Use Laravel authentication (#8702)

* Use Laravel for authentication Support legacy auth methods Always create DB entry for users (segregate by auth method) Port api auth to Laravel restrict poller errors to devices the user has access to Run checks on every page load. But set a 5 minute (configurable) timer. Only run some checks if the user is an admin Move toastr down a few pixels so it isn't as annoying. Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user. Add two missing menu entries in the laravel menu Rewrite 2FA code Simplify some and verify code before applying Get http-auth working Handle legacy $_SESSION differently. Allows Auth::once(), etc to work. * Fix tests and mysqli extension check * remove duplicate Toastr messages * Fix new items * Rename 266.sql to 267.sql
2024-10-07 16:52:45 +00:00 · 2018-09-11 07:51:35 -05:00
parent 5dae25b48b
commit 32a7c50189
278 changed files with 2604 additions and 1816 deletions
--- a/app/Providers/TokenUserProvider.php
+++ b/app/Providers/TokenUserProvider.php
@@ -0,0 +1,92 @@
+<?php
+/**
+ * TokenUserProvider.php
+ *
+ * -Description-
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @package    LibreNMS
+ * @link       http://librenms.org
+ * @copyright  2018 Tony Murray
+ * @author     Tony Murray <murraytony@gmail.com>
+ */
+
+namespace App\Providers;
+
+use App\Models\ApiToken;
+use Illuminate\Contracts\Auth\Authenticatable;
+use Illuminate\Contracts\Auth\UserProvider;
+
+class TokenUserProvider extends LegacyUserProvider implements UserProvider
+{
+    /**
+     * Retrieve a user by their unique identifier and "remember me" token.
+     *
+     * @param  mixed $identifier
+     * @param  string $token
+     * @return \Illuminate\Contracts\Auth\Authenticatable|null
+     */
+    public function retrieveByToken($identifier, $token)
+    {
+        return null;
+    }
+
+    /**
+     * Update the "remember me" token for the given user in storage.
+     *
+     * @param  \Illuminate\Contracts\Auth\Authenticatable $user
+     * @param  string $token
+     * @return void
+     */
+    public function updateRememberToken(Authenticatable $user, $token)
+    {
+        return;
+    }
+
+    /**
+     * Retrieve a user by the given credentials.
+     *
+     * @param  array $credentials
+     * @return \Illuminate\Contracts\Auth\Authenticatable|null
+     */
+    public function retrieveByCredentials(array $credentials)
+    {
+        if (!ApiToken::isValid($credentials['api_token'])) {
+            return null;
+        }
+
+        $user = ApiToken::userFromToken($credentials['api_token']);
+        if (!is_null($user)) {
+            return $user;
+        }
+
+        // missing user for existing token, create it
+        $user_id = ApiToken::idFromToken($credentials['api_token']);
+
+        return $this->retrieveById($user_id);
+    }
+
+    /**
+     * Validate a user against the given credentials.
+     *
+     * @param  \Illuminate\Contracts\Auth\Authenticatable $user
+     * @param  array $credentials
+     * @return bool
+     */
+    public function validateCredentials(Authenticatable $user, array $credentials)
+    {
+        return ApiToken::isValid($credentials['api_token'], $user->user_id);
+    }
+}