StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Cleanup login/reset functionality, address security issue with 2FA pathways

Browse source
This commit is contained in:
Dane Everitt 2018-04-07 16:17:51 -05:00
parent eade81f89b
commit c3e462ab2f
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
11 changed files with 158 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

14
routes/auth.php
View file

@ -9,14 +9,20 @@
|
*/
Route::group(['middleware' => 'guest'], function () {
// Login specific routes
Route::get('/login', 'LoginController@showLoginForm')->name('auth.login');
Route::get('/password/reset/{token}', 'ResetPasswordController@showResetForm')->name('auth.reset');
Route::post('/login', 'LoginController@login')->middleware('recaptcha');
Route::post('/login/checkpoint', 'LoginCheckpointController@index')->name('auth.checkpoint');
Route::post('/password', 'ForgotPasswordController@sendResetLinkEmail')->middleware('recaptcha');
// Forgot password route. A post to this endpoint will trigger an
// email to be sent containing a reset token.
Route::post('/password', 'ForgotPasswordController@sendResetLinkEmail')->name('auth.forgot-password.send-link')->middleware('recaptcha');
// Password reset routes. This endpoint is hit after going through
// the forgot password routes to acquire a token (or after an account
// is created).
Route::get('/password/reset/{token}', 'ResetPasswordController@showResetForm')->name('auth.reset-password');
Route::post('/password/reset', 'ResetPasswordController@reset')->name('auth.reset.post')->middleware('recaptcha');
Route::post('/password/reset/{token}', 'ForgotPasswordController@sendResetLinkEmail')->middleware('recaptcha');
});
/*