From 169bd264675795eae29627dc04e39524a2753502 Mon Sep 17 00:00:00 2001 From: Prosper Otemuyiwa Date: Mon, 4 Jul 2016 05:53:48 +0100 Subject: [PATCH 01/23] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 64f151c..842ff40 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ [![Quality Score](https://img.shields.io/scrutinizer/g/unicodeveloper/laravel-password.svg?style=flat-square)](https://scrutinizer-ci.com/g/unicodeveloper/laravel-password) [![Total Downloads](https://img.shields.io/packagist/dt/unicodeveloper/laravel-password.svg?style=flat-square)](https://packagist.org/packages/unicodeveloper/laravel-password) -> #### Guard your users from security problems such as being hacked that start by having dumb passwords +> #### Guard your users from security problems by preventing them from having dumb passwords ### Introduction From 31166c861739a745774c101d8242fa9b5a0af32b Mon Sep 17 00:00:00 2001 From: Shaun Lobisnger Date: Tue, 5 Jul 2016 21:19:40 -0700 Subject: [PATCH 02/23] moved default error message to a protected variable to make it more explicit --- src/DumbPasswordServiceProvider.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 7d8a4ee..c0d8c6a 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -24,6 +24,13 @@ class DumbPasswordServiceProvider extends ServiceProvider */ protected $defer = false; + /** + * default error message + * + * @var string + */ + protected $message = 'This password is just too common. Please try another!'; + /** * Publishes all the config file this package needs to function */ @@ -35,7 +42,7 @@ public function boot() Validator::extend('dumbpwd', function($attribute, $value, $parameters, $validator) use ($data) { return !$data->has($value); - }, 'This password is just too common. Please try another!'); + }, $message); } /** From 2c189c8fa930c1b365df3e32917339c56ef3bdb9 Mon Sep 17 00:00:00 2001 From: Shaun Lobisnger Date: Wed, 6 Jul 2016 06:10:41 -0700 Subject: [PATCH 03/23] fixed variable --- src/DumbPasswordServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index c0d8c6a..639c2d3 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -42,7 +42,7 @@ public function boot() Validator::extend('dumbpwd', function($attribute, $value, $parameters, $validator) use ($data) { return !$data->has($value); - }, $message); + }, $this->message); } /** From c340e0fee3355468f0e93c57ed6bb13d3c5d0c3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCrgen=20van=20Dijk?= Date: Thu, 14 Jul 2016 23:14:32 +0200 Subject: [PATCH 04/23] Update styling --- src/DumbPasswordServiceProvider.php | 31 +++++++++++------------------ 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 639c2d3..05970a7 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -16,47 +16,40 @@ class DumbPasswordServiceProvider extends ServiceProvider { - - /* - * Indicates if loading of the provider is deferred. - * - * @var bool - */ - protected $defer = false; - /** - * default error message + * Default error message. * * @var string */ protected $message = 'This password is just too common. Please try another!'; /** - * Publishes all the config file this package needs to function - */ + * Publishes all the config file this package needs to function. + */ public function boot() { $path = realpath(__DIR__.'/../resources/config/passwordlist.txt'); $dumbPasswords = collect(explode("\n", file_get_contents($path))); $data = $dumbPasswords->flip(); - Validator::extend('dumbpwd', function($attribute, $value, $parameters, $validator) use ($data) { + Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) use ($data) { return !$data->has($value); - }, $this->message); + }, $this->message); } /** - * Register the application services. - */ + * Register the application services. + */ public function register() { - + // } /** - * Get the services provided by the provider - * @return array - */ + * Get the services provided by the provider. + * + * @return array + */ public function provides() { return ['laravel-password']; From 8bc3b4692dc6995d900a9389584f247a7d90484b Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 15:50:29 -0700 Subject: [PATCH 05/23] remove the flip altogether on second hand, we don't need the flip at all, can just swap `has` with `contains` instead, and good to go. --- src/DumbPasswordServiceProvider.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 05970a7..5150a85 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -30,10 +30,9 @@ public function boot() { $path = realpath(__DIR__.'/../resources/config/passwordlist.txt'); $dumbPasswords = collect(explode("\n", file_get_contents($path))); - $data = $dumbPasswords->flip(); Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) use ($data) { - return !$data->has($value); + return !$data->contains($value); }, $this->message); } From 48bfc55ac973de7c3b87948b0e875ad27b21cf22 Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 15:51:16 -0700 Subject: [PATCH 06/23] Update DumbPasswordServiceProvider.php --- src/DumbPasswordServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 5150a85..e346bb6 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -29,7 +29,7 @@ class DumbPasswordServiceProvider extends ServiceProvider public function boot() { $path = realpath(__DIR__.'/../resources/config/passwordlist.txt'); - $dumbPasswords = collect(explode("\n", file_get_contents($path))); + $data = collect(explode("\n", file_get_contents($path))); Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) use ($data) { return !$data->contains($value); From d4743969782df4273202396a0f1fd02fe702a551 Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 16:15:37 -0700 Subject: [PATCH 07/23] defer loading the service provider --- src/DumbPasswordServiceProvider.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 05970a7..661f14f 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -16,6 +16,13 @@ class DumbPasswordServiceProvider extends ServiceProvider { + /* + * Indicates if loading of the provider is deferred. + * + * @var bool + */ + protected $defer = true; + /** * Default error message. * From 16d2764a01ceccdf639015d7e33f817389603608 Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 16:16:15 -0700 Subject: [PATCH 08/23] add caching MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit cache the password list for future re-use so it doesn’t need to be re-computed every time --- src/DumbPasswordServiceProvider.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 661f14f..99f3a05 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -35,12 +35,13 @@ class DumbPasswordServiceProvider extends ServiceProvider */ public function boot() { - $path = realpath(__DIR__.'/../resources/config/passwordlist.txt'); - $dumbPasswords = collect(explode("\n", file_get_contents($path))); - $data = $dumbPasswords->flip(); - - Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) use ($data) { - return !$data->has($value); + Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) { + $path = realpath(__DIR__ . '/../resources/config/passwordlist.txt'); + $cache_key = md5_file($path); + $data = Cache::rememberForever('dumbpwd_list_' . $cache_key, function () use ($path) { + return collect(explode("\n", file_get_contents($path))); + }); + return !$data->contains($value); }, $this->message); } From a618e189ba3eba4b35f58d68d06958d0f1b38d7e Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 20:55:38 -0700 Subject: [PATCH 09/23] fix a whitespace --- src/DumbPasswordServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 99f3a05..ad76c3c 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -22,7 +22,7 @@ class DumbPasswordServiceProvider extends ServiceProvider * @var bool */ protected $defer = true; - + /** * Default error message. * From 84a22d92ea400b51275fb2ae40a6dea0d35c35a0 Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 20:55:45 -0700 Subject: [PATCH 10/23] import Cache facade --- src/DumbPasswordServiceProvider.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index ad76c3c..8c1c94f 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -12,6 +12,7 @@ namespace Unicodeveloper\DumbPassword; use Illuminate\Support\ServiceProvider; +use Illuminate\Support\Facades\Cache; use Validator; class DumbPasswordServiceProvider extends ServiceProvider From a4c5fb6b26f585710430e6c751b62739869c6860 Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Tue, 25 Apr 2017 20:58:03 -0700 Subject: [PATCH 11/23] fix spacing --- src/DumbPasswordServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 8c1c94f..6b0586b 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -36,7 +36,7 @@ class DumbPasswordServiceProvider extends ServiceProvider */ public function boot() { - Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) { + Validator::extend('dumbpwd', function ($attribute, $value, $parameters, $validator) { $path = realpath(__DIR__ . '/../resources/config/passwordlist.txt'); $cache_key = md5_file($path); $data = Cache::rememberForever('dumbpwd_list_' . $cache_key, function () use ($path) { From a26cd86dc55fba2152789382cd60d6268b7ad439 Mon Sep 17 00:00:00 2001 From: Prosper Otemuyiwa Date: Wed, 26 Apr 2017 09:14:52 +0100 Subject: [PATCH 12/23] Update CHANGELOG.md --- CHANGELOG.md | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a5b4804..8261697 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,19 +4,8 @@ All Notable changes to `laravel-password` will be documented in this file. Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) principles. -## NEXT - YYYY-MM-DD +## 2017-04-26 -### Added -- Nothing - -### Deprecated -- Nothing - -### Fixed -- Nothing - -### Removed -- Nothing - -### Security -- Nothing +- Removed the flip method +- Now uses the collection `contains` method directly. +- Caching Support From 78461092b9b3ad90136d08aca2152a453ced7165 Mon Sep 17 00:00:00 2001 From: Joey Kudish Date: Wed, 26 Apr 2017 08:59:01 -0700 Subject: [PATCH 13/23] switch back to a non-defered service provider unfortunately, I realized that having the service provider be defered made the validation rules not load in time in some instances --- src/DumbPasswordServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index 6b0586b..b5cb6da 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -22,7 +22,7 @@ class DumbPasswordServiceProvider extends ServiceProvider * * @var bool */ - protected $defer = true; + protected $defer = false; /** * Default error message. From 5c3bdc977c4b8065350caf2e57371b069ef6f5b4 Mon Sep 17 00:00:00 2001 From: Prosper Otemuyiwa Date: Thu, 27 Apr 2017 08:35:00 +0100 Subject: [PATCH 14/23] Update CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8261697..89585cb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,3 +9,8 @@ Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) princip - Removed the flip method - Now uses the collection `contains` method directly. - Caching Support + + +## 2017-04-27 + +- Switch back to a non-defered service provider From cbe46d8242344df28900470a3e1dcb2756409142 Mon Sep 17 00:00:00 2001 From: Chinoms Date: Tue, 31 Oct 2017 08:59:07 +0100 Subject: [PATCH 15/23] Update Readme.md Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed. You may swap "on" with "about." Any of them will be fine. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 842ff40..7bd8724 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ You can customize the error message by opening `resources/lang/en/validation.php ## Change log -Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently. +Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. ## Contributing From 550a096a6e6daa51291efc4d66d6b6bddfb1c1be Mon Sep 17 00:00:00 2001 From: Shalvah A Date: Wed, 3 Jan 2018 19:05:20 +0100 Subject: [PATCH 16/23] Add support for Laravel 5.5 package auto-discovery --- composer.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/composer.json b/composer.json index 7d53dc5..001c101 100644 --- a/composer.json +++ b/composer.json @@ -42,6 +42,11 @@ "extra": { "branch-alias": { "dev-master": "1.0-dev" + }, + "laravel": { + "providers": [ + "Unicodeveloper\\DumbPassword\\DumbPasswordServiceProvider" + ] } } } From a28360841d182d6097be7c3d12160ebe03b19674 Mon Sep 17 00:00:00 2001 From: Shalvah A Date: Wed, 3 Jan 2018 19:10:53 +0100 Subject: [PATCH 17/23] Update README to reflect L5.5 auto-discovery --- README.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 7bd8724..44d836d 100644 --- a/README.md +++ b/README.md @@ -28,10 +28,12 @@ To get the latest version of Laravel Password, simply add the following line to You'll then need to run `composer install` or `composer update` to download it and have the autoloader updated. -Once Laravel Password is installed, you need to register the service provider. Open up `config/app.php` and add the following to the `providers` key. - -* `Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class` +- If you're on Laravel 5.5 or above, that's all you need to do! Check out the usage examples below. +- If you're on Laravel < 5.5, you'll need to register the service provider. Open up `config/app.php` and add the following to the `providers` array: +```php +Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class +``` ## Usage From cb847f4b1c786d88d69c8eb9b48c152dcd922e39 Mon Sep 17 00:00:00 2001 From: Johannes Schobel Date: Mon, 10 Sep 2018 12:28:06 +0200 Subject: [PATCH 18/23] change order of images change order of images to be more compliant with text --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 44d836d..86b7552 100644 --- a/README.md +++ b/README.md @@ -58,8 +58,6 @@ protected function validator(array $data) Error shows on the page like so: -screen shot 2016-07-02 at 2 12 14 pm - screen shot 2016-07-02 at 1 22 45 pm By default, the error message returned is `This password is just too common. Please try another!`. @@ -70,6 +68,8 @@ You can customize the error message by opening `resources/lang/en/validation.php 'dumbpwd' => 'You are using a dumb password abeg', ``` +screen shot 2016-07-02 at 2 12 14 pm + ## Change log Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. From bc9efa7b01bb3d4f3bb79406ac8d3febbaff56e8 Mon Sep 17 00:00:00 2001 From: Michael Vickers Date: Tue, 1 Oct 2019 21:33:35 +0100 Subject: [PATCH 19/23] Perform case insensitive comparison against the password list Make the password list and user provided password both lowercase, so bad passwords are always identified regardless of how many characters are capitalised --- src/DumbPasswordServiceProvider.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index b5cb6da..c0a4317 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -40,9 +40,12 @@ public function boot() $path = realpath(__DIR__ . '/../resources/config/passwordlist.txt'); $cache_key = md5_file($path); $data = Cache::rememberForever('dumbpwd_list_' . $cache_key, function () use ($path) { - return collect(explode("\n", file_get_contents($path))); + return collect(explode("\n", file_get_contents($path))) + ->map(function ($password) { + return strtolower($password); + }); }); - return !$data->contains($value); + return !$data->contains(strtolower($value)); }, $this->message); } @@ -56,7 +59,7 @@ public function register() /** * Get the services provided by the provider. - * + * * @return array */ public function provides() From c377449ed9dfc4faff23d6ffd71bf801b729d8f5 Mon Sep 17 00:00:00 2001 From: Michael Vickers Date: Tue, 1 Oct 2019 21:48:17 +0100 Subject: [PATCH 20/23] Reinstate white space --- src/DumbPasswordServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/DumbPasswordServiceProvider.php b/src/DumbPasswordServiceProvider.php index c0a4317..719e926 100644 --- a/src/DumbPasswordServiceProvider.php +++ b/src/DumbPasswordServiceProvider.php @@ -59,7 +59,7 @@ public function register() /** * Get the services provided by the provider. - * + * * @return array */ public function provides() From 2e8285b88b249ec90b246e661fbf3e7ba554e1e8 Mon Sep 17 00:00:00 2001 From: Andrew Donald Johnson Date: Sun, 27 Dec 2020 09:26:38 -0500 Subject: [PATCH 21/23] PHP 8 Support --- .travis.yml | 1 + composer.json | 6 +++--- tests/ExampleTest.php | 3 ++- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index af76124..5eb3a62 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,6 +4,7 @@ php: - 5.5 - 5.6 - 7.0 + - 8.0 - hhvm # This triggers builds to run on the new TravisCI infrastructure. diff --git a/composer.json b/composer.json index 001c101..eb33e8c 100644 --- a/composer.json +++ b/composer.json @@ -19,10 +19,10 @@ } ], "require": { - "php" : "~5.6|~7.0" + "php" : "~5.6 || ~7.0 || ~8.0" }, "require-dev": { - "phpunit/phpunit" : "~4.0||~5.0", + "phpunit/phpunit" : "~4.0 || ~5.0 || ~6.0 || ~7.0 || ~8.0 || ~9.0", "scrutinizer/ocular": "~1.1", "squizlabs/php_codesniffer": "~2.3" }, @@ -33,7 +33,7 @@ }, "autoload-dev": { "psr-4": { - "Unicodeveloper\\DumbPassword\\Test": "tests" + "Unicodeveloper\\DumbPassword\\Test\\": "tests" } }, "scripts": { diff --git a/tests/ExampleTest.php b/tests/ExampleTest.php index a3b4876..974c886 100644 --- a/tests/ExampleTest.php +++ b/tests/ExampleTest.php @@ -1,8 +1,9 @@ Date: Sun, 27 Dec 2020 15:56:29 -0500 Subject: [PATCH 22/23] Remove unsupported versions of php and phpunit --- .travis.yml | 5 +---- composer.json | 4 ++-- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 5eb3a62..ad6b5f6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,11 +1,8 @@ language: php php: - - 5.5 - - 5.6 - 7.0 - 8.0 - - hhvm # This triggers builds to run on the new TravisCI infrastructure. # See: http://docs.travis-ci.com/user/workers/container-based-infrastructure/ @@ -18,7 +15,7 @@ cache: matrix: include: - - php: 5.5 + - php: 7.0 env: 'COMPOSER_FLAGS="--prefer-stable --prefer-lowest"' before_script: diff --git a/composer.json b/composer.json index eb33e8c..971ce2a 100644 --- a/composer.json +++ b/composer.json @@ -19,10 +19,10 @@ } ], "require": { - "php" : "~5.6 || ~7.0 || ~8.0" + "php" : "~7.0 || ~8.0" }, "require-dev": { - "phpunit/phpunit" : "~4.0 || ~5.0 || ~6.0 || ~7.0 || ~8.0 || ~9.0", + "phpunit/phpunit" : "~8.0 || ~9.0", "scrutinizer/ocular": "~1.1", "squizlabs/php_codesniffer": "~2.3" }, From 806e345ae992e0adf38c4cfa32063d7d7c9d189a Mon Sep 17 00:00:00 2001 From: Prosper Otemuyiwa Date: Wed, 30 Dec 2020 05:54:38 +0100 Subject: [PATCH 23/23] Update CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 89585cb..53acea4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ All Notable changes to `laravel-password` will be documented in this file. Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) principles. +## 2020-12-30 + +- Make passwords case insensitive. +- Support PHP 8 + ## 2017-04-26 - Removed the flip method