee4f355e49 Changed logging to debug
Signed-off-by: snipe <snipe@snipe.net>
2022-07-05 17:58:45 -07:00
snipe a5b857c753 Return error if token is incorrect
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 19:30:51 -07:00
snipe a31bca1798 Check that the user is activated before letting them reset their password
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 18:48:02 -07:00
snipe 7f8fc7add9 Make SAML debugging less noisy
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 17:57:17 -07:00
snipe f4f400ed87 Handle workflow better for invalid users
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 16:13:43 -07:00
snipe a49ccf0863 Removed unused rules
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 16:13:26 -07:00
snipe 300879847f Added a few comments to make it clearer what’s happening
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 14:33:10 -07:00
snipe 21875100b6 Fixed missing password.token string and checked for user existing before trying to reset
Signed-off-by: snipe <snipe@snipe.net>
2022-06-21 14:15:38 -07:00
Brady Wetherington b4a0d33ba8 Reduce logging further; we know the main error condition now 2022-05-17 19:57:42 -07:00
Brady Wetherington 6c86a28d18 Pass the password along directly instead of retrieving it from the Input or Request 2022-05-16 10:58:27 -07:00
Johnson Yi 4401dab8d6 fix saml slo for logout 2022-05-14 11:59:34 +00:00
Brady Wetherington 0ddb0f2c81 Switch the barcode backend to SVG, and fix the two-factor middleware 2022-05-13 14:22:27 -07:00
snipe 780222d372 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	resources/views/users/print.blade.php
2022-05-10 17:26:26 -07:00
snipe 4fccf4ddc4 Few more log lines
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:27:42 -07:00
snipe f4e737eaf3 More SAML debugging
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:14:22 -07:00
snipe f572eaa421 Added debugging for SAML login
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:07:07 -07:00
snipe 784bf4d784 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.github/ISSUE_TEMPLATE/feature_request.yml
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/ReportsController.php
#	config/version.php
#	package-lock.json
#	package.json
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/views/users/print.blade.php
#	webpack.mix.js
2022-05-06 01:52:43 -07:00
snipe b20921cb62 Removed duplicate session regenerate
Signed-off-by: snipe <snipe@snipe.net>
2022-05-05 21:35:05 -07:00
Johnson Yi 92fe1287ea Do not saml login automatically after normal logout 2022-04-29 15:35:08 +00:00
snipe b876d0abb0 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.env.example
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Kernel.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/Accessory.php
#	app/Models/Consumable.php
#	app/Presenters/AccessoryPresenter.php
#	app/Presenters/ComponentPresenter.php
#	app/Presenters/ConsumablePresenter.php
#	app/Providers/AuthServiceProvider.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/cors.php
#	config/version.php
#	package-lock.json
#	public/js/build/app.js
#	public/js/build/app.js.LICENSE.txt
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/views/accessories/view.blade.php
#	resources/views/consumables/view.blade.php
#	resources/views/settings/saml.blade.php
#	routes/api.php
2022-03-03 21:59:38 -08:00
snipe 42fcd29200 Fixed #10436 on master, applies #10449
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 21:06:54 -08:00
snipe dd5f812d88 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Console/Commands/FixDoubleEscape.php
#	app/Console/Commands/LdapSync.php
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetMaintenancesController.php
#	app/Http/Controllers/Api/AssetModelsController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/CategoriesController.php
#	app/Http/Controllers/Api/CompaniesController.php
#	app/Http/Controllers/Api/DepartmentsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/ManufacturersController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/SuppliersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Models/Loggable.php
#	app/Providers/AuthServiceProvider.php
#	config/version.php
#	database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
#	database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php
#	package-lock.json
#	package.json
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/forms/asset-models/fieldset-default-values.vue
#	resources/views/hardware/view.blade.php
2022-02-20 13:29:12 -08:00
snipe 4f89dfee49
Merge pull request #10679 from snipe/fixes/timing_attack_mitigation_for_forgot_password
Added usleep random to forgotten password method to mitigate timing attacks
2022-02-16 11:17:00 -07:00
snipe f878e0ad66 Fixes 2FA cookie -> user issue
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:29:23 -08:00
snipe 178e440951 Added usleep :(
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:09:58 -08:00
Alex Janes edef640d35
Merge branch 'develop' into features/lock_logins_to_saml 2022-01-11 09:05:14 -05:00
Alex Janes a68ec8bb57
Update LoginController.php
Updated if statements to match convention exactly.
2021-12-17 18:52:42 -05:00
Alex Janes d99db5c63b bug fix and formatting fix 2021-12-16 19:04:37 -05:00
Alex Janes 6898119891 Replaced env() with config() to check environment variables
Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
2021-12-16 16:56:39 -05:00
Alex Janes a6116a1b15 If SAML required, don't accept login form post. 2021-12-16 14:33:25 -05:00
Alex Janes 3c8d70c5fb Add option to environment to require SAML for a more secure installation. 2021-12-16 11:44:07 -05:00
Brady Wetherington 864cc4f8d5 Fix FIXME's by downgrading them to TODO's :) 2021-11-10 11:37:10 -08:00
Brady Wetherington a58c5ce27f Better documentation, disable AdLdap2-based "Add domain" setting 2021-11-08 17:11:47 -08:00
Brady Wetherington b0417e5bd7 Finish pulling out the AdLdap2-based LDAP remnants that were still in the system 2021-11-03 15:22:06 -07:00
Steven Daniele efc644c960 support apache REDIRECT_* for remote user login 2021-10-28 14:23:38 -04:00