Skip to content

Commit

Permalink
fix auth security issues
Browse files Browse the repository at this point in the history
  • Loading branch information
@gheorghelupu17
gheorghelupu17 committed Apr 25, 2024
1 parent a591c9f commit a3a2ff4
Show file tree
Hide file tree
Showing 20 changed files with 19 additions and 425 deletions.
2 changes: 1 addition & 1 deletion app/Http/Requests/Project/StoreRequest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,12 +51,12 @@ public function rules(): array
'preview' => ['file', 'nullable'],
];
}

public function messages()
{
return[
'start.after_or_equal' => __('custom_validation.project.start.after_or_equal'),
'end.after' => __('custom_validation.project.end.after'),
];

}
}
13 changes: 12 additions & 1 deletion app/Http/Requests/RegistrationRequest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@

use App\Rules\ValidCIF;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rules\Password;

class RegistrationRequest extends FormRequest
{
Expand All @@ -23,7 +24,17 @@ public function rules(): array
'user' => ['required', 'array'],
'user.name' => ['required', 'string'],
'user.email' => ['required', 'email', 'unique:users,email'],
'user.password' => ['required', 'string', 'confirmed'],
'user.password' => [
'required',
'string',
'confirmed',
Password::min(8)
->mixedCase()
->letters()
->numbers()
->symbols()
->uncompromised(),
],
];

if ($this->type === 'organization') {
Expand Down
4 changes: 4 additions & 0 deletions app/Providers/RouteServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,10 @@ protected function configureRateLimiting(): void
return Limit::perMinute(config('throttle.register_limit'))->by($request->ip());
});

RateLimiter::for('login', function (Request $request) {
return Limit::perMinute(config('throttle.login_limit'))->by($request->ip());
});

RateLimiter::for('make-donation', function (Request $request) {
return Limit::perMinute(config('throttle.donation_limit'))->by($request->user()?->id ?: $request->ip());
});
Expand Down
2 changes: 1 addition & 1 deletion config/filament-breezy.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@
|--------------------------------------------------------------------------
| Enable or disable registration.
*/
'enable_registration' => true,
'enable_registration' => false,
/*
|--------------------------------------------------------------------------
| Path to registration Livewire component.
Expand Down
21 changes: 0 additions & 21 deletions public/.htaccess
View file

This file was deleted.

Empty file removed resources/views/vendor/filament-breezy/.gitkeep
View file
Empty file.
22 changes: 0 additions & 22 deletions resources/views/vendor/filament-breezy/components/auth-card.blade.php
View file

This file was deleted.

16 changes: 0 additions & 16 deletions resources/views/vendor/filament-breezy/components/grid-section.blade.php
View file

This file was deleted.

77 changes: 0 additions & 77 deletions resources/views/vendor/filament-breezy/components/sections/2fa.blade.php
View file

This file was deleted.

26 changes: 0 additions & 26 deletions resources/views/vendor/filament-breezy/components/sections/passwords.blade.php
View file

This file was deleted.

26 changes: 0 additions & 26 deletions resources/views/vendor/filament-breezy/components/sections/personal-info.blade.php
View file

This file was deleted.

35 changes: 0 additions & 35 deletions resources/views/vendor/filament-breezy/components/sections/sanctum.blade.php
View file

This file was deleted.

55 changes: 0 additions & 55 deletions resources/views/vendor/filament-breezy/filament/pages/my-profile.blade.php
View file

This file was deleted.

3 changes: 0 additions & 3 deletions resources/views/vendor/filament-breezy/livewire/breezy-sanctum-tokens.blade.php
View file

This file was deleted.

30 changes: 0 additions & 30 deletions resources/views/vendor/filament-breezy/login.blade.php
View file

This file was deleted.

Loading

0 comments on commit a3a2ff4

Please sign in to comment.