dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #4053 from angelej/global-password-policy

Browse Source 
Remove deprecated fortify password policy and add a stricter one
This commit is contained in:
Andras Bacsai
2024-10-29 10:13:10 +01:00
committed by GitHub
parent 898433bc4a 0938c60c1e
commit a17e3caf97
7 changed files with 26 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Actions/Fortify/CreateNewUser.php
View File

@@ -6,12 +6,11 @@ use App\Models\User;
use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator; use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rule; use Illuminate\Validation\Rule;
use Illuminate\Validation\Rules\Password;
use Laravel\Fortify\Contracts\CreatesNewUsers; use Laravel\Fortify\Contracts\CreatesNewUsers;
class CreateNewUser implements CreatesNewUsers class CreateNewUser implements CreatesNewUsers
{ {
use PasswordValidationRules;
/** /**
* Validate and create a newly registered user. * Validate and create a newly registered user.
* *
@@ -32,7 +31,7 @@ class CreateNewUser implements CreatesNewUsers
'max:255', 'max:255',
Rule::unique(User::class), Rule::unique(User::class),
], ],
'password' => $this->passwordRules(), 'password' => ['required', Password::defaults(), 'confirmed'],
])->validate(); ])->validate();
if (User::count() == 0) { if (User::count() == 0) {

18
app/Actions/Fortify/PasswordValidationRules.php
View File

@@ -1,18 +0,0 @@
<?php
namespace App\Actions\Fortify;
use Laravel\Fortify\Rules\Password;
trait PasswordValidationRules
{
/**
* Get the validation rules used to validate passwords.
*
* @return array<int, \Illuminate\Contracts\Validation\Rule|array|string>
*/
protected function passwordRules(): array
{
return ['required', 'string', new Password, 'confirmed'];
}
}

5
app/Actions/Fortify/ResetUserPassword.php
View File

@@ -5,12 +5,11 @@ namespace App\Actions\Fortify;
use App\Models\User; use App\Models\User;
use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator; use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rules\Password;
use Laravel\Fortify\Contracts\ResetsUserPasswords; use Laravel\Fortify\Contracts\ResetsUserPasswords;
class ResetUserPassword implements ResetsUserPasswords class ResetUserPassword implements ResetsUserPasswords
{ {
use PasswordValidationRules;
/** /**
* Validate and reset the user's forgotten password. * Validate and reset the user's forgotten password.
* *
@@ -19,7 +18,7 @@ class ResetUserPassword implements ResetsUserPasswords
public function reset(User $user, array $input): void public function reset(User $user, array $input): void
{ {
Validator::make($input, [ Validator::make($input, [
'password' => $this->passwordRules(), 'password' => ['required', Password::defaults(), 'confirmed'],
])->validate(); ])->validate();
$user->forceFill([ $user->forceFill([

5
app/Actions/Fortify/UpdateUserPassword.php
View File

@@ -5,12 +5,11 @@ namespace App\Actions\Fortify;
use App\Models\User; use App\Models\User;
use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator; use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rules\Password;
use Laravel\Fortify\Contracts\UpdatesUserPasswords; use Laravel\Fortify\Contracts\UpdatesUserPasswords;
class UpdateUserPassword implements UpdatesUserPasswords class UpdateUserPassword implements UpdatesUserPasswords
{ {
use PasswordValidationRules;
/** /**
* Validate and update the user's password. * Validate and update the user's password.
* *
@@ -20,7 +19,7 @@ class UpdateUserPassword implements UpdatesUserPasswords
{ {
Validator::make($input, [ Validator::make($input, [
'current_password' => ['required', 'string', 'current_password:web'], 'current_password' => ['required', 'string', 'current_password:web'],
'password' => $this->passwordRules(), 'password' => ['required', Password::defaults(), 'confirmed'],
], [ ], [
'current_password.current_password' => __('The provided password does not match your current password.'), 'current_password.current_password' => __('The provided password does not match your current password.'),
])->validateWithBag('updatePassword'); ])->validateWithBag('updatePassword');

13
app/Livewire/ForcePasswordReset.php
View File

@@ -4,6 +4,7 @@ namespace App\Livewire;
use DanHarrin\LivewireRateLimiting\WithRateLimiting; use DanHarrin\LivewireRateLimiting\WithRateLimiting;
use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rules\Password;
use Livewire\Component; use Livewire\Component;
class ForcePasswordReset extends Component class ForcePasswordReset extends Component
@@ -16,11 +17,13 @@ class ForcePasswordReset extends Component
public string $password_confirmation; public string $password_confirmation;
protected $rules = [ public function rules(): array
'email' => 'required|email', {
'password' => 'required|min:8', return [
'password_confirmation' => 'required|same:password', 'email' => ['required', 'email'],
]; 'password' => ['required', Password::defaults(), 'confirmed'],
];
}
public function mount() public function mount()
{ {

6
app/Livewire/Profile/Index.php
View File

@@ -3,6 +3,7 @@
namespace App\Livewire\Profile; namespace App\Livewire\Profile;
use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rules\Password;
use Livewire\Attributes\Validate; use Livewire\Attributes\Validate;
use Livewire\Component; use Livewire\Component;
@@ -48,9 +49,8 @@ class Index extends Component
{ {
try { try {
$this->validate([ $this->validate([
'current_password' => 'required', 'current_password' => ['required'],
'new_password' => 'required|min:8', 'new_password' => ['required', Password::defaults(), 'confirmed'],
'new_password_confirmation' => 'required|min:8|same:new_password',
]); ]);
if (! Hash::check($this->current_password, auth()->user()->password)) { if (! Hash::check($this->current_password, auth()->user()->password)) {
$this->dispatch('error', 'Current password is incorrect.'); $this->dispatch('error', 'Current password is incorrect.');

9
app/Providers/AppServiceProvider.php
View File

@@ -5,6 +5,7 @@ namespace App\Providers;
use App\Models\PersonalAccessToken; use App\Models\PersonalAccessToken;
use Illuminate\Support\Facades\Http; use Illuminate\Support\Facades\Http;
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
use Illuminate\Validation\Rules\Password;
use Laravel\Sanctum\Sanctum; use Laravel\Sanctum\Sanctum;
class AppServiceProvider extends ServiceProvider class AppServiceProvider extends ServiceProvider
@@ -15,6 +16,14 @@ class AppServiceProvider extends ServiceProvider
{ {
Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class); Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
Password::defaults(function () {
$rule = Password::min(8);
return $this->app->isProduction()
? $rule->mixedCase()->letters()->numbers()->symbols()
: $rule;
});
Http::macro('github', function (string $api_url, ?string $github_access_token = null) { Http::macro('github', function (string $api_url, ?string $github_access_token = null) {
if ($github_access_token) { if ($github_access_token) {
return Http::withHeaders([ return Http::withHeaders([