Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Confide 4.0 #209

Merged
merged 126 commits into from
Jul 20, 2014
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
126 commits
Select commit Hold shift + click to select a range
9895257
Destroyed everything in order to rebuild and start again
Zizaco Jan 30, 2014
b95e68e
Updated composer.json in order to remove the 'laravelbook/ardent' as …
Zizaco Jan 30, 2014
2722cde
Initial implementation of Confide\EloquentRepository.
Zizaco Jan 30, 2014
01f82b5
Added some querying methods to Confide\EloquentRepository
Zizaco Jan 30, 2014
f109a3b
Added Confide\EloquentPasswordService in order to handle password rem…
Zizaco Jan 30, 2014
c8339d6
Updated Mockery version in order to be able to allow mocking protecte…
Zizaco Jan 31, 2014
7489f2a
Updated the requestChangePassword test and added getEmailByToken meth…
Zizaco Jan 31, 2014
7511fb1
Changed the line where the brackets are openned. Wow
Zizaco Jan 31, 2014
de6f08d
Initial implementation of ServiceProvider with awesome testing in ord…
Zizaco Jan 31, 2014
a31dba7
Initial implementation of Interfaces for Repository and PasswordServi…
Zizaco Feb 1, 2014
d37bfab
Added Confide class the main entry point to the Confide usage.
Zizaco Feb 1, 2014
294b120
Added logAttempt method to Confide main class in order to actually lo…
Zizaco Feb 1, 2014
12d564d
Added forgotPassword method to the main Confide class.
Zizaco Feb 1, 2014
f3a1a93
Added logout, getUserByResetPasswordToken and view rendering helpers …
Zizaco Feb 1, 2014
e199d87
Added Confide Facade and the registerConfide implementation to the Se…
Zizaco Feb 1, 2014
3b565c8
Added the PasswordService to the ServiceProvider.
Zizaco Feb 1, 2014
c96e171
Added package information to class docblocks.
Zizaco Feb 1, 2014
eddc8da
Added LoginThrottleService in order to throttles too many failed logi…
Zizaco Feb 1, 2014
da635fb
Added the throttle service to the service provider in order to regist…
Zizaco Feb 1, 2014
22ca688
Added the LoginThrottleServiceInterface dependency injection to the m…
Zizaco Feb 1, 2014
2ad9871
Added the login throttling feature to Confide::logAttempt method.
Zizaco Feb 1, 2014
a20e28d
Added docblocks for Confide protected methods and adjusted the loginT…
Zizaco Feb 1, 2014
0725cb7
Added method declarations into interfaces in order to imply the inter…
Zizaco Feb 1, 2014
8209450
Added ConfideUserInterface in order to declare methods that should be…
Zizaco Feb 1, 2014
4b6c5f5
Added ConfideUser to the application in order to easly setup an User …
Zizaco Feb 1, 2014
94f1f9f
Added error method and MessageBag handling in ConfideUser and license…
Zizaco Feb 1, 2014
89ed8f6
Changed test name in order to be more objective.
Zizaco Feb 1, 2014
aa87876
Dropped the support of PHP 5.3. Since Laravel 4.2 doesn't support PHP…
Zizaco Feb 1, 2014
9142812
Updated ConfideUser class in order to actually be a trait in order to…
Zizaco Feb 1, 2014
30b0573
Updated ConfideUser DocBlocks since it is a trait from now on.
Zizaco Feb 1, 2014
80abb67
Deleted confide commands in order to rewrite then from the ground up.
Zizaco Feb 1, 2014
d520efe
Initial implementation of Confide's generate controller command.
Zizaco Feb 2, 2014
2ae4fb9
ControllerCommand now extends Support\GenerateCommand in order to abs…
Zizaco Feb 2, 2014
a6be365
Added getControllerName and getNamespace to ControllerCommand in orde…
Zizaco Feb 2, 2014
089c587
Fixed passed by reference problem in getControllerName.
Zizaco Feb 2, 2014
641ca84
Added more verbosity to the ControllerCommand output.
Zizaco Feb 3, 2014
e3d7c6a
Added filter in phpunit.xml in order to only look for test coverage i…
Zizaco Feb 13, 2014
a73f0f4
Added test coverage to the save method of the ConfideUser.
Zizaco Feb 13, 2014
55fcd02
Added MigrationCommand in order to generate the default confide migra…
Zizaco Feb 13, 2014
c479898
Merged master.
Zizaco Feb 13, 2014
4c04125
Added RoutesCommand in order to be able to append the default control…
Zizaco Feb 13, 2014
5f16e0d
Cleaned the MigrationCommandTest a little bit since the Config object…
Zizaco Feb 13, 2014
ab427e8
Improved how the PasswordService is tested.
Zizaco Feb 13, 2014
7682433
Added test in order to cover the possibility of no model name being s…
Zizaco Feb 13, 2014
f4054d7
Added an assertion for when trying to confirm an user with a wrong code.
Zizaco Feb 13, 2014
fa0ffc9
Implementation and test coverage of ServiceProver::registerCommands m…
Zizaco Feb 13, 2014
fa534c3
Refactored the commands in order to implement the constructor in the …
Zizaco Feb 13, 2014
4edc08b
Added generateFile and appendInFile implementation in abstract class …
Zizaco Feb 13, 2014
0b0d742
Tweaked MigrationCommand in order to match the file and the class name.
Zizaco Feb 13, 2014
6bb0a83
Tweaked ControllerCommand in order to actually create the namespace d…
Zizaco Feb 13, 2014
a3535ab
Tweaked RoutesCommand in order to write an url that is relative to th…
Zizaco Feb 13, 2014
cfdb4c9
Initial implementation of the actual generator views.
Zizaco Feb 13, 2014
39b87a3
Update 2013_01_13_172956_confide_setup_users_table.php
alairock Feb 24, 2014
ba0c190
Update migration.blade.php
alairock Feb 24, 2014
cf5d3f8
Renamed generators.user_repository view to simply repository
Zizaco Apr 16, 2014
0e0dfba
Temporary fix for action urls in default confide views
Zizaco Apr 16, 2014
c5bb39a
Added new UserInterface methods (that were introduced in Laravel 4.1.…
Zizaco Apr 16, 2014
4d47942
Added initial implementation of UserValidator
Zizaco Apr 16, 2014
306026f
Updated ConfideUser in order to use UserValidator inside the isValid …
Zizaco Apr 16, 2014
56c0a98
Updated Confide\ServiceProvider in order to register the default User…
Zizaco Apr 16, 2014
1a5f86e
Updated ConfideUser in order to fix isValid method. isValid should re…
Zizaco Apr 16, 2014
81f1963
Tweaked UserValidator in order clean password_confirmation attribute
Zizaco Apr 16, 2014
be14061
Fixed login attempt with uppercase usernames and tweaked throttling d…
Zizaco Apr 16, 2014
3679725
Fixed UserValidator password hashing with temporary implementation. S…
Zizaco Apr 16, 2014
a0a8593
Merged master branch into huge-update in order to include newest lang…
Zizaco Apr 16, 2014
97d43f5
Added actual implementation of UserValidator::validatePassword method…
Zizaco Apr 19, 2014
460444d
Update service provider location
andrew13 Apr 19, 2014
220d8cb
Added implementation of UserValidator::validateIsUnique in order to c…
Zizaco Apr 19, 2014
cff2f41
Merge branch 'huge-update' of github.com:Zizaco/confide into huge-update
Zizaco Apr 19, 2014
77ece2f
Added implementation of UserValidator::validateAttributes in order to…
Zizaco Apr 19, 2014
cfb74ef
Added docblock in UserValidator::validateAttributes in order to expla…
Zizaco Apr 19, 2014
f89c3aa
Added attachErrorMsg method to UserValidator in order to attach a mes…
Zizaco Apr 19, 2014
6f3aaa5
Added error MessageBag object to validatePassword and validateIsUniqu…
Zizaco Apr 19, 2014
b9f0629
Removed 'repository' option from ControllerCommand. There will be alw…
Zizaco Apr 19, 2014
69d1065
Tweaked UserRepository name
Zizaco Apr 19, 2014
df2561d
Added isThrottled method to the throttleService in order to get the t…
Zizaco Apr 19, 2014
43cf118
Added docblock to CacheLoginThrottleService::isThrottled method
Zizaco Apr 20, 2014
6b88d2c
Added the isThrottled method to the main Confide class in order to ca…
Zizaco Apr 20, 2014
69b309a
Merge pull request #227 from alairock/huge-update
andrew13 Jun 3, 2014
38f9b70
Tweaked GenerateCommandTest in order not to actually call PHP's mkdir…
Zizaco Jul 12, 2014
56112d3
Updated generators.repository view in order to correctly use the user…
Zizaco Jul 12, 2014
a1dbca4
Updated ControllerCommand and Support\GenerateCommand to respect the …
Zizaco Jul 12, 2014
9703102
Tweaked RoutesCommand in order to use a more friendly Url
Zizaco Jul 12, 2014
aff5172
Fixed implementation of how to check if the given credentials are thr…
Zizaco Jul 12, 2014
a74fc4e
Fixed routes command in order to match view urls
Zizaco Jul 12, 2014
905686d
Added remember_token to users table migration and also extension of I…
Zizaco Jul 12, 2014
072476f
Tweaked how the user password reset will be handled
Zizaco Jul 12, 2014
ddd51bf
Updated README.md file in order to match 4.0.0 Beta 1 changes
Zizaco Jul 13, 2014
780d5f2
Merge branch 'master' into huge-update
Zizaco Jul 13, 2014
617e3aa
Updated Zizaco\Confide\ConfideUserTest in order to match method name…
Zizaco Jul 13, 2014
bd390d5
Updated Readme in order to include version locking to the troubleshoo…
Zizaco Jul 13, 2014
be9fac2
Tweaked some implementations regarding confirmation and lost password…
Zizaco Jul 13, 2014
144391a
Added new badges to README.md
Zizaco Jul 13, 2014
b4291bf
Removed unused 'use' statements
Zizaco Jul 13, 2014
1c0ba48
Added a separated lang file for informal Dutch
Zizaco Jul 13, 2014
479bdbe
Added Scruntinizer badge to README file
Zizaco Jul 13, 2014
b005360
Tweaked php tag in templates in order to avoid mistakes in interpreters
Zizaco Jul 13, 2014
7e8938e
Added branch alias
GrahamCampbell Jul 13, 2014
5c9c96d
Updated dev-dependencies
GrahamCampbell Jul 13, 2014
e39125e
Update .travis.yml
GrahamCampbell Jul 13, 2014
5d8171e
Merge pull request #302 from GrahamCampbell/patch-3
Zizaco Jul 13, 2014
8fbf582
Merge pull request #303 from GrahamCampbell/patch-4
Zizaco Jul 13, 2014
5d13a42
Added coveralls configuration and support package in order to track t…
Zizaco Jul 13, 2014
fd37c99
Tweaked .travis.yml and added coveralls badge to README.md
Zizaco Jul 13, 2014
27df839
Updated mockery to ~0.9 to fix preg_match() error in Mockery/Expectat…
Zizaco Jul 13, 2014
35e9a19
Tweaked .travis.yml to use phpunit.xml.dist in order produce the clov…
Zizaco Jul 13, 2014
91ce84e
Added unit tests for methods that were not covered
Zizaco Jul 13, 2014
f7cf607
Update composer.json
GrahamCampbell Jul 13, 2014
a1cd82f
Merge pull request #306 from GrahamCampbell/patch-1
Zizaco Jul 13, 2014
19f3eb7
Added info about how to use a custom validator
Zizaco Jul 14, 2014
7c3b0e4
Removed curly brackets usage around opening php tag in order to avoid…
Zizaco Jul 16, 2014
a6c90f5
Fixed bug of validating attributes when the password was in the Eloqu…
Zizaco Jul 16, 2014
db3b5ce
Updated EloquentPasswordService in order to use the user model attri…
Zizaco Jul 17, 2014
59109e7
Added destroyToken method to PasswordService in order to be able to r…
Zizaco Jul 17, 2014
b060bd4
Added destroyForgotPasswordToken to Confide main class in order to pr…
Zizaco Jul 17, 2014
e0dc5cf
Updated EloquentPasswordService in order to retrieve connection name …
Zizaco Jul 17, 2014
7876f0a
Updated EloquentPasswordService::getEmailByToken in order to use an o…
Zizaco Jul 17, 2014
139d44b
Improved UserValidator in order to attach an error MessageBag instead…
Zizaco Jul 17, 2014
73d873f
Updated .travis.yml in order to allow_failure for non-stable PHP 5.6
Zizaco Jul 17, 2014
93f3ba1
Updated release notes in README.md
Zizaco Jul 17, 2014
07d1bda
Updated README.md in order to include troubleshoot
Zizaco Jul 18, 2014
c2ada2b
Improve default UserValidator behavior
gabrielalmeida Jul 20, 2014
e113fc5
Merge pull request #318 from gabrielalmeida/huge-update
Zizaco Jul 20, 2014
b9081d4
Config to be able to customize the duration of the reset password req…
Zizaco Jul 20, 2014
267bd49
Merged master minor changes of 3.2
Zizaco Jul 20, 2014
d4ffb97
Updated README.md in order to include information about the Beta 3
Zizaco Jul 20, 2014
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .coveralls.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# .coveralls.yml example configuration

# service name
service_name: travis-ci

# for php-coveralls
src_dir: src
coverage_clover: build/logs/clover.xml
json_path: build/logs/coveralls-upload.json
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,2 @@
/vendor
composer.lock
.DS_Store
21 changes: 16 additions & 5 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,22 @@
language: php

php:
- 5.3
php:
- 5.4
- 5.5
- 5.6
- hhvm

matrix:
allow_failures:
- php: 5.6

before_script:
- curl -s http://getcomposer.org/installer | php
- php composer.phar install --dev
- travis_retry composer self-update
- travis_retry composer install --no-interaction --prefer-source --dev

script:
- mkdir -p build/logs
- vendor/bin/phpunit -c phpunit.xml.dist --verbose

script: phpunit
after_script:
- php vendor/bin/coveralls -v
240 changes: 118 additions & 122 deletions README.md

Large diffs are not rendered by default.

20 changes: 11 additions & 9 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
"authors": [
{
"name": "Zizaco Zizuini",
"email": "zizaco@gmail.com",
"homepage": "http://www.zizaco.net"
},
{
Expand All @@ -15,14 +14,16 @@
}
],
"require": {
"php": ">=5.3.0",
"illuminate/support": "~4.1",
"laravelbook/ardent": "~2.4"
"php": ">=5.4.0",
"illuminate/support": "~4.2"
},
"require-dev": {
"mockery/mockery": "~0.8",
"illuminate/database": "~4.1",
"illuminate/auth": "~4.1"
"illuminate/database": "~4.2",
"illuminate/auth": "~4.2",
"illuminate/console": "~4.2",
"phpunit/phpunit": "~4.0",
"satooshi/php-coveralls": "~0.7",
"mockery/mockery": "~0.9"
},
"suggest": {
"zizaco/entrust":"add Role-based Permissions to Laravel 4"
Expand All @@ -38,7 +39,8 @@
},
"extra": {
"branch-alias": {
"dev-master": "3.2-dev"
"dev-huge-update": "4.0-dev"
}
}
},
"minimum-stability": "dev"
}
8 changes: 7 additions & 1 deletion phpunit.xml
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,15 @@
stopOnFailure="false"
syntaxCheck="false"
>
<filter>
<whitelist processUncoveredFilesFromWhitelist="true">
<directory suffix=".php">./src/Zizaco</directory>
<directory suffix=".php">./src/commands</directory>
</whitelist>
</filter>
<testsuites>
<testsuite name="Package Test Suite">
<directory>./tests/</directory>
</testsuite>
</testsuites>
</phpunit>
</phpunit>
27 changes: 27 additions & 0 deletions phpunit.xml.dist
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit backupGlobals="false"
backupStaticAttributes="false"
bootstrap="vendor/autoload.php"
colors="true"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false"
stopOnFailure="false"
syntaxCheck="false"
>
<filter>
<whitelist processUncoveredFilesFromWhitelist="true">
<directory suffix=".php">./src/Zizaco</directory>
<directory suffix=".php">./src/commands</directory>
</whitelist>
</filter>
<testsuites>
<testsuite name="Package Test Suite">
<directory>./tests/</directory>
</testsuite>
</testsuites>
<logging>
<log type="coverage-clover" target="build/logs/clover.xml"/>
</logging>
</phpunit>
106 changes: 106 additions & 0 deletions src/Zizaco/Confide/CacheLoginThrottleService.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
<?php namespace Zizaco\Confide;

/**
* The LoginThrottle is a service that Throttles login after
* too many failed attempts. This is a secure measure in
* order to avoid brute force attacks.
*
* @license MIT
* @package Zizaco\Confide
*/
class CacheLoginThrottleService implements LoginThrottleServiceInterface
{
/**
* Laravel application
*
* @var \Illuminate\Foundation\Application
*/
public $app;

/**
* Create a new PasswordService
*
* @param \Illuminate\Foundation\Application $app Laravel application object
* @return void
*/
public function __construct($app = null)
{
$this->app = $app ?: app();
}

/**
* Increments the count for the given identity by one and
* also returns the current value for that identity.
*
* @param mixed $identity The login identity
* @return integer How many times that same identity was used
*/
public function throttleIdentity($identity)
{
$identity = $this->parseIdentity($identity);

// Increments and also retuns the current count
return $this->countThrottle($identity);
}

/**
* Tells if the given identity has reached the throttle_limit
* @param mixed $identity The login identity
* @return boolean True if the identity has reached the throttle_limit
*/
public function isThrottled($identity)
{
$identity = $this->parseIdentity($identity);

// Retuns the current count
$count = $this->countThrottle($identity, 0);

return $count >= $this->app['config']->get('confide::throttle_limit');
}

/**
* Parse the given identity in order to return a string with
* the relevant fields. I.E: if the attacker tries to use a
* bunch of different passwords, the identity will still be the
* same.
* @param $mixed $identity
* @return string $identityString
*/
protected function parseIdentity($identity)
{
// If is an array, remove password, remember and then
// transforms it into a string.
if (is_array($identity))
{
unset($identity['password']);
unset($identity['remember']);
$identity = serialize($identity);
}

return $identity;
}

/**
* Increments the count for the given string by one stores
* it into cache and returns the current value for that
* identity.
*
* @param string $identityString
* @param integer $increments Amount that is going to be added to the throttling attemps for the given identity
* @return integer How many times that same string was used
*/
protected function countThrottle($identityString, $increments = 1)
{
$count = $this->app['cache']
->get('login_throttling:'.md5($identityString), 0);

$count = $count + $increments;

$ttl = $this->app['config']->get('confide::throttle_time_period');

$this->app['cache']
->put('login_throttling:'.md5($identityString), $count, $ttl);

return $count;
}
}
Loading