* Add Laravel to LibreNMS.
* Try to set permissions during initial install and first composer update to Laravel.
* Fix composer.lock
Fix missing db config keys
* Start building v1 layout
Port ajax_setresolution, inject csrf into jquery ajax calls
Layout works, building menu
Partially done.
* Fix device group list
remove stupid count relationships
* Print messages for common boot errors.
Don't log to laravel.log file.
Log to error_log until booted, then librenms.log
* Fix up some issues with Config loading
Start of custom directives
* Custom blade directives: config, notconfig, admin
* Preflight checks
Only load config files once.
* Update the composer.lock for php 5.6
* Menu through routing
* Start of alert menu
* Better alert scopes
* reduce cruft in models
* Alerting menu more or less working :D
* Fix style
* Improved preflight
* Fix chicken-eggs!
* Remove examples
* Better alert_rule status queries
Debugbar
* fix app.env check
* User Menu
* Settings bar (dropped refresh)
Search JS
* Toastr messages
* Rename preflight
* Use hasAccess(User) on most models.
Add port counts
* Missed a Preflight -> Checks rename
* Fix some formatting
* Boot Eloquent outside of Laravel
Use Eloquent for Config and Plugins so we don't have to connect with dbFacile inside Laravel.
Move locate_binary() into Config class
* Config WIP
* Try to fix a lot of config loading issues.
* Improve menu for non-admins removing unneeded menus
url() for all in menu
* Only use eloquent if it exists
* Include APP_URL in initial .env settings
* Implement Legacy User Provider
* Helper class for using Eloquent outside of Laravel.
Allows access to DB style queries too and checking the connection status.
* Fix up tests
* Fix device groups query
* Checking Travis
* copy config.test.php earlier
* dbFacile check config before connecting
Don't use exception to check if eloquent is connected, it gets grabbed by the exception handler.
Ignore missing config.php error.
* Fix config load with database is not migrated yet.
* Remove Config::load() from early boot.
* Use laravel config settings to init db (this prefers .env settings)
Fix bgp vars not set in menu
add _ide_helper.php to .gitignore
* Restrict dependencies to versions that support php 5.6
* Update ConfigTest
* Fix a couple of installation issues
* Add unique NODE_ID to .env
* Correct handling of title image
* Fix database config not loading. Thanks @laf
* Don't prepend /
* add class_exists checks for development service providers
* Fix config value casting
* Don't use functions that may not exist
* Update dbFacile.php
* d_echo may not be defined when Config used called.
* Add SELinux configuration steps
More detailed permissions check.
Check all and give complete corrective commands in one step.
* Ignore node_modules directory
* Re-add accidetal removal
* Allow the URL a user is sent to after logging out to be customised
This is required for any authentication system that has a magic URL for logging out (e.g. /Shibboleth.sso/Logout).
* Allow auth plugins to return a username
This is a bit cleaner than the current auth flow, which special cases e.g. http authentication
* Add some tests, defaults and documentation
* Add single sign-on authentication mechanism
* Make HTTPAuth use the authExternal/getExternalUsername methods
* Add to acknowledgements
* Add reset method to Auth
* Refactored authorizers to classes
* Merge changes for #7335
* ! fix php 5.3 incompatibility
* Update ADAuthorizationAuthorizer.php
* Fix get_user -> getUser
* Rename AuthorizerFactory to Auth, fix interface missing functions
* Add phpdocs to all interface methods and normalize the names a bit.
* Re-work auth_test.php AD bind tests to work properly with the new class.
Reflection is not the nicest tool, but I think it is appropriate here.
Handle exceptions more nicely in auth_test.php
* Restore AD getUseList fix
Not sure how it got removed
* fix auth_test.php style
* fix: Fixed http-auth not honouring http_auth_guest
* Always fall back to http_auth_guest.
Make sure $username is set, otherwise, we won't try to authenticate.
* reverted elseif to default to http-auth-guest
* Update authenticate.inc.php
simplify logic
* fix: Two-Factor Auth
Moved library to a class to take advantage of namespacing and auto loading.
Update the two factor code to use the AuthenticationException for error messages.
Fix remember me to work with 2fa.
* missing change
* fix: minimize session open time
page/graphs speedup part 2
Write close the session as soon as we no longer need to write to it. Prevents the session from blocking other requests.
Do not run through full authentication functions if the session is already authenticated.
Removes password from the session as well as some items to prevent session fixation from #4608.
WARNING: This will cause issues for ad/ldap users who do not have a bind user configured!
* Do no erase username when using cookie auth.
Properly close the session in ajax_setresolution.php
* write close the session as soon as possible in ajax_setresolution.php
* Remove session regeneration. It is not compatible with the current code and would require more changes.
* Totally refactor authentication. Extract code to functions for re-use and improved readability
* Use exceptions for authentication and error logging
Tested: mysql, ad_auth with and without bind user
* fix a couple scrutinizer issues
* fix reauthenticate in radius
* Fix redirect on login for instances
On instances where base_url has been set for use behind a reverse proxy, logins are incorrectly redirected.
This happens because REQUEST_URI is set by the proxy:
1. librenms has base_url set to http://site.com/nms/
2. Browser requests http://site.com/nms/
3. nginx reverse proxies /nms/ to librenms at http://somehost:1234/
4. librenms sees REQUEST_URI as "/"
5. librenms logs the user in, but sends "Location: /" to the browser. This redirects to the wrong location.
To resolve, concatenate REQUEST_URI (which is relative) to base_url. As base_url is slash-terminated, crop the trailing slash. This should have no effect on users with default settings and will correctly redirect instances behind reverse proxies.
* I agree to the conditions of the Contributor Agreement contained in doc/General/Contributing.md.
* Adding comment explaining redirect logic on login
* Use rtrim instead of substr
* feature: bind user for active_directory auth
Optional, allows the use of "remember me", API, and alerting.
* missing global (but still may not be working)
* always return a value from reauthenticate()
* Make sure the ldapbind credentials are correct on reauth.
Do not send output if they are incorrect (use d_echo) this breaks ajax calls, etc.
Add scripts/auth_test.php, to make it easier to debug authentication.
* Refine auth_test.php a bit more
A few small cleanups in other places of the auth
* Add auth_test.php to docs
Some more improvements in the auth_test.php output.
* Update Authentication.md
* Updated to remove passwords from sessions
* Remove users sessions when user deleted
* Updated when cookies are set
* Updated setcookies to always contain a value
* Added destroy_cookies() to remove users cookies on failed login
* Removed debug line
* Fixed graph issues
* Implement an autoloader
When cleaning up classes for psr2, things got a bit unwieldy, so I implemented a class autoloader.
I created a PSR-0 compliant LibreNMS directory and moved all classes there that made sense.
Implemented LibreNMS\ClassLoader which supports adding manual class mappings
This reduces the file includes needed and only loads classes when needed.
* Add teh autoloader to graph.php
* Add a small bit of docs
Fix incomplete class in includes/discovery/functions.inc.php
Tested against Google-Authenticator app on Android 4.4.4
Made `verify_hotp` more efficient.
Added autofocus on twofactor input
Added GUI Unlock and Remove for TwoFactor credentials in /edituser/
Allow additional tries after elapsed time from last try exceeds configured parameter `$config['twofactor_lock']`.
If `$config['twofactor_lock']` is not defined or is set to `0`, administrators have to unlock accounts that exceed 3 failures via GUI.
Added Documentation
Moved TwoFactor form to logon.inc.php
Disabled autocomplete on twofactor input field
Updated Docs to include link to Google-Authenticator's install-guides
Moved authentication logic from authenticate.inc.php to twofactor.lib.php
typo in docblock for `twofactor_auth()`
Fixed scrutinizer bugs
To please scrutinizer
