diff --git a/app/Http/Controllers/Auth/ConfirmPasswordController.php b/app/Http/Controllers/Auth/ConfirmPasswordController.php new file mode 100644 index 0000000..138c1f0 --- /dev/null +++ b/app/Http/Controllers/Auth/ConfirmPasswordController.php @@ -0,0 +1,40 @@ +middleware('auth'); + } +} diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php index 6a247fe..465c39c 100644 --- a/app/Http/Controllers/Auth/ForgotPasswordController.php +++ b/app/Http/Controllers/Auth/ForgotPasswordController.php @@ -19,14 +19,4 @@ class ForgotPasswordController extends Controller */ use SendsPasswordResetEmails; - - /** - * Create a new controller instance. - * - * @return void - */ - public function __construct() - { - $this->middleware('guest'); - } } diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 5d286cf..c6a6de6 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -3,6 +3,7 @@ namespace App\Http\Controllers\Auth; use App\Http\Controllers\Controller; +use App\Providers\RouteServiceProvider; use App\User; use Illuminate\Foundation\Auth\RegistersUsers; use Illuminate\Support\Facades\Hash; @@ -28,7 +29,7 @@ class RegisterController extends Controller * * @var string */ - protected $redirectTo = '/home'; + protected $redirectTo = RouteServiceProvider::HOME; /** * Create a new controller instance. @@ -49,9 +50,9 @@ public function __construct() protected function validator(array $data) { return Validator::make($data, [ - 'name' => 'required|string|max:255', - 'email' => 'required|string|email|max:255|unique:users', - 'password' => 'required|string|min:6|confirmed', + 'name' => ['required', 'string', 'max:255'], + 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], + 'password' => ['required', 'string', 'min:8', 'confirmed'], ]); } diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php index cf726ee..b1726a3 100644 --- a/app/Http/Controllers/Auth/ResetPasswordController.php +++ b/app/Http/Controllers/Auth/ResetPasswordController.php @@ -3,6 +3,7 @@ namespace App\Http\Controllers\Auth; use App\Http\Controllers\Controller; +use App\Providers\RouteServiceProvider; use Illuminate\Foundation\Auth\ResetsPasswords; class ResetPasswordController extends Controller @@ -25,15 +26,5 @@ class ResetPasswordController extends Controller * * @var string */ - protected $redirectTo = '/home'; - - /** - * Create a new controller instance. - * - * @return void - */ - public function __construct() - { - $this->middleware('guest'); - } + protected $redirectTo = RouteServiceProvider::HOME; } diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index d15c28e..fbf38dc 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -14,11 +14,11 @@ class Kernel extends HttpKernel * @var array */ protected $middleware = [ + \App\Http\Middleware\TrustProxies::class, \App\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, - //\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, - \App\Http\Middleware\TrustProxies::class, + \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, ]; /** @@ -38,12 +38,8 @@ class Kernel extends HttpKernel ], 'api' => [ - 'throttle:240,1', - 'bindings', - ], - - 'basic' => [ - \App\Http\Middleware\AuthBasic::class, + 'throttle:60,1', + \Illuminate\Routing\Middleware\SubstituteBindings::class, ], ]; @@ -55,16 +51,32 @@ class Kernel extends HttpKernel * @var array */ protected $routeMiddleware = [ - 'auth' => \Illuminate\Auth\Middleware\Authenticate::class, + 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, + 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, + 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, - 'blockip' => \App\Http\Middleware\BlockIp::class, - 'oracle' => \App\Http\Middleware\Oracle::class, - 'InforAuth' => \App\Http\Middleware\InforAuth::class, - 'miller' => \App\Http\Middleware\Miller::class, + 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, + ]; + + /** + * The priority-sorted list of middleware. + * + * This forces non-global middleware to always be in the given order. + * + * @var array + */ + protected $middlewarePriority = [ + \Illuminate\Session\Middleware\StartSession::class, + \Illuminate\View\Middleware\ShareErrorsFromSession::class, + \App\Http\Middleware\Authenticate::class, + \Illuminate\Routing\Middleware\ThrottleRequests::class, + \Illuminate\Session\Middleware\AuthenticateSession::class, + \Illuminate\Routing\Middleware\SubstituteBindings::class, + \Illuminate\Auth\Middleware\Authorize::class, ]; -} +} \ No newline at end of file diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php new file mode 100644 index 0000000..704089a --- /dev/null +++ b/app/Http/Middleware/Authenticate.php @@ -0,0 +1,21 @@ +expectsJson()) { + return route('login'); + } + } +} diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php index 37aac4a..0f7cefa 100644 --- a/app/Providers/RouteServiceProvider.php +++ b/app/Providers/RouteServiceProvider.php @@ -16,6 +16,13 @@ class RouteServiceProvider extends ServiceProvider */ protected $namespace = 'App\Http\Controllers'; + /** + * The path to the "home" route for your application. + * + * @var string + */ + public const HOME = '/home'; + /** * Define your route model bindings, pattern filters, etc. * diff --git a/bootstrap/app.php b/bootstrap/app.php index f2801ad..037e17d 100644 --- a/bootstrap/app.php +++ b/bootstrap/app.php @@ -12,7 +12,7 @@ */ $app = new Illuminate\Foundation\Application( - realpath(__DIR__.'/../') + $_ENV['APP_BASE_PATH'] ?? dirname(__DIR__) ); /* diff --git a/composer.json b/composer.json index 5806a5a..2cd5e89 100644 --- a/composer.json +++ b/composer.json @@ -8,28 +8,26 @@ "license": "MIT", "type": "project", "require": { - "php": "^7.1.3", - "aws/aws-sdk-php-laravel": "^3.6", - "folklore/graphql": "~1.0.0", + "php": "^7.4|^8.0", + "aws/aws-sdk-php-laravel": "^3.7", "guzzlehttp/guzzle": "^6.3", - "laravel/framework": "5.8.*", - "laravel/passport": "~5.0", - "laravel/tinker": "~1.0", - "lcobucci/jwt": "3.3.3", - "orchestra/parser": "~3.0", + "laravel/framework": "^6.20", + "laravel/passport": "^9.4", + "laravel/tinker": "^2.5", + "lcobucci/jwt": "^4.1", + "orchestra/parser": "^4.0", "sentry/sentry-laravel": "2.13.0", "shiftonelabs/laravel-sqs-fifo-queue": "^2.0", - "spatie/array-to-xml": "2.3.0", - "symfony/psr-http-message-bridge": "^1.1", - "fideloper/proxy": "^4.0" + "spatie/array-to-xml": "^3.1", + "symfony/psr-http-message-bridge": "^2.1", + "fideloper/proxy": "^4.4" }, "require-dev": { - "fzaninotto/faker": "~1.4", "mockery/mockery": "~1.0", - "phpunit/phpunit": "^7.5", - "filp/whoops": "~2.0", + "phpunit/phpunit": "^8.5.8|^9.3.3", "nunomaduro/collision": "^3.0", - "beyondcode/laravel-dump-server": "^1.0" + "fakerphp/faker": "^1.9.1", + "facade/ignition": "^1.16.4" }, "autoload": { "classmap": [ diff --git a/config/app.php b/config/app.php index 04ef388..30a9bdb 100644 --- a/config/app.php +++ b/config/app.php @@ -176,7 +176,7 @@ /** * GraphQL */ - Folklore\GraphQL\ServiceProvider::class, + //Folklore\GraphQL\ServiceProvider::class, /* * Application Service Providers... @@ -189,7 +189,7 @@ App\Providers\RouteServiceProvider::class, //Sentry\Laravel\ServiceProvider::class, Sentry\Laravel\ServiceProvider::class, - // Sentry\SentryLaravel\SentryLaravelServiceProvider::class, + // Sentry\SentryLaravel\SentryLaravelServiceProvider::class, // Amazon SQS Aws\Laravel\AwsServiceProvider::class, // Amazon SQS FIFO diff --git a/config/auth.php b/config/auth.php index 7817501..aaf982b 100644 --- a/config/auth.php +++ b/config/auth.php @@ -44,6 +44,7 @@ 'api' => [ 'driver' => 'token', 'provider' => 'users', + 'hash' => false, ], ], @@ -96,7 +97,21 @@ 'provider' => 'users', 'table' => 'password_resets', 'expire' => 60, + 'throttle' => 60, ], ], + /* + |-------------------------------------------------------------------------- + | Password Confirmation Timeout + |-------------------------------------------------------------------------- + | + | Here you may define the amount of seconds before a password confirmation + | times out and the user is prompted to re-enter their password via the + | confirmation screen. By default, the timeout lasts for three hours. + | + */ + + 'password_timeout' => 10800, + ]; diff --git a/config/broadcasting.php b/config/broadcasting.php index 3ca45ea..3bba110 100644 --- a/config/broadcasting.php +++ b/config/broadcasting.php @@ -37,7 +37,7 @@ 'app_id' => env('PUSHER_APP_ID'), 'options' => [ 'cluster' => env('PUSHER_APP_CLUSTER'), - 'encrypted' => true, + 'useTLS' => true, ], ], diff --git a/config/database.php b/config/database.php index 921769c..b42d9b3 100644 --- a/config/database.php +++ b/config/database.php @@ -119,10 +119,10 @@ 'redis' => [ - 'client' => env('REDIS_CLIENT', 'predis'), + 'client' => env('REDIS_CLIENT', 'phpredis'), 'options' => [ - 'cluster' => env('REDIS_CLUSTER', 'predis'), + 'cluster' => env('REDIS_CLUSTER', 'redis'), 'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_database_'), ], @@ -130,16 +130,16 @@ 'url' => env('REDIS_URL'), 'host' => env('REDIS_HOST', '127.0.0.1'), 'password' => env('REDIS_PASSWORD', null), - 'port' => env('REDIS_PORT', 6379), - 'database' => env('REDIS_DB', 0), + 'port' => env('REDIS_PORT', '6379'), + 'database' => env('REDIS_DB', '0'), ], 'cache' => [ 'url' => env('REDIS_URL'), 'host' => env('REDIS_HOST', '127.0.0.1'), 'password' => env('REDIS_PASSWORD', null), - 'port' => env('REDIS_PORT', 6379), - 'database' => env('REDIS_CACHE_DB', 1), + 'port' => env('REDIS_PORT', '6379'), + 'database' => env('REDIS_CACHE_DB', '1'), ], ], diff --git a/config/filesystems.php b/config/filesystems.php index 77fa5de..220c010 100644 --- a/config/filesystems.php +++ b/config/filesystems.php @@ -37,7 +37,7 @@ | may even configure multiple disks of the same driver. Defaults have | been setup for each driver as an example of the required options. | - | Supported Drivers: "local", "ftp", "sftp", "s3", "rackspace" + | Supported Drivers: "local", "ftp", "sftp", "s3" | */ @@ -62,6 +62,7 @@ 'region' => env('AWS_DEFAULT_REGION'), 'bucket' => env('AWS_BUCKET'), 'url' => env('AWS_URL'), + 'endpoint' => env('AWS_ENDPOINT'), ], ], diff --git a/config/logging.php b/config/logging.php index d09cd7d..088c204 100644 --- a/config/logging.php +++ b/config/logging.php @@ -1,5 +1,6 @@ [ 'stack' => [ 'driver' => 'stack', - 'channels' => ['daily'], + 'channels' => ['single'], 'ignore_exceptions' => false, ], @@ -89,6 +90,15 @@ 'driver' => 'errorlog', 'level' => 'debug', ], + + 'null' => [ + 'driver' => 'monolog', + 'handler' => NullHandler::class, + ], + + 'emergency' => [ + 'path' => storage_path('logs/laravel.log'), + ], ], ]; diff --git a/config/mail.php b/config/mail.php index 6f8469f..3c65eb3 100644 --- a/config/mail.php +++ b/config/mail.php @@ -11,8 +11,8 @@ | sending of e-mail. You may specify which one you're using throughout | your application here. By default, Laravel is setup for SMTP mail. | - | Supported: "smtp", "sendmail", "mailgun", "mandrill", "ses", - | "sparkpost", "postmark", "log", "array" + | Supported: "smtp", "sendmail", "mailgun", "ses", + | "postmark", "log", "array" | */ diff --git a/config/queue.php b/config/queue.php index 07c7d2a..3a30d6c 100644 --- a/config/queue.php +++ b/config/queue.php @@ -80,6 +80,7 @@ */ 'failed' => [ + 'driver' => env('QUEUE_FAILED_DRIVER', 'database'), 'database' => env('DB_CONNECTION', 'mysql'), 'table' => 'failed_jobs', ], diff --git a/config/services.php b/config/services.php index 8ce6cc6..2a1d616 100644 --- a/config/services.php +++ b/config/services.php @@ -8,7 +8,7 @@ |-------------------------------------------------------------------------- | | This file is for storing the credentials for third party services such - | as Mailgun, SparkPost and others. This file provides a sane default + | as Mailgun, Postmark, AWS and more. This file provides the de facto | location for this type of information, allowing packages to have | a conventional file to locate the various service credentials. | @@ -30,8 +30,4 @@ 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), ], - 'sparkpost' => [ - 'secret' => env('SPARKPOST_SECRET'), - ], - ]; diff --git a/resources/lang/en/passwords.php b/resources/lang/en/passwords.php index e5544d2..724de4b 100644 --- a/resources/lang/en/passwords.php +++ b/resources/lang/en/passwords.php @@ -13,9 +13,9 @@ | */ - 'password' => 'Passwords must be at least six characters and match the confirmation.', 'reset' => 'Your password has been reset!', 'sent' => 'We have e-mailed your password reset link!', + 'throttled' => 'Please wait before retrying.', 'token' => 'This password reset token is invalid.', 'user' => "We can't find a user with that e-mail address.", diff --git a/resources/lang/en/validation.php b/resources/lang/en/validation.php index e1d879f..a65914f 100644 --- a/resources/lang/en/validation.php +++ b/resources/lang/en/validation.php @@ -40,7 +40,7 @@ 'dimensions' => 'The :attribute has invalid image dimensions.', 'distinct' => 'The :attribute field has a duplicate value.', 'email' => 'The :attribute must be a valid email address.', - 'ends_with' => 'The :attribute must end with one of the following: :values', + 'ends_with' => 'The :attribute must end with one of the following: :values.', 'exists' => 'The selected :attribute is invalid.', 'file' => 'The :attribute must be a file.', 'filled' => 'The :attribute field must have a value.', @@ -93,6 +93,7 @@ 'not_in' => 'The selected :attribute is invalid.', 'not_regex' => 'The :attribute format is invalid.', 'numeric' => 'The :attribute must be a number.', + 'password' => 'The password is incorrect.', 'present' => 'The :attribute field must be present.', 'regex' => 'The :attribute format is invalid.', 'required' => 'The :attribute field is required.', @@ -109,7 +110,7 @@ 'string' => 'The :attribute must be :size characters.', 'array' => 'The :attribute must contain :size items.', ], - 'starts_with' => 'The :attribute must start with one of the following: :values', + 'starts_with' => 'The :attribute must start with one of the following: :values.', 'string' => 'The :attribute must be a string.', 'timezone' => 'The :attribute must be a valid zone.', 'unique' => 'The :attribute has already been taken.',