browner12/reauthenticate

Release v1.2.0

reauthenticate your users on higher security pages

Repository Packagist PHP

Keywords
browner12, reauthenticate
License
MIT

Documentation

Reauthenticate

Latest Version on Packagist Software License Build Status Coverage Status Quality Score Total Downloads

For pages that contain more sensitive operations, sometimes you wish to have the user reauthenticate themselves. This simple package provides the tools you need to quickly implement this functionality on your website.

Install

Via Composer

$ composer require browner12/reauthenticate

Setup

Add the service provider to the providers array in config/app.php.

'providers' => [
    browner12\reauthenticate\ReauthenticateServiceProvider::class,
];

If you are using Laravel's automatic package discovery, you can skip this step.

Publishing

While we provide sensible defaults, if you would like to customize this package simply publish the config file with the following command.

php artisan vendor:publish --provider="browner12\reauthenticate\ReauthenticateServiceProvider"

Wiring

Let's start by adding our new middleware to App\Http\Kernel.php.

protected $routeMiddleware = [
    'auth'           => \Illuminate\Auth\Middleware\Authenticate::class,
    'auth.basic'     => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'bindings'       => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    'can'            => \Illuminate\Auth\Middleware\Authorize::class,
    'guest'          => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle'       => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'reauthenticate' => \browner12\reauthenticate\Reauthenticate::class,
];

We will need 2 routes for our reauthentication. One to show the form to enter a password, and another to process the input.

Route::get('reauthenticate', 'ReauthenticateController@reauthenticate')->name('reauthenticate');
Route::post('reauthenticate', 'ReauthenticateController@processReauthenticate')->name('reauthenticate.process');

Now let's make the associated controller:

php artisan make:controller ReauthenticateController

This package offers a trait to use in your controller. This pattern gives you the flexibility to customize the controllers as you need, while also controlling the pieces that are important for the normal package operation.

The trait offers 2 methods:

  • checkReauthenticationPassword() - Checks the entered password against the known hash, and returns the requested URL if successful. Returns false on failure.
  • resetReauthenticationTimer() - Stores the current time in the session as the last successful authentication.

Now we will use this trait in our controller.

namespace App\Http\Controllers;

use browner12\reauthenticate\Concerns\Reauthenticates;
use Illuminate\Http\Request;

class ReauthenticateController extends Controller
{
    use Reauthenticates;
    
    /**
     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
     */
    public function reauthenticate()
    {
        //load view
        return view('main/auth/reauthenticate');
    }

    /**
     * @param \Illuminate\Http\Request             $request
     * @return \Illuminate\Http\RedirectResponse
     */
    public function processReauthenticate(Request $request)
    {
        //good password
        if ($url = $this->checkReauthenticationPassword($request->get('password'), $request->user()->password)){
        
            return redirect()->to($url);
        }
        
        //send back
        return back();
    }
}

We do not require your view to be formatted in any way, or name your inputs anything specific. In the example above, the input is named 'password', and we are pulling the current password hash off of the logged in user.

If you would like to reset the timer in any of your other controllers, for example when the user initially logs in, you can also use the resetAuthorizationTimer() method on this trait.

Usage

Using the reauthentication feature is incredibly easy. Simply add the middleware to either your routes:

Route::get('users', 'UserController')->middleware('reauthenticate');

or your controllers:

class UserController extends Controller
{
    /**
     * constructor
     */
    public function __construct()
    {
        //parent
        parent::__construct();
    
        //middleware
        $this->middleware('auth');
    
        //reauthenticate
        $this->middleware('reauthenticate')->only(['index']);
    }
}

Limitations

Currently this feature only works on GET requests. The reason for this is because we cannot redirect to a POST route. I do have a solution in mind that uses a dummy page with a form that automatically submits, but I am holding off to see what the interest for it is first.

Change log

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING and CODE_OF_CONDUCT for details.

Security

If you discover any security related issues, please email browner12@gmail.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

Stats

Dependencies
2
Dependent packages
0
Dependent repositories
0
Total releases
5
Latest release
First release
Stars
29
Forks
4
Watchers
3
Contributors
4
Repository size
33.2 KB
SourceRank
10

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

v1.2.0
v1.1.0
v1.0.0
v0.1.1
v0.1.0

Contributors

Andrew Mark Vesterskov Ismo Vuorinen Valentin IvaÅŸcu


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2020-11-21 03:07:08 UTC

Login to resync this project