Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-10-28 08:46:45 +01:00
Code Issues Packages Projects Releases Activity
4,478 Commits 13 Branches 239 Tags
396e32b76ef3fceec17bbdb03fe6e2aced94ec5e
Commit Graph

10 Commits

Author SHA1 Message Date
Matias Griese
396e32b76e Made path handling unicode-safe, use new Utils::basename() and Utils::pathinfo() everywhere 2022-01-26 14:11:10 +02:00
Matias Griese
e84e785978 Fixed passing null to $twoFa->verifyCode() and $twoFa->verifyYubikeyOTP() 
`
 2022-01-12 10:55:41 +02:00
Andy Miller
0f05d065b0 Support for YubiKey OTP 2 factor authenticator 2022-01-11 12:00:10 -07:00
Andy Miller
0ca2d22f86 updated some copyright years 2022-01-03 09:33:16 -07:00
Matias Griese
2546cd35e0 Make sure that login data is an array in taskLogin() 2021-08-18 13:41:04 +03:00
Matias Griese
1acb94e857 Fixed error message when user clicks logout link after his session has been expired 2021-04-13 10:16:17 +03:00
Matias Griese
9108a4a85f Fixed broken 2FA login when site is not configured to use Flex Users [#2109] 2021-04-08 10:56:18 +03:00
Matias Griese
9fca08ab43 Regression: Fixed broken 2FA form [#2109] 2021-04-07 14:14:04 +03:00
Matias Griese
58e2c6cc55 Change nonce expiration message 2021-03-31 11:48:15 +03:00
Matias Griese
aa4f80eec1 Greatly improve login related actions for Admin 
* Better isolate admin to prevent session related vulnerabilities
* Removed support for custom login redirects for improved security
* Shorten forgot password link lifetime from 7 days to 1 hour
* Fixed login related pages being accessible from admin when user has logged in
* Fixed admin user creation and password reset allowing unsafe passwords
* Fixed missing validation when registering the first admin user
* Fixed reset password email not to have session specific token in it
 2021-03-26 14:39:37 +02:00