mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-11 05:32:39 +01:00
Merge pull request #5070 from turbo124/v5-develop
Customize the password protect timeout
This commit is contained in:
David Bomba
GitHub
commit
c6adc60c07
@ -1 +1 @@
|
||||
5.1.15
|
||||
5.1.16
|
||||
@ -35,6 +35,7 @@ class CompanyFactory
|
||||
$company->custom_fields = (object) [];
|
||||
$company->subdomain = '';
|
||||
$company->enabled_modules = config('ninja.enabled_modules'); //32767;//8191; //4095
|
||||
$company->default_password_timeout = 30;
|
||||
|
||||
return $company;
|
||||
}
|
||||
|
||||
@ -28,7 +28,6 @@ class UserFactory
|
||||
$user->failed_logins = 0;
|
||||
$user->signature = '';
|
||||
$user->theme_id = 0;
|
||||
$user->default_password_timeout = 30;
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ class TwoFactorController extends BaseController
|
||||
|
||||
$data = [
|
||||
'secret' => $secret,
|
||||
'qrCode' => $qrCode,
|
||||
'qrCode' => $qr_code,
|
||||
];
|
||||
|
||||
return response()->json(['data' => $data], 200);
|
||||
|
||||
@ -31,22 +31,23 @@ class PasswordProtection
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
// {nlog($request->headers->all());
|
||||
// nlog($request->all());
|
||||
|
||||
$error = [
|
||||
'message' => 'Invalid Password',
|
||||
'errors' => new stdClass,
|
||||
];
|
||||
|
||||
nlog(Cache::get(auth()->user()->hashed_id.'_logged_in'));
|
||||
nlog($request->header('X-API-OAUTH-PASSWORD'));
|
||||
$timeout = auth()->user()->company()->default_password_timeout;
|
||||
|
||||
if($timeout == 0)
|
||||
$timeout = null;
|
||||
else
|
||||
$timeout = now()->addMinutes($timeout);
|
||||
|
||||
if (Cache::get(auth()->user()->hashed_id.'_logged_in')) {
|
||||
|
||||
Cache::pull(auth()->user()->hashed_id.'_logged_in');
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
|
||||
|
||||
return $next($request);
|
||||
|
||||
@ -68,12 +69,12 @@ class PasswordProtection
|
||||
//If OAuth and user also has a password set - check both
|
||||
if ($existing_user = MultiDB::hasUser($query) && auth()->user()->has_password && Hash::check(auth()->user()->password, $request->header('X-API-PASSWORD'))) {
|
||||
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
|
||||
return $next($request);
|
||||
}
|
||||
elseif($existing_user = MultiDB::hasUser($query) && !auth()->user()->has_password){
|
||||
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
@ -83,7 +84,7 @@ class PasswordProtection
|
||||
|
||||
}elseif ($request->header('X-API-PASSWORD') && Hash::check($request->header('X-API-PASSWORD'), auth()->user()->password)) {
|
||||
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), now()->addMinutes(30));
|
||||
Cache::add(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
|
||||
|
||||
return $next($request);
|
||||
|
||||
|
||||
@ -86,6 +86,7 @@ class Company extends BaseModel
|
||||
'session_timeout',
|
||||
'oauth_password_required',
|
||||
'invoice_task_datelog',
|
||||
'default_password_timeout',
|
||||
];
|
||||
|
||||
protected $hidden = [
|
||||
|
||||
@ -82,7 +82,6 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
'custom_value4',
|
||||
'is_deleted',
|
||||
'google_2fa_secret',
|
||||
'default_password_timeout',
|
||||
];
|
||||
|
||||
/**
|
||||
|
||||
@ -154,6 +154,7 @@ class CompanyTransformer extends EntityTransformer
|
||||
'expense_amount_is_pretax' =>(bool)true, //@deprecate 1-2-2021
|
||||
'oauth_password_required' => (bool)$company->oauth_password_required,
|
||||
'session_timeout' => (int)$company->session_timeout,
|
||||
'default_password_timeout' => (int) $company->default_password_timeout,
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@ return [
|
||||
'require_https' => env('REQUIRE_HTTPS', true),
|
||||
'app_url' => rtrim(env('APP_URL', ''), '/'),
|
||||
'app_domain' => env('APP_DOMAIN', ''),
|
||||
'app_version' => '5.1.15',
|
||||
'app_version' => '5.1.16',
|
||||
'minimum_client_version' => '5.0.16',
|
||||
'terms_version' => '1.0.1',
|
||||
'api_secret' => env('API_SECRET', false),
|
||||
|
||||
@ -37,7 +37,6 @@ class UserFactory extends Factory
|
||||
'email_verified_at' => now(),
|
||||
'password' => bcrypt(config('ninja.testvars.password')), // secret
|
||||
'remember_token' => \Illuminate\Support\Str::random(10),
|
||||
'default_password_timeout' => 30,
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use App\Models\Company;
|
||||
use App\Models\Language;
|
||||
use App\Models\User;
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
@ -21,11 +22,11 @@ class AddRussianLang extends Migration
|
||||
Language::unguard();
|
||||
Language::create($russian);
|
||||
|
||||
Schema::table('users', function (Blueprint $table) {
|
||||
Schema::table('companies', function (Blueprint $table) {
|
||||
$table->integer('default_password_timeout')->default(30);
|
||||
});
|
||||
|
||||
User::whereNotNull('id')->update(['default_password_timeout' => 30]);
|
||||
Company::whereNotNull('id')->update(['default_password_timeout' => 30]);
|
||||
|
||||
}
|
||||
|
||||
|
||||
@ -11,73 +11,70 @@
|
||||
<p><img src="{{ $company->present()->logo() }}"></p>
|
||||
|
||||
@if(isset($company) && $company->clients->count() >=1)
|
||||
<p><b>Clients Imported:</b> {{ $company->clients->count() }} </p>
|
||||
<p><b>{{ ctrans('texts.clients') }}:</b> {{ $company->clients->count() }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->products) >=1)
|
||||
<p><b>Products Imported:</b> {{ count($company->products) }} </p>
|
||||
<p><b>{{ ctrans('texts.products') }}:</b> {{ count($company->products) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->invoices) >=1)
|
||||
<p><b>Invoices Imported:</b> {{ count($company->invoices) }} </p>
|
||||
|
||||
<p>To test your PDF generation is working correctly, click <a href="{{$company->invoices->first()->invitations->first()->getLink() }}">here</a>. We've also attempted to attach the PDF to this email.
|
||||
|
||||
<p><b>{{ ctrans('texts.invoices') }}:</b> {{ count($company->invoices) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->payments) >=1)
|
||||
<p><b>Payments Imported:</b> {{ count($company->payments) }} </p>
|
||||
<p><b>{{ ctrans('texts.payments') }}:</b> {{ count($company->payments) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->recurring_invoices) >=1)
|
||||
<p><b>Recurring Invoices Imported:</b> {{ count($company->recurring_invoices) }} </p>
|
||||
<p><b>{{ ctrans('texts.recurring_invoices') }}:</b> {{ count($company->recurring_invoices) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->quotes) >=1)
|
||||
<p><b>Quotes Imported:</b> {{ count($company->quotes) }} </p>
|
||||
<p><b>{{ ctrans('texts.quotes') }}:</b> {{ count($company->quotes) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->credits) >=1)
|
||||
<p><b>Credits Imported:</b> {{ count($company->credits) }} </p>
|
||||
<p><b>{{ ctrans('texts.credits') }}:</b> {{ count($company->credits) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->projects) >=1)
|
||||
<p><b>Projects Imported:</b> {{ count($company->projects) }} </p>
|
||||
<p><b>{{ ctrans('texts.projects') }}:</b> {{ count($company->projects) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->tasks) >=1)
|
||||
<p><b>Tasks Imported:</b> {{ count($company->tasks) }} </p>
|
||||
<p><b>{{ ctrans('texts.tasks') }}:</b> {{ count($company->tasks) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->vendors) >=1)
|
||||
<p><b>Vendors Imported:</b> {{ count($company->vendors) }} </p>
|
||||
<p><b>{{ ctrans('texts.vendors') }}:</b> {{ count($company->vendors) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->expenses) >=1)
|
||||
<p><b>Expenses Imported:</b> {{ count($company->expenses) }} </p>
|
||||
<p><b>{{ ctrans('texts.expenses') }}:</b> {{ count($company->expenses) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->company_gateways) >=1)
|
||||
<p><b>Gateways Imported:</b> {{ count($company->company_gateways) }} </p>
|
||||
<p><b>{{ ctrans('texts.gateways') }}:</b> {{ count($company->company_gateways) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->client_gateway_tokens) >=1)
|
||||
<p><b>Client Gateway Tokens Imported:</b> {{ count($company->client_gateway_tokens) }} </p>
|
||||
<p><b>{{ ctrans('texts.tokens') }}:</b> {{ count($company->client_gateway_tokens) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->tax_rates) >=1)
|
||||
<p><b>Tax Rates Imported:</b> {{ count($company->tax_rates) }} </p>
|
||||
<p><b>{{ ctrans('texts.tax_rates') }}:</b> {{ count($company->tax_rates) }} </p>
|
||||
@endif
|
||||
|
||||
@if(isset($company) && count($company->documents) >=1)
|
||||
<p><b>Documents Imported:</b> {{ count($company->documents) }} </p>
|
||||
<p><b>{{ ctrans('texts.documents') }}:</b> {{ count($company->documents) }} </p>
|
||||
@endif
|
||||
|
||||
<p><b>Data Quality:</b></p>
|
||||
<p> {!! $check_data !!} </p>
|
||||
|
||||
@if(!empty($errors) )
|
||||
<p>The following import errors occurred:</p>
|
||||
<p>{{ ctrans('texts.errors') }}:</p>
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user