* Install bouncer
* Seeder and level migration
* Display and edit roles
* remove unused deluser page
* Update Radius and SSO to assign roles
* update AlertUtil direct level check to use roles instead
* rewrite ircbot auth handling
* Remove legacy auth getUserlist and getUserlevel methods, add getRoles
Set roles in LegacyUserProvider
* Small cleanups
* centralize role sync code
show roles on user preferences page
* VueSelect component WIP and a little docs
* WIP
* SelectControllers id and text fields.
* LibrenmsSelect component extracted from SettingSelectDynamic
* Handle multiple selections
* allow type coercion
* full width settings
* final style adjustments
* Final compiled assets update
* Style fixes
* Fix SSO tests
* Lint cleanups
* small style fix
* don't use json yet
* Update baseline for usptream package issues
* Change schema, not 100% sure it is correct
not sure why xor doesn't work
* Implement OAuth and SAML2 support via Socialite
* Add socialite docs
* fixes
* Additional information added
* wip
* 22.3.0 targeted version
* Allow mysql auth as long as there is a password saved
Co-authored-by: laf <gh+n@laf.io>
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Kick other session when changing password
Invalidate other sessions when a user password gets changed
* Don't logout admin users when they change passwords.
Cleanup phpstan exceptions
* only restore user if needed
* comment odd behavior
* $current_user typehint
* Device group based access
* Use Permissions class to resolve permissions
Also give port access based on device access
* Convert more pages to use Permissions class
* shorten config setting name
use Eloquent relationships in several places
alphabetize config_definitions.json
* Change Models and Permissions
* Clean up ajax_search LIMIT sql
* Convert more pages to use Permissions class
Co-authored-by: Tony Murray <murraytony@gmail.com>
* user deactivation feature
* update db_schema.yaml
* travis fix
* readd sqlfile with alter statement
* ..
* revert force push
* combine all queries
* fix query
* user enable/disable only visible on mysql authorization
* Update form.blade.php
* Update index.blade.php
* disable 'enabled' on own profile
* bootstraping checkboxes
* Add lnms user:add command
Uses events to mark past notifications as read (even for non-manually added users)
* Filter out previous options from auto-completion
* use validation to check cli input
* Warn if using other auth
* abstract LnmsCommand
* Use setPassword helper for hashing instead of mutator
* Extract validation function
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
Extract common AD auth code to ADUtils
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
Extract common AD auth code to ADUtils
* Send no user info to log instead of toast.
* Remove commented code
* add abstract getConnection() method that is required.
* Actually return the value
* Use Laravel for authentication
Support legacy auth methods
Always create DB entry for users (segregate by auth method)
Port api auth to Laravel
restrict poller errors to devices the user has access to
Run checks on every page load. But set a 5 minute (configurable) timer.
Only run some checks if the user is an admin
Move toastr down a few pixels so it isn't as annoying.
Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user.
Add two missing menu entries in the laravel menu
Rewrite 2FA code
Simplify some and verify code before applying
Get http-auth working
Handle legacy $_SESSION differently. Allows Auth::once(), etc to work.
* Fix tests and mysqli extension check
* remove duplicate Toastr messages
* Fix new items
* Rename 266.sql to 267.sql
* More secure password hashes
Use PHP 5.5 password_hash(), currently uses bcrypt
increase password field length as per php documentation
* Use password_hash()/password_verify() for cookies too
* forgot to update db_schema.yaml
* Share code between all mysql based authorizers
I plan to update the mysql password encryption and this will allow the code to be changed in a single location.
It also reduces a lot of duplication.
* Fix tests, I suspect reauthenticate will work for these...
Do not allow password updates for several authorizers
* Refactored authorizers to classes
* Merge changes for #7335
* ! fix php 5.3 incompatibility
* Update ADAuthorizationAuthorizer.php
* Fix get_user -> getUser
* Rename AuthorizerFactory to Auth, fix interface missing functions
* Add phpdocs to all interface methods and normalize the names a bit.
* Re-work auth_test.php AD bind tests to work properly with the new class.
Reflection is not the nicest tool, but I think it is appropriate here.
Handle exceptions more nicely in auth_test.php
* Restore AD getUseList fix
Not sure how it got removed
* fix auth_test.php style
