├── LICENSE.md ├── composer.json ├── src ├── Middleware │ └── Reauthenticate.php ├── ReauthLimiter.php └── Reauthenticates.php └── views └── reauthenticate.blade.php /LICENSE.md: -------------------------------------------------------------------------------- 1 | # The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Marcel Pociot 4 | 5 | > Permission is hereby granted, free of charge, to any person obtaining a copy 6 | > of this software and associated documentation files (the "Software"), to deal 7 | > in the Software without restriction, including without limitation the rights 8 | > to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | > copies of the Software, and to permit persons to whom the Software is 10 | > furnished to do so, subject to the following conditions: 11 | > 12 | > The above copyright notice and this permission notice shall be included in 13 | > all copies or substantial portions of the Software. 14 | > 15 | > THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | > IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | > FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | > AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | > LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | > OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | > THE SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "mpociot/reauthenticate", 3 | "license": "MIT", 4 | "description": "Reauthenticate users by letting them re-enter their passwords for specific parts of your app.", 5 | "keywords": ["reauthentication","security","authentication","password prompt"], 6 | "authors": [ 7 | { 8 | "name": "Marcel Pociot", 9 | "email": "m.pociot@gmail.com" 10 | } 11 | ], 12 | "require": { 13 | "php": ">=5.5.9", 14 | "illuminate/support": "~5.5|^6.0" 15 | }, 16 | "require-dev": { 17 | "mockery/mockery": "^1.0", 18 | "orchestra/testbench": "^3.5" 19 | }, 20 | "autoload": { 21 | "psr-4": { 22 | "Mpociot\\Reauthenticate\\": "src/" 23 | } 24 | }, 25 | "prefer-stable": true, 26 | "minimum-stability": "dev" 27 | } 28 | -------------------------------------------------------------------------------- /src/Middleware/Reauthenticate.php: -------------------------------------------------------------------------------- 1 | check()) { 23 | $request->session()->put('url.intended', $request->url()); 24 | 25 | return $this->invalidated($request); 26 | } 27 | 28 | return $next($request); 29 | } 30 | 31 | /** 32 | * Handle invalidated auth. 33 | * 34 | * @param \Illuminate\Http\Request 35 | * 36 | * @return \Illuminate\Http\RedirectResponse 37 | */ 38 | protected function invalidated($request) 39 | { 40 | $url = config('app.reauthenticate_url', 'auth/reauthenticate'); 41 | 42 | return redirect($url); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/ReauthLimiter.php: -------------------------------------------------------------------------------- 1 | request = $request; 42 | $this->key = $key ?: $this->key; 43 | } 44 | 45 | /** 46 | * Attempt to Reauthenticate the user. 47 | * 48 | * @param string $password 49 | * 50 | * @return bool 51 | */ 52 | public function attempt($password) 53 | { 54 | if (!Hash::check($password, Auth::user()->getAuthPassword())) { 55 | return false; 56 | } 57 | 58 | $this->request->session()->put($this->key.'.life', Carbon::now()->timestamp); 59 | $this->request->session()->put($this->key.'.authenticated', true); 60 | 61 | return true; 62 | } 63 | 64 | /** 65 | * Validate a reauthenticated Session data. 66 | * 67 | * @return bool 68 | */ 69 | public function check() 70 | { 71 | $session = $this->request->session(); 72 | $validationTime = Carbon::createFromTimestamp($session->get($this->key.'.life', 0)); 73 | 74 | return $session->get($this->key.'.authenticated', false) && 75 | ($validationTime->diffInMinutes() <= $this->reauthTime); 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /src/Reauthenticates.php: -------------------------------------------------------------------------------- 1 | validate($request, [ 30 | 'password' => 'required', 31 | ]); 32 | 33 | $reauth = new ReauthLimiter($request); 34 | 35 | if (!$reauth->attempt($request->password)) { 36 | return Redirect::back() 37 | ->withErrors([ 38 | 'password' => $this->getFailedLoginMessage(), 39 | ]); 40 | } 41 | 42 | return Redirect::intended(); 43 | } 44 | 45 | /** 46 | * Get the failed login message. 47 | * 48 | * @return string 49 | */ 50 | protected function getFailedLoginMessage() 51 | { 52 | return Lang::has('auth.failed') 53 | ? Lang::get('auth.failed') 54 | : 'These credentials do not match our records.'; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /views/reauthenticate.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | 4 | @section('content') 5 |
6 |
7 |
8 |
9 |
Re-enter Password
10 |
11 | @if (session('status')) 12 |
13 | {{ session('status') }} 14 |
15 | @endif 16 | 17 |
18 | {!! csrf_field() !!} 19 | 20 |
21 | 22 | 23 |
24 | 25 | 26 | @if ($errors->has('password')) 27 | 28 | {{ $errors->first('password') }} 29 | 30 | @endif 31 |
32 |
33 | 34 |
35 |
36 | 39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 | @endsection 48 | --------------------------------------------------------------------------------