* Disable GET login by default
GET login allows users to put username and password in the url, this is helpful for displays where you cannot login interactively.
Unfortunately, the plaintext password will be in the access logs.
GET login also allows brute force attacks against your install.
* Apply fixes from StyleCI
---------
Co-authored-by: StyleCI Bot <bot@styleci.io>
* First attempt at ldap-auth fixes
* no, guest, so it is not allowed.
* cast to int
* don't count on Session
* return full user
* Specific error for guest not allowed.
* fix up external auth user creation
* fix check
* Fix user level missing
Simplify middleware
* use guard if configured
* Use Laravel for authentication
Support legacy auth methods
Always create DB entry for users (segregate by auth method)
Port api auth to Laravel
restrict poller errors to devices the user has access to
Run checks on every page load. But set a 5 minute (configurable) timer.
Only run some checks if the user is an admin
Move toastr down a few pixels so it isn't as annoying.
Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user.
Add two missing menu entries in the laravel menu
Rewrite 2FA code
Simplify some and verify code before applying
Get http-auth working
Handle legacy $_SESSION differently. Allows Auth::once(), etc to work.
* Fix tests and mysqli extension check
* remove duplicate Toastr messages
* Fix new items
* Rename 266.sql to 267.sql
