Feature/magic link #1116
Feature/magic link #1116
Conversation
ajibarra
force-pushed
the
feature/magic-link
branch
14 times, most recently
from
3b648c4 to
8117aed
Compare
ajibarra
force-pushed
the
feature/magic-link
branch
from
8117aed to
373112b
Compare
| @@ -13,7 +13,7 @@ jobs: | |||
| strategy: | |||
| fail-fast: false | |||
| matrix: | |||
| php-version: ['8.1', '8.2', '8.3'] | |||
| php-version: ['8.2', '8.3', '8.4'] | |||
There was a problem hiding this comment.
we'll need to keep 8.1 to max compatibility with cakephp 5
|
|
||
| ReCaptcha | ||
| ---------------- | ||
| ReCaptcha will be added automatically to the request login link form if `Users.reCaptcha.login` is enabled. |
There was a problem hiding this comment.
I would add We strongly recommend having ReCaptcha enabled, because it's a public form that could be targeted by an attacker to send multiple requests
| @@ -41,6 +41,7 @@ trait PasswordManagementTrait | |||
| */ | |||
| public function changePassword($id = null) | |||
| { | |||
| /** @var \CakeDC\Users\Model\Entity\User $user */ | |||
There was a problem hiding this comment.
It might not be a User entity if the user has the Users table override
| @@ -42,6 +42,7 @@ public function profile($id = null) | |||
| try { | |||
| $appContain = (array)Configure::read('Auth.Profile.contain'); | |||
| $socialContain = Configure::read('Users.Social.login') ? ['SocialAccounts'] : []; | |||
| /** @var \CakeDC\Users\Model\Entity\User $user */ | |||
There was a problem hiding this comment.
It might not be a User entity if the user has the Users table override
| public function sendLoginLink(string $name): void | ||
| { | ||
| $table = $this->table(); | ||
| /** @var \CakeDC\Users\Model\Entity\User|null $user */ |
There was a problem hiding this comment.
It might not be a User entity if the user has the Users table override
| ], [ | ||
| 'id' => $user->id, | ||
| ]); | ||
| /** @var \CakeDC\Users\Model\Entity\User|null $user */ |
There was a problem hiding this comment.
It might not be a User entity if the user has the Users table override
| */ | ||
| public function requestTokenSend(string $username): void | ||
| { | ||
| /** @var \CakeDC\Users\Model\Entity\User|null $user */ |
There was a problem hiding this comment.
It might not be a User entity if the user has the Users table override
| ->find('byOneTimeToken', ['token' => $token]) | ||
| ->first(); | ||
|
|
||
| if ($user && ($user->login_token_date >= DateTime::now()->subSeconds($lifeTime))) { |
| } | ||
|
|
||
| return $query->where([ | ||
| 'OR' => [ |
| @@ -73,7 +73,9 @@ public function __construct(ServerRequest $request, ?UsersTable $usersTable = nu | |||
| $userSession = $request->getSession()->read('Webauthn2fa.User'); | |||
| $usersTable = $usersTable ?? TableRegistry::getTableLocator() | |||
| ->get($userSession->getSource()); | |||
| $this->user = $usersTable->get($userSession->id); | |||
| /** @var \CakeDC\Users\Model\Entity\User $user */ | |||
There was a problem hiding this comment.
It might not be a User entity if the user has the Users table override
No description provided.