sergio.hinojosa
/
eval-desempeno-v2
1
0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
7 Коміти
3 Гілки
14MB
Гілка: master
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'master'
${ noResults }
eval-desempeno-v2/app/Config/Auth.php

386 рядки
13KB
Неформатований Постійне посилання Звинувачення Історія 

  1. <?php

  2. 

  3. namespace Config;

  4. 

  5. 

  6. class Auth extends \Myth\Auth\Config\Auth

  7. {

  8.     /**

  9.      * --------------------------------------------------------------------

  10.      * Default User Group

  11.      * --------------------------------------------------------------------

  12.      *

  13.      * The name of a group a user will be added to when they register,

  14.      * i.e. $defaultUserGroup = 'guests'.

  15.      *

  16.      * @var string

  17.      */

  18.     public $defaultUserGroup = 'Prestadores';

  19. 

  20.     /**

  21.      * --------------------------------------------------------------------

  22.      * Landing Route

  23.      * --------------------------------------------------------------------

  24.      *

  25.      * This is your landing page (route name) after user success to login,

  26.      * i.e $landingRoute = 'dashboard'.

  27.      *

  28.      * If you set $silent = true the Permission and Role filters will

  29.      * use this config too for the routing.

  30.      *

  31.      * @var string

  32.      */

  33.     public $landingRoute = '/';

  34. 

  35.     /**

  36.      * --------------------------------------------------------------------

  37.      * Reserverd Routes

  38.      * --------------------------------------------------------------------

  39.      *

  40.      * The auth routes config is listed in here and you can customize it,

  41.      * i.e. $reservedRoutes = ['forgot' => 'forgot-password'].

  42.      *

  43.      * Do Not Change The Key!!! Because it's the identity for routing.

  44.      *

  45.      * @var array

  46.      */

  47.     public $reservedRoutes = [

  48.         'login'                   => 'login',

  49.         'logout'                  => 'logout',

  50.         'register'                => 'register',

  51.         'activate-account'        => 'activate-account',

  52.         'resend-activate-account' => 'resend-activate-account',

  53.         'forgot'                  => 'forgot',

  54.         'reset-password'          => 'reset-password',

  55. 

  56.         // ADMIN AUTH

  57.         // 'custom_route' => 'custom_route',

  58.         'admin_login' => 'admin_login',

  59.         'admin_logout' => 'admin_logout',

  60.     ];

  61. 

  62.     /**

  63.      * --------------------------------------------------------------------

  64.      * Libraries

  65.      * --------------------------------------------------------------------

  66.      *

  67.      * @var array

  68.      */

  69.     public $authenticationLibs = [

  70.         'local' => 'Myth\Auth\Authentication\LocalAuthenticator',

  71.     ];

  72. 

  73.     /**

  74.      * --------------------------------------------------------------------

  75.      * Views used by Auth Controllers

  76.      * --------------------------------------------------------------------

  77.      *

  78.      * @var array

  79.      */

  80.     public $views = [

  81.         'login'           => 'App\Views\Auth\login',

  82.         'register'        => 'App\Views\Auth\register',

  83.         'forgot'          => 'App\Views\Auth\forgot',

  84.         'reset'           => 'App\Views\Auth\reset',

  85.         'emailForgot'     => 'App\Views\Auth\emails\forgot',

  86.         'emailActivation' => 'App\Views\Auth\emails\activation',

  87.     ];

  88. 

  89.     /**

  90.      * --------------------------------------------------------------------

  91.      * Layout for the views to extend

  92.      * --------------------------------------------------------------------

  93.      *

  94.      * @var string

  95.      */

  96.     public $viewLayout = 'App\Views\Auth\layout';

  97. 

  98.     /**

  99.      * --------------------------------------------------------------------

  100.      * Authentication

  101.      * --------------------------------------------------------------------

  102.      *

  103.      * Fields that are available to be used as credentials for login.

  104.      *

  105.      * @var string[]

  106.      */

  107.     public $validFields = [

  108.         'email',

  109.     ];

  110. 

  111.     /**

  112.      * --------------------------------------------------------------------

  113.      * Additional Fields for "Nothing Personal"

  114.      * --------------------------------------------------------------------

  115.      *

  116.      * The `NothingPersonalValidator` prevents personal information from

  117.      * being used in passwords. The email and username fields are always

  118.      * considered by the validator. Do not enter those field names here.

  119.      *

  120.      * An extend User Entity might include other personal info such as

  121.      * first and/or last names. `$personalFields` is where you can add

  122.      * fields to be considered as "personal" by the NothingPersonalValidator.

  123.      *

  124.      * For example:

  125.      *	 $personalFields = ['firstname', 'lastname'];

  126.      *

  127.      * @var string[]

  128.      */

  129.     public $personalFields = [];

  130. 

  131.     /**

  132.      * --------------------------------------------------------------------

  133.      * Password / Username Similarity

  134.      * --------------------------------------------------------------------

  135.      *

  136.      * Among other things, the NothingPersonalValidator checks the

  137.      * amount of sameness between the password and username.

  138.      * Passwords that are too much like the username are invalid.

  139.      *

  140.      * The value set for $maxSimilarity represents the maximum percentage

  141.      * of similarity at which the password will be accepted. In other words, any

  142.      * calculated similarity equal to, or greater than $maxSimilarity

  143.      * is rejected.

  144.      *

  145.      * The accepted range is 0-100, with 0 (zero) meaning don't check similarity.

  146.      * Using values at either extreme of the *working range* (1-100) is

  147.      * not advised. The low end is too restrictive and the high end is too permissive.

  148.      * The suggested value for $maxSimilarity is 50.

  149.      *

  150.      * You may be thinking that a value of 100 should have the effect of accepting

  151.      * everything like a value of 0 does. That's logical and probably true,

  152.      * but is unproven and untested. Besides, 0 skips the work involved

  153.      * making the calculation unlike when using 100.

  154.      *

  155.      * The (admittedly limited) testing that's been done suggests a useful working range

  156.      * of 50 to 60. You can set it lower than 50, but site users will probably start

  157.      * to complain about the large number of proposed passwords getting rejected.

  158.      * At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as

  159.      * perfectly acceptable which clearly they are not.

  160.      *

  161.      *

  162.      * To disable similarity checking set the value to 0.

  163.      *	  public $maxSimilarity = 0;

  164.      *

  165.      * @var int

  166.      */

  167.     public $maxSimilarity = 50;

  168. 

  169.     /**

  170.      * --------------------------------------------------------------------

  171.      * Allow User Registration

  172.      * --------------------------------------------------------------------

  173.      *

  174.      * When enabled (default) any unregistered user may apply for a new

  175.      * account. If you disable registration you may need to ensure your

  176.      * controllers and views know not to offer registration.

  177.      *

  178.      * @var bool

  179.      */

  180.     public $allowRegistration = true;

  181. 

  182.     /**

  183.      * --------------------------------------------------------------------

  184.      * Require Confirmation Registration via Email

  185.      * --------------------------------------------------------------------

  186.      *

  187.      * When enabled, every registered user will receive an email message

  188.      * with an activation link to confirm the account.

  189.      *

  190.      * @var string|null Name of the ActivatorInterface class

  191.      */

  192.     public $requireActivation = 'Myth\Auth\Authentication\Activators\EmailActivator';

  193. 

  194.     /**

  195.      * --------------------------------------------------------------------

  196.      * Allow Password Reset via Email

  197.      * --------------------------------------------------------------------

  198.      *

  199.      * When enabled, users will have the option to reset their password

  200.      * via the specified Resetter. Default setting is email.

  201.      *

  202.      * @var string|null Name of the ResetterInterface class

  203.      */

  204.     public $activeResetter = 'Myth\Auth\Authentication\Resetters\EmailResetter';

  205. 

  206.     /**

  207.      * --------------------------------------------------------------------

  208.      * Allow Persistent Login Cookies (Remember me)

  209.      * --------------------------------------------------------------------

  210.      *

  211.      * While every attempt has been made to create a very strong protection

  212.      * with the remember me system, there are some cases (like when you

  213.      * need extreme protection, like dealing with users financials) that

  214.      * you might not want the extra risk associated with this cookie-based

  215.      * solution.

  216.      *

  217.      * @var bool

  218.      */

  219.     public $allowRemembering = false;

  220. 

  221.     /**

  222.      * --------------------------------------------------------------------

  223.      * Remember Length

  224.      * --------------------------------------------------------------------

  225.      *

  226.      * The amount of time, in seconds, that you want a login to last for.

  227.      * Defaults to 30 days.

  228.      *

  229.      * @var int

  230.      */

  231.     public $rememberLength = 30 * DAY;

  232. 

  233.     /**

  234.      * --------------------------------------------------------------------

  235.      * Error handling

  236.      * --------------------------------------------------------------------

  237.      *

  238.      * If true, will continue instead of throwing exceptions.

  239.      *

  240.      * @var bool

  241.      */

  242.     public $silent = false;

  243. 

  244.     /**

  245.      * --------------------------------------------------------------------

  246.      * Encryption Algorithm to Use

  247.      * --------------------------------------------------------------------

  248.      *

  249.      * Valid values are

  250.      * - PASSWORD_DEFAULT (default)

  251.      * - PASSWORD_BCRYPT

  252.      * - PASSWORD_ARGON2I  - As of PHP 7.2 only if compiled with support for it

  253.      * - PASSWORD_ARGON2ID - As of PHP 7.3 only if compiled with support for it

  254.      *

  255.      * If you choose to use any ARGON algorithm, then you might want to

  256.      * uncomment the "ARGON2i/D Algorithm" options to suit your needs

  257.      *

  258.      * @var int|string

  259.      */

  260.     public $hashAlgorithm = PASSWORD_DEFAULT;

  261. 

  262.     /**

  263.      * --------------------------------------------------------------------

  264.      * ARGON2i/D Algorithm options

  265.      * --------------------------------------------------------------------

  266.      *

  267.      * The ARGON2I method of encryption allows you to define the "memory_cost",

  268.      * the "time_cost" and the number of "threads", whenever a password hash is

  269.      * created.

  270.      *

  271.      * This defaults to a value of 10 which is an acceptable number.

  272.      * However, depending on the security needs of your application

  273.      * and the power of your hardware, you might want to increase the

  274.      * cost. This makes the hashing process takes longer.

  275.      */

  276. 

  277.     /**

  278.      * @var int

  279.      */

  280.     public $hashMemoryCost = 2048; // PASSWORD_ARGON2_DEFAULT_MEMORY_COST;

  281. 

  282.     /**

  283.      * @var int

  284.      */

  285.     public $hashTimeCost = 4; // PASSWORD_ARGON2_DEFAULT_TIME_COST;

  286. 

  287.     /**

  288.      * @var int

  289.      */

  290.     public $hashThreads = 4; // PASSWORD_ARGON2_DEFAULT_THREADS;

  291. 

  292.     /**

  293.      * --------------------------------------------------------------------

  294.      * Password Hashing Cost

  295.      * --------------------------------------------------------------------

  296.      *

  297.      * The BCRYPT method of encryption allows you to define the "cost"

  298.      * or number of iterations made, whenever a password hash is created.

  299.      * This defaults to a value of 10 which is an acceptable number.

  300.      * However, depending on the security needs of your application

  301.      * and the power of your hardware, you might want to increase the

  302.      * cost. This makes the hashing process takes longer.

  303.      *

  304.      * Valid range is between 4 - 31.

  305.      *

  306.      * @var int

  307.      */

  308.     public $hashCost = 10;

  309. 

  310.     /**

  311.      * --------------------------------------------------------------------

  312.      * Minimum Password Length

  313.      * --------------------------------------------------------------------

  314.      *

  315.      * The minimum length that a password must be to be accepted.

  316.      * Recommended minimum value by NIST = 8 characters.

  317.      *

  318.      * @var int

  319.      */

  320.     public $minimumPasswordLength = 8;

  321. 

  322.     /**

  323.      * --------------------------------------------------------------------

  324.      * Password Check Helpers

  325.      * --------------------------------------------------------------------

  326.      *

  327.      * The PasswordValidator class runs the password through all of these

  328.      * classes, each getting the opportunity to pass/fail the password.

  329.      *

  330.      * You can add custom classes as long as they adhere to the

  331.      * Password\ValidatorInterface.

  332.      *

  333.      * @var string[]

  334.      */

  335.     public $passwordValidators = [

  336.         'Myth\Auth\Authentication\Passwords\CompositionValidator',

  337.         'Myth\Auth\Authentication\Passwords\NothingPersonalValidator',

  338.         'Myth\Auth\Authentication\Passwords\DictionaryValidator',

  339.         // 'Myth\Auth\Authentication\Passwords\PwnedValidator',

  340.     ];

  341. 

  342.     /**

  343.      * --------------------------------------------------------------------

  344.      * Activator classes

  345.      * --------------------------------------------------------------------

  346.      *

  347.      * Available activators with config settings

  348.      *

  349.      * @var array

  350.      */

  351.     public $userActivators = [

  352.         'Myth\Auth\Authentication\Activators\EmailActivator' => [

  353.             'fromEmail' => null,

  354.             'fromName'  => null,

  355.         ],

  356.     ];

  357. 

  358.     /**

  359.      * --------------------------------------------------------------------

  360.      * Resetter Classes

  361.      * --------------------------------------------------------------------

  362.      *

  363.      * Available resetters with config settings

  364.      *

  365.      * @var array

  366.      */

  367.     public $userResetters = [

  368.         'Myth\Auth\Authentication\Resetters\EmailResetter' => [

  369.             'fromEmail' => null,

  370.             'fromName'  => null,

  371.         ],

  372.     ];

  373. 

  374.     /**

  375.      * --------------------------------------------------------------------

  376.      * Reset Time

  377.      * --------------------------------------------------------------------

  378.      *

  379.      * The amount of time that a password reset-token is valid for,

  380.      * in seconds.

  381.      *

  382.      * @var int

  383.      */

  384.     public $resetTime = 3600;

  385. }