From 67f9fd5bc4f43168058779037bf6af9237399920 Mon Sep 17 00:00:00 2001 From: TerryKern <56536101+TerryKern@users.noreply.github.com> Date: Wed, 14 Sep 2022 15:27:56 +0200 Subject: [PATCH 01/71] Return request path part only instead of full URL Resolves #1002 --- .../UnauthorizedHandler/DefaultRedirectHandler.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php index 5681be54c..01c3bf2ef 100644 --- a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php +++ b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php @@ -78,7 +78,13 @@ protected function getUrl(ServerRequestInterface $request, array $options): stri } if ($options['queryParam'] !== null) { - $url['?'][$options['queryParam']] = (string)$request->getUri(); + $redirectUri = $request->getUri(); + $redirect = $redirectUri->getPath(); + if ($redirectUri->getQuery()) { + $redirect .= '?' . $redirectUri->getQuery(); + } + + $url['?'][$options['queryParam']] = $redirect; } return Router::url($url); From ad79f1abb3f29b0d7acc8ce45746cf49b5f0704a Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Fri, 9 Dec 2022 15:41:35 +0100 Subject: [PATCH 02/71] add config option to include Unauthorized Url in returned Flash Message --- config/users.php | 1 + .../UnauthorizedHandler/DefaultRedirectHandler.php | 9 ++++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/config/users.php b/config/users.php index ebb64c76e..e1cf234d2 100644 --- a/config/users.php +++ b/config/users.php @@ -224,6 +224,7 @@ 'AuthorizationMiddleware' => [ 'unauthorizedHandler' => [ 'className' => 'CakeDC/Users.DefaultRedirect', + 'addUnauthorizedUrlinFlashMessage' => true, ], ], 'AuthorizationComponent' => [ diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php index 709a3fe43..837184e89 100644 --- a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php +++ b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php @@ -17,6 +17,7 @@ use Authorization\Exception\ForbiddenException; use Authorization\Exception\MissingIdentityException; use Authorization\Middleware\UnauthorizedHandler\CakeRedirectHandler; +use Cake\Core\Configure; use Cake\Http\ServerRequest; use Cake\Http\Session; use Cake\Routing\Router; @@ -57,6 +58,7 @@ public function handle(Exception $exception, ServerRequestInterface $request, ar $response = parent::handle($exception, $request, $options); $session = $request->getAttribute('session'); if ($session instanceof Session) { + $options['request'] = $request; $this->addFlashMessage($session, $options); } @@ -108,8 +110,13 @@ protected function createFlashMessage($options): array { $message = (array)($options['flash'] ?? []); + $unauthorizedUrl = ''; + if (Configure::read('Auth.AuthorizationMiddleware.unauthorizedHandler.addUnauthorizedUrlinFlashMessage')){ + $unauthorizedUrl = __d('cake_d_c/users', 'Location = ') . (string)$options['request']->getUri(); + } + return $message + [ - 'message' => __d('cake_d_c/users', 'You are not authorized to access that location.'), + 'message' => __d('cake_d_c/users', 'You are not authorized to access that location.') . $unauthorizedUrl, 'key' => 'flash', 'element' => 'flash/error', 'params' => [], From 1cc45a23340ea2482952267d692710e4bcbfb595 Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Fri, 16 Dec 2022 11:48:48 +0100 Subject: [PATCH 03/71] use debug config instead if add new configuration --- config/users.php | 1 - src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/config/users.php b/config/users.php index e1cf234d2..ebb64c76e 100644 --- a/config/users.php +++ b/config/users.php @@ -224,7 +224,6 @@ 'AuthorizationMiddleware' => [ 'unauthorizedHandler' => [ 'className' => 'CakeDC/Users.DefaultRedirect', - 'addUnauthorizedUrlinFlashMessage' => true, ], ], 'AuthorizationComponent' => [ diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php index 837184e89..0be13c717 100644 --- a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php +++ b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php @@ -111,7 +111,7 @@ protected function createFlashMessage($options): array $message = (array)($options['flash'] ?? []); $unauthorizedUrl = ''; - if (Configure::read('Auth.AuthorizationMiddleware.unauthorizedHandler.addUnauthorizedUrlinFlashMessage')){ + if (Configure::read('debug')) { $unauthorizedUrl = __d('cake_d_c/users', 'Location = ') . (string)$options['request']->getUri(); } From 6c9877e462aad96a7cdd67c1fb58ac2ca2e297d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20W=C3=BCrth?= Date: Tue, 13 Dec 2022 17:45:43 +0100 Subject: [PATCH 04/71] Add changes of 11.2.0 release --- CHANGELOG.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 216b9e3fe..9461dd5c3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,12 @@ Changelog ========= - -Releases for CakePHP 4 +Releases for CakePHP 4.3 ------------- +* 11.2.0 + * Feature/microsoft login by @arodu in #1000 + * add more events into login component (before login, after login failure) by @rochamarcelo in #1007 + * 11.1.0 * German (de) by @LordSimal * Fixed labels not using the right translation domain @@ -12,6 +15,8 @@ Releases for CakePHP 4 * Switched tests to new cakephp schema * Update to PHPUnit 9.5 +Releases for CakePHP 4 +------------- * 9.2.0 * Switch to github actions * New event AfterEmailTokenValidation From 1de0ebe5e2812d7b630febfeb89ce483cd69d2ce Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Fri, 16 Dec 2022 12:58:51 +0100 Subject: [PATCH 05/71] add test testRedirectToLoginDebug to check location returned in message --- .../UnauthorizedHandler/DefaultRedirectHandler.php | 2 +- .../Traits/Integration/LoginTraitIntegrationTest.php | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php index 0be13c717..2dfd8325b 100644 --- a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php +++ b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php @@ -113,7 +113,7 @@ protected function createFlashMessage($options): array $unauthorizedUrl = ''; if (Configure::read('debug')) { $unauthorizedUrl = __d('cake_d_c/users', 'Location = ') . (string)$options['request']->getUri(); - } + }; return $message + [ 'message' => __d('cake_d_c/users', 'You are not authorized to access that location.') . $unauthorizedUrl, diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 9bf8d74d4..7bcc7e6da 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -54,12 +54,24 @@ public function loginAsUserId($id) */ public function testRedirectToLogin() { + Configure::write('debug',false); $this->enableRetainFlashMessages(); $this->get('/pages/home'); + $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fpages%2Fhome'); $this->assertFlashMessage('You are not authorized to access that location.'); } + public function testRedirectToLoginDebug() + { + Configure::write('debug',true); + $this->enableRetainFlashMessages(); + $this->get('/pages/home'); + + $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fpages%2Fhome'); + $this->assertFlashMessage('You are not authorized to access that location.Location = http://localhost/pages/home'); + } + /** * Test login action with get request * From 8356102dc75b3cab6e45389da7c7bd8e6fbc681b Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Fri, 16 Dec 2022 14:49:22 +0100 Subject: [PATCH 06/71] fix cs errors --- src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php | 2 +- .../Traits/Integration/LoginTraitIntegrationTest.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php index 2dfd8325b..0be13c717 100644 --- a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php +++ b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php @@ -113,7 +113,7 @@ protected function createFlashMessage($options): array $unauthorizedUrl = ''; if (Configure::read('debug')) { $unauthorizedUrl = __d('cake_d_c/users', 'Location = ') . (string)$options['request']->getUri(); - }; + } return $message + [ 'message' => __d('cake_d_c/users', 'You are not authorized to access that location.') . $unauthorizedUrl, diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 7bcc7e6da..5d597cb85 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -54,7 +54,7 @@ public function loginAsUserId($id) */ public function testRedirectToLogin() { - Configure::write('debug',false); + Configure::write('debug', false); $this->enableRetainFlashMessages(); $this->get('/pages/home'); @@ -64,7 +64,7 @@ public function testRedirectToLogin() public function testRedirectToLoginDebug() { - Configure::write('debug',true); + Configure::write('debug', true); $this->enableRetainFlashMessages(); $this->get('/pages/home'); From de82309aac85e78c4492acd6514c0437ef4df328 Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 13:39:00 -0300 Subject: [PATCH 07/71] Deprecate U2F --- src/Controller/Traits/U2fTrait.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/Controller/Traits/U2fTrait.php b/src/Controller/Traits/U2fTrait.php index a469a9ce8..7a1ca0e8b 100644 --- a/src/Controller/Traits/U2fTrait.php +++ b/src/Controller/Traits/U2fTrait.php @@ -23,6 +23,7 @@ * * @package App\Controller\Traits * @mixin \Cake\Controller\Controller + * @deprecated U2F is no longer supported by chrome, use Webauthn instead. */ trait U2fTrait { @@ -49,6 +50,7 @@ public function redirectWithQuery($url) */ public function u2f() { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); $data = $this->getU2fData(); if (!$data['valid']) { return $this->redirectWithQuery([ @@ -74,6 +76,7 @@ public function u2f() */ public function u2fRegister() { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); $data = $this->getU2fData(); if (!$data['valid']) { return $this->redirectWithQuery([ @@ -101,6 +104,7 @@ public function u2fRegister() */ public function u2fRegisterFinish() { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); $data = $this->getU2fData(); $request = json_decode($this->getRequest()->getSession()->read('U2f.registerRequest')); $response = json_decode($this->getRequest()->getData('registerResponse')); @@ -131,6 +135,7 @@ public function u2fRegisterFinish() */ public function u2fAuthenticate() { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); $data = $this->getU2fData(); if (!$data['valid']) { return $this->redirectWithQuery([ @@ -157,6 +162,7 @@ public function u2fAuthenticate() */ public function u2fAuthenticateFinish() { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); $data = $this->getU2fData(); $request = json_decode($this->getRequest()->getSession()->read('U2f.authenticateRequest')); $response = json_decode($this->getRequest()->getData('authenticateResponse')); From 776d541dd90522ca78f3cf46411ab95f1628c3da Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 13:43:03 -0300 Subject: [PATCH 08/71] Deprecate U2F --- .semver | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.semver b/.semver index 9e5aa43c9..97e89033b 100644 --- a/.semver +++ b/.semver @@ -1,5 +1,5 @@ --- :major: 11 -:minor: 2 +:minor: 3 :patch: 0 :special: '' From ff149d5aa205b621dde4ab4c578f2d695a85ed9d Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 13:46:57 -0300 Subject: [PATCH 09/71] Deprecate U2F --- src/Loader/AuthenticationServiceLoader.php | 6 +++++- src/Loader/MiddlewareQueueLoader.php | 7 ++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index c4d2b6958..f6b34f71c 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -82,9 +82,13 @@ protected function loadAuthenticators($service) */ protected function loadTwoFactorAuthenticator($service) { + $u2fEnabled = Configure::read('U2f.enabled') !== false; + if ($u2fEnabled) { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + } if ( Configure::read('OneTimePasswordAuthenticator.login') !== false - || Configure::read('U2f.enabled') !== false + || $u2fEnabled ) { $service->loadAuthenticator('CakeDC/Auth.TwoFactor', [ 'skipTwoFactorVerify' => true, diff --git a/src/Loader/MiddlewareQueueLoader.php b/src/Loader/MiddlewareQueueLoader.php index cb140d87c..76c1fd42a 100644 --- a/src/Loader/MiddlewareQueueLoader.php +++ b/src/Loader/MiddlewareQueueLoader.php @@ -95,9 +95,14 @@ protected function loadAuthenticationMiddleware( */ protected function load2faMiddleware(MiddlewareQueue $middlewareQueue) { + $u2fEnabled = Configure::read('U2f.enabled') !== false; + if ($u2fEnabled) { + trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + } + if ( Configure::read('OneTimePasswordAuthenticator.login') !== false - || Configure::read('U2f.enabled') !== false + || $u2fEnabled ) { $middlewareQueue->add(TwoFactorMiddleware::class); } From 1f7c3a1161a5d67d38ac9be77b727ef1a8602952 Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 13:55:15 -0300 Subject: [PATCH 10/71] Deprecate U2F --- src/Controller/Traits/U2fTrait.php | 11 ++++++----- src/Loader/AuthenticationServiceLoader.php | 3 ++- src/Loader/MiddlewareQueueLoader.php | 3 ++- src/Plugin.php | 2 ++ 4 files changed, 12 insertions(+), 7 deletions(-) diff --git a/src/Controller/Traits/U2fTrait.php b/src/Controller/Traits/U2fTrait.php index 7a1ca0e8b..f0bc41a22 100644 --- a/src/Controller/Traits/U2fTrait.php +++ b/src/Controller/Traits/U2fTrait.php @@ -16,6 +16,7 @@ use CakeDC\Auth\Authentication\AuthenticationService; use CakeDC\Auth\Authentication\U2fAuthenticationCheckerFactory; use CakeDC\Auth\Authenticator\TwoFactorAuthenticator; +use CakeDC\Users\Plugin; use u2flib_server\U2F; /** @@ -50,7 +51,7 @@ public function redirectWithQuery($url) */ public function u2f() { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); $data = $this->getU2fData(); if (!$data['valid']) { return $this->redirectWithQuery([ @@ -76,7 +77,7 @@ public function u2f() */ public function u2fRegister() { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); $data = $this->getU2fData(); if (!$data['valid']) { return $this->redirectWithQuery([ @@ -104,7 +105,7 @@ public function u2fRegister() */ public function u2fRegisterFinish() { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); $data = $this->getU2fData(); $request = json_decode($this->getRequest()->getSession()->read('U2f.registerRequest')); $response = json_decode($this->getRequest()->getData('registerResponse')); @@ -135,7 +136,7 @@ public function u2fRegisterFinish() */ public function u2fAuthenticate() { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); $data = $this->getU2fData(); if (!$data['valid']) { return $this->redirectWithQuery([ @@ -162,7 +163,7 @@ public function u2fAuthenticate() */ public function u2fAuthenticateFinish() { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); $data = $this->getU2fData(); $request = json_decode($this->getRequest()->getSession()->read('U2f.authenticateRequest')); $response = json_decode($this->getRequest()->getData('authenticateResponse')); diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index f6b34f71c..90a911810 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -15,6 +15,7 @@ use Cake\Core\Configure; use CakeDC\Auth\Authentication\AuthenticationService; +use CakeDC\Users\Plugin; use Psr\Http\Message\ServerRequestInterface; /** @@ -84,7 +85,7 @@ protected function loadTwoFactorAuthenticator($service) { $u2fEnabled = Configure::read('U2f.enabled') !== false; if ($u2fEnabled) { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); } if ( Configure::read('OneTimePasswordAuthenticator.login') !== false diff --git a/src/Loader/MiddlewareQueueLoader.php b/src/Loader/MiddlewareQueueLoader.php index 76c1fd42a..f762caa70 100644 --- a/src/Loader/MiddlewareQueueLoader.php +++ b/src/Loader/MiddlewareQueueLoader.php @@ -23,6 +23,7 @@ use CakeDC\Auth\Middleware\TwoFactorMiddleware; use CakeDC\Users\Middleware\SocialAuthMiddleware; use CakeDC\Users\Middleware\SocialEmailMiddleware; +use CakeDC\Users\Plugin; /** * Class MiddlewareQueueLoader @@ -97,7 +98,7 @@ protected function load2faMiddleware(MiddlewareQueue $middlewareQueue) { $u2fEnabled = Configure::read('U2f.enabled') !== false; if ($u2fEnabled) { - trigger_error('U2F is no longer supported by chrome, use Webauthn instead.', E_USER_DEPRECATED); + trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); } if ( diff --git a/src/Plugin.php b/src/Plugin.php index 1a6056f78..1b9d08ece 100644 --- a/src/Plugin.php +++ b/src/Plugin.php @@ -45,6 +45,8 @@ class Plugin extends BasePlugin public const EVENT_AFTER_RESEND_TOKEN_VALIDATION = 'Users.Global.afterResendTokenValidation'; public const EVENT_AFTER_EMAIL_TOKEN_VALIDATION = 'Users.Global.afterEmailTokenValidation'; + public const DEPRECATED_MESSAGE_U2F = 'U2F is no longer supported by chrome, we suggest using Webauthn as a replacement'; + /** * @inheritDoc */ From dd8b16ab2cbe2177ff41d505c45a8a3c711da0a4 Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 13:57:14 -0300 Subject: [PATCH 11/71] Deprecate U2F --- Docs/Documentation/Yubico-U2F.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Docs/Documentation/Yubico-U2F.md b/Docs/Documentation/Yubico-U2F.md index 73511f16c..fa2205703 100644 --- a/Docs/Documentation/Yubico-U2F.md +++ b/Docs/Documentation/Yubico-U2F.md @@ -1,8 +1,7 @@ YubicoKey U2F ============= -The plugin offers an easy way to integrate U2F in the users login flow -of your application. +**U2F is no longer supported by chrome, we suggest using Webauthn as a replacement** Enabling -------- From 9f8b521d7d55014fea74d964882ccc5119381dc4 Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 14:01:46 -0300 Subject: [PATCH 12/71] Correcly load classed for webauthn --- src/Loader/AuthenticationServiceLoader.php | 1 + src/Loader/MiddlewareQueueLoader.php | 1 + 2 files changed, 2 insertions(+) diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index c4d2b6958..8c3bd4c28 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -84,6 +84,7 @@ protected function loadTwoFactorAuthenticator($service) { if ( Configure::read('OneTimePasswordAuthenticator.login') !== false + || Configure::read('Webauthn2fa.enabled') !== false || Configure::read('U2f.enabled') !== false ) { $service->loadAuthenticator('CakeDC/Auth.TwoFactor', [ diff --git a/src/Loader/MiddlewareQueueLoader.php b/src/Loader/MiddlewareQueueLoader.php index cb140d87c..0771b976d 100644 --- a/src/Loader/MiddlewareQueueLoader.php +++ b/src/Loader/MiddlewareQueueLoader.php @@ -97,6 +97,7 @@ protected function load2faMiddleware(MiddlewareQueue $middlewareQueue) { if ( Configure::read('OneTimePasswordAuthenticator.login') !== false + || Configure::read('Webauthn2fa.enabled') !== false || Configure::read('U2f.enabled') !== false ) { $middlewareQueue->add(TwoFactorMiddleware::class); From 04b57c3a9bb7db1c69b89c29049fe477b27d955f Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 14:04:42 -0300 Subject: [PATCH 13/71] fixing unit tests --- tests/TestCase/Provider/AuthenticationServiceProviderTest.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php index 710402173..2bc946cb4 100644 --- a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php +++ b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php @@ -94,6 +94,7 @@ public function testGetAuthenticationService() 'identify' => true, 'identityAttribute' => 'identity', 'skipTwoFactorVerify' => true, + 'impersonateSessionKey' => 'AuthImpersonate', ], FormAuthenticator::class => [ 'loginUrl' => '/login', @@ -227,6 +228,7 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator( 'identify' => true, 'identityAttribute' => 'identity', 'skipTwoFactorVerify' => true, + 'impersonateSessionKey' => 'AuthImpersonate', ], FormAuthenticator::class => [ 'loginUrl' => '/login', From 687034558f24a238d47db195ce894d2b8179f1c7 Mon Sep 17 00:00:00 2001 From: Marcelo Rocha Date: Mon, 16 Jan 2023 14:10:14 -0300 Subject: [PATCH 14/71] Don't check config from specific cakephp versions --- .../Provider/AuthenticationServiceProviderTest.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php index 2bc946cb4..a3ed282bf 100644 --- a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php +++ b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php @@ -94,7 +94,6 @@ public function testGetAuthenticationService() 'identify' => true, 'identityAttribute' => 'identity', 'skipTwoFactorVerify' => true, - 'impersonateSessionKey' => 'AuthImpersonate', ], FormAuthenticator::class => [ 'loginUrl' => '/login', @@ -115,7 +114,9 @@ public function testGetAuthenticationService() ]; $actual = []; foreach ($authenticators as $key => $value) { - $actual[get_class($value)] = $value->getConfig(); + $config = $value->getConfig(); + unset($config['impersonateSessionKey']); + $actual[get_class($value)] = $config; } $this->assertEquals($expected, $actual); @@ -145,7 +146,9 @@ public function testGetAuthenticationService() ]; $actual = []; foreach ($identifiers as $key => $value) { - $actual[get_class($value)] = $value->getConfig(); + $config = $value->getConfig(); + unset($config['impersonateSessionKey'], $config['hashAlgorithm']); + $actual[get_class($value)] = $config; } $this->assertEquals($expected, $actual); } @@ -228,7 +231,6 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator( 'identify' => true, 'identityAttribute' => 'identity', 'skipTwoFactorVerify' => true, - 'impersonateSessionKey' => 'AuthImpersonate', ], FormAuthenticator::class => [ 'loginUrl' => '/login', @@ -244,7 +246,9 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator( ]; $actual = []; foreach ($authenticators as $key => $value) { - $actual[get_class($value)] = $value->getConfig(); + $config = $value->getConfig(); + unset($config['impersonateSessionKey']); + $actual[get_class($value)] = $config; } $this->assertEquals($expected, $actual); } From 35606ba8dd800b5962c3944a64a1efbaa2ffe4ea Mon Sep 17 00:00:00 2001 From: Mapiiik Date: Mon, 23 Jan 2023 11:06:25 +0100 Subject: [PATCH 15/71] Added Czech translation --- resources/locales/cs_CZ/users.mo | Bin 0 -> 17436 bytes resources/locales/cs_CZ/users.po | 913 +++++++++++++++++++++++++++++++ 2 files changed, 913 insertions(+) create mode 100644 resources/locales/cs_CZ/users.mo create mode 100644 resources/locales/cs_CZ/users.po diff --git a/resources/locales/cs_CZ/users.mo b/resources/locales/cs_CZ/users.mo new file mode 100644 index 0000000000000000000000000000000000000000..08ea6a3824c7f7216e58a0edd7583e80504c9a8a GIT binary patch literal 17436 zcmb`N36x}2dB-2hA|nPtKtRFACLq&23nXB}42(T9&@jw2Gd&HAD88 z)liMN5Q!TDK_dvnWz-~&+F;a(L1$d5J1*!^PF#|6j3#OplbGX4B**21li&Z|`(7=*YAGY{qBA9-Qy2`yT|V_==o6nNY6X=FwgtSF)H=EXB_8wSA$1`M}rgK zN#M)DQ@{pzI(Rp@7JSIPe-Av0_a{NMJMwtXI~DZ77l4<7$AT|)SOS^ayA^x}csn=@ zz6Jap@KI3ne+g9ozXo3j{ug)=cN9 zkDd;RaBqwiVR8yTE6GAt=44p!mHVRR1@F>c0TW?mpr0 zo8W1@{}hy69FGt+&WpkA;FaLz;Jx7W;J3gRgTol5>|++BtM^t=diW41xqcQr1N@e& z{~4%xjzh^T(OUzKfLDU&g13X`fFA^31b!XV_`d|j_c=J3<{1X{ekC{rj)OGuUJXiK z4}g;Aeo*r)fIhecN-qBdUI0D;N}!7!TTmCJ^log z{C@%R&pQgCivM#!*~2xU?C7N+|Ga(t5q}>BW$zyYwT?wl<9!vB-FzFo6#ONqbzO|p zVq)GdQ0tikHP7v!{Otpv`2990{(cII?_+)2?>vW>gR-khQ2MtObo-fa*66GNm^QYCUgu@9zM` z_oJZr_=+q4DJVUkbhg#&^T3brejX@0`CHJ$bA-R1_X$wtZ*cessP+FdD197>Gi?UX z0&f6k!R_GZK&|iDOnx}H5ftB};3jYzcocXSDE;3H(#88Im>dQlpyJNh`Bt9yf|BD0 z9kxO7@f~n2_)8Fz@K)ngnr|B@xm*WIPARDMyakl}4>|lQD89Y}O78y%ioc(MviA{` zAbs8dQsk9E&2t~9@g8yY{|ZX}PdYpXqZ;P@R1lGRW9~f$We4wcxB#l(K~VPh7?Ux0|l`v-6pcr=s9&rSeQt#=N1G&lw-PVE9wl{X6>1>OZ}o%e!A zf(Jmg`v|E1OQ7`eBT#ZX0_FSQX`t+LBlt}4Mo|4iP~*%yd>tscyb+XKKLtJwTm&`$ z7r+MiHSij63(6D!_kfb~dqJ)L6QJVn_dx0W6oQQAUGH!scm(fPgU5j5pw{&=@OQwf zD}N0rx!nnhpHG6vf}aC5-s9l2!M}6m|KZ-B1SQ8~Sq!G-odRmUQBd+91I6bnK@&$o zpZ7;V>E&<03GfHtR`8Mw*~`J#fIGmWFS7n|BPhRq1E@IlF8BU%5Ei`0Kk_-JQBeN42PBkvH-nPv?V$91rz?LC z==0tNj{|=Q^3VHk{;1y?j6wFZ6FeE*18SVqmEQ)+U+(}f2j2&Z{~v&Af5eEz(?RL& zVh~onSAf$0JHS)H1EB0<(cw416M6q3DEHiW?a@Y;3{x(p0xEI_6 zei;Pts)p%EcSAp~3>0ldF9QwX1 zKk_BWg!dib%fUn7CE#hJ)*dE7+4IZ6ZQz_Me+1MzJ_Bl=?}LYd`n}A8S>LVhSvH~H z??bnkC;R71?pZ$jdH4K5@Ga0AAjw90dI9uV=p;z|Wzk>Ea zXFz`r-3;ls89E=5ZLnmo2z?ULkENKO>{2$N-^0)!m?vUASb-3I{`)Xb?}DTg{Q_tS zlFv&{vW-_le+1nF-3GlGnugv1-2nXwq+bEr4IQZ$evd*gg`}U4K?y{-GInqu_(n)J z_8_F+0~SnN)8kE$uLt+L6vW)UFF>z$Wf^RD5AvNYP!;;PD|`ZX;W+g{*VKCB<^WcDxFR$T>Mzq7lZ$KCUr zz)jHI&_`X_=NxA68Xn#XDIOgIJp!E$)u0og_dxnx0NrSw>>v5_JE6lN!oRl{T7**Q zRnQnT54{h%6VmS>^fc&V=!D9U@}uWNE$Ck8ZP16HRnS&QaqiEc5lFuY3*LLd z)1a%NyIh%IUDxwN?pZ#s-x}zC=o099=rfRhuY>*&`b+53kbbvY@cz`{q{F9!yPzxG zyWorN`I%q?`T(>Oil9$GXF>0W^g9_k$~=)@fg7RK(0=G6P#N+rORGWb7s^4JZa8zM z+^Wt-g(UX#r=fB(GZe*V`avxUhGwH;F^o5yS+6z1GdEtgMx8hMlVL5IZh4!=$NYLy z3S)0mp%7N<{=|-5K7$pbdX&WJVLn6Qfs(|Q!o_|-rRTB%trOhdIt!G<%#;+gb0lTJu6sClDi zVt*WC+MCph*?YC`U5X2GZl%g)@^>StWi2U(X2QXZB%A=lK=wvz=cax(pC6^hmV$CQ z*^8BpCh>GstK{`6h{HnN-y79ujf`9Yvg<0!Op;Yd*)kVv53BuZISkU!uh&|BFcU=a zFhgd|rz7mq2nn?ZT@?{7RL5bYjoh}DkJZ(qT1yIH#+0)-$HTBc-p4~%KdZ7UlVk=F zZfYPSCN2c^1XbmHHjVcVnjbHfbB;D@H9B_0wmA%Npuvu_*%*^&!5X-GUZ%b+1O`uk zY_lzLUC;c@BSd&hl-5&M*b^MIw3zPdM3BjZPT1%wSG=h9w8Yk=k~pY@uCJQ+Mh7#d z^_i_vST34Je@m^F$dlIH=538?Y2DwhG3=umZjhLryX+0po+*5z81Jgc7~NRW8?%#m zW78(8m7}}jg6`3n$V4A)|b}9s+gc5VF@p-5Tv8gil4&_ zW&&*H5BYm791W^)!_Z#@kc*1S#?*RBJ8?x-c6SY)NSRQ$-1( zCvJo`ux3KDj)0F6-%=J}hqK*{S^nSp|7LChcX>QBllJWC(ox3OZ#HgMPv>a^Lxj=s za5e|g2pI->uw7OmgIZQ->}pwQX3BVcmKeE}WV2)~`npP&N=Py_^)lB{%u3~&FdJI- zV8We^Gfy#O-b0C8f4eBgw(u0H>Os|x)gopU62BC-GDfl>Ve7NBZ7L*sh04+JX>Yui z5YOr@U-4krWWEaJemZO1f*qt7vUlU>v~03j*SwwKG?`yq2>n73Yg3_7OeRT%!l7wl zAN)|;gf((PuN=E8TZ&wm&$=n#7-@E`WM^1Tf+8bV!pan;z$UX(dtK3=wCS?qopB3O zUiSwY)r3h2)v@l6XX%%H%_NIrl*;w&otgYJzq5U7vy$mPsV-mYOIIYy6 zKl2{Yt{DYAD>fp_r!h(QPQ1d?pFC=5c3G4SRI0L1yP}y`p z3DWM849S~7{)N7D%`YaQ&4Vied$MVh3vYl8%!Dzg5E8!usinp@EcD1C4VrjMUYBLv z$`Qj(v6dy@F$cKePB~uatIi%nioIr)51O^o2(IM{{HbLRd#<^eaam=DcU9$kUw@yx zB5Thg$ptv9@=yz3*@$Wqf$=)?*WYqWm9o^9i=59&{K!iru*;AHuDm9+kN+B48*i5Brg?2)zmIO z63=S2Y%jv8RIcPQi9^$6mffR!xbB;}{G{u0H%(D#aDvl2$2P4iM@6`PN-^y z*hzNMFbAlX*o)$+8iw+ufn!A;*BWY(_+@+aeVT|ao!g9l>+~=3U`>LE6m^FIIM4^OFYvEX2PL~FsS6y zUWPd8gwZPsM6+UHnBdZBI^q}7n@9Jox_0c^Eggo}4X<4_N-s9op$V=wM*KPwU&HNB z6knp)G_~MVb-+lBuY^im+J=%0pX;8R>{0SIuj>;lfL~ zyj0DG^WqH~*7=wFYkjIWZdmWX@P&SS*@lZKT1V0P^DkX>!_bvBDU=+>lTded7Y?r< zUcc(M^8H{(bMe8Y`$=(a=2T1OXIV^p!RL#DH%`r5MZR85ik0?4Tx#jV!sTB3fyI3s zQRbqhL;h5&>?dXvzCO5$IHWZ3E6LKKxP8D?Gf8)~9|z@do}kSQgg+k?ne`wsMdu=p z97DRi7|uFqj`pKz6<+tpiw}0@+f*uWonO+8C?~{H5|?W219kYHP5j2vA#+j6>BO{X z%yE63Mhs+_pJ)5(DX+5H*>ZdT(*95aD4Dym_WrV7()L0<^3?^qZEzdsrtE(;1Jc2W zjsrqB6Ov}Jy-T2({eKCEwDqfmGYTFqBHkcu^lqrTdo zFR^E`BU4;UFr$h;kKh`^+*x*dXn1SG zS9zY>fuvLm7Wb*CSr7+sYu*(zdOfTR`+Ekn+s|#{v_I$q#LZ@7!c&OAn{3sa$koNyD%HKIudZLWz*ytZU?lD z^Ch_ZNjqS_PumU4&S^*Kc8z>Q+aU9ar9$(CK7qi+s* zY%cpv87c?H2D>JH*D@h7@bMDO_s^?k#{D^5&?X1Uv{|@_@#1KWfP!9%>SMt+$bb*4PYHQvl9Mqh)a-c zoRk8Mal4>=?c#$h1_v@5srgQ%(87?-GC?6GNGXbRzABN+rKJ|hGbhb*7A3>V(!*>n zb`ZWJF~mVWxR@{NYRUhbVY_q}8`>WHMt=V&2K}+k9bvez;kug>h*^4QHlYIPEsATf z>cxHS1@kePyQ9XO4j}{;SL?C`7w_RgJDoKbZ-?D?DKG{%*pzLnJf*hVx>z;QqstKb za>pz|a|ee(Jytw-br`cYrp|*x@1S-oreXscr*&CM92M$KZRJ)h4ZC7vAemd3v)N8| z8T%zFi^}#am0NG7uzWYd5Y3q{MSRtyk|2BYNyr`h+)&{?%w9b2TP5)NGIQhTY+(60zy(GaJCm1z*&SY)pCi@(k6U1xWV$8k*faJIzwPGSeE?sxhqu z^MnEwtiXQ8f?6u|&fd-PNR%fM9r!RalXh}Yjyc*`vGTo~WK+?~`E;{Ytu5_m>HQVP z=4@?P4xCc@7&1PNJp22`J%LUc)qIg%ep$O;bMlTsa&PAvDzoX3&Qbh3}$*pd%!%i{nknlE9vTshy1%(t+v zHTQa%i4H-%d!Ap<&AJ$~j?;ZfH~5OK!>=UZGC_R8X2QL-MSH3@`*weQ&wR`HaE@gT zk|upNMpa<5Zskhsi5~LEr;x3xSD3LYck8gxRcQ5+-vs0<>~6x)iOr70L>#)4Ffm|I zb9WHpu*<=K_S#LkA=ZCu?*0tt?Jy?gQiM|bW5wkqb~<}}J=h)V%+-WzZz66p;Hbo1 zm^%qGs=XVt*&F{g(R`Nh_L$Q=5oVGr3gwaZ$OL2p$1o!t5_!Hc`ggv3)=S= z_-`h47Ox9HahUDL_R5YW>0WS-Fkr8ZxfAc){g?wYVQQZ5j#&;{=Gd$NFsroKo}6uB zO>V2JU0s@Vx98KRvfxgL?}}=x^~q0)*G8C_n*&m%fh=UT<;dmQl3*5JSypCm%BkuN zZ&K#x)@tG`{|C$jc>WK$6gqFsykeR>)y-tj^(cnZbtB_$?Xfg0&U$;sP~Yy9N@i9{ zt5Ii-+emIY8nCjozYfSDlTs^g;Rd>mm7$q)1^z}0K1uwRhQG#cnL0G-5S5)I5Px|# zCr?PKNMOS*!w=C Z<@}gpQbuJ%`K44Q@MRVtC-2vl_rG2@ve^It literal 0 HcmV?d00001 diff --git a/resources/locales/cs_CZ/users.po b/resources/locales/cs_CZ/users.po new file mode 100644 index 000000000..a7a2bb28d --- /dev/null +++ b/resources/locales/cs_CZ/users.po @@ -0,0 +1,913 @@ +# LANGUAGE translation of CakePHP Application +# Copyright YEAR NAME +# +msgid "" +msgstr "" +"Project-Id-Version: CakeDC Users\n" +"POT-Creation-Date: 2022-03-11 13:46+0100\n" +"PO-Revision-Date: 2023-01-23 11:02+0100\n" +"Last-Translator: Martin Patočka \n" +"Language-Team: CakeDC \n" +"Language: cs_CZ\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n>=2 && n<=4 ? 1 : 2);\n" +"X-Generator: Poedit 3.2.2\n" + +#: src/Controller/SocialAccountsController.php:50 +msgid "Account validated successfully" +msgstr "Účet byl úspěšně ověřen" + +#: src/Controller/SocialAccountsController.php:52 +msgid "Account could not be validated" +msgstr "Účet nebylo možné ověřit" + +#: src/Controller/SocialAccountsController.php:55 +msgid "Invalid token and/or social account" +msgstr "Neplatný token a/nebo sociální účet" + +#: src/Controller/SocialAccountsController.php:57 +#: src/Controller/SocialAccountsController.php:85 +msgid "Social Account already active" +msgstr "Sociální účet je již aktivní" + +#: src/Controller/SocialAccountsController.php:59 +msgid "Social Account could not be validated" +msgstr "Sociální účet nelze ověřit" + +#: src/Controller/SocialAccountsController.php:78 +msgid "Email sent successfully" +msgstr "Email úspěšně odeslán" + +#: src/Controller/SocialAccountsController.php:80 +msgid "Email could not be sent" +msgstr "E-mail nemohl být odeslán" + +#: src/Controller/SocialAccountsController.php:83 +msgid "Invalid account" +msgstr "Neplatný účet" + +#: src/Controller/SocialAccountsController.php:87 +msgid "Email could not be resent" +msgstr "E-mail nebylo možné znovu odeslat" + +#: src/Controller/Traits/LinkSocialTrait.php:56 +msgid "Could not associate account, please try again." +msgstr "Účet se nepodařilo přidružit, zkuste to prosím znovu." + +#: src/Controller/Traits/LinkSocialTrait.php:80 +msgid "Social account was associated." +msgstr "Sociální účet byl přidružen." + +#: src/Controller/Traits/LoginTrait.php:73 +msgid "You've successfully logged out" +msgstr "Úspěšně jste se odhlásili" + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:75 +msgid "Please enable Google Authenticator first." +msgstr "Nejprve povolte službu Google Authenticator." + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:90 +msgid "Could not find user data" +msgstr "Nepodařilo se najít uživatelská data" + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:129 +msgid "Could not verify, please try again" +msgstr "Nelze ověřit, zkuste to prosím znovu" + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:161 +msgid "Verification code is invalid. Try again" +msgstr "Ověřovací kód je neplatný. Zkuste to znovu" + +#: src/Controller/Traits/PasswordManagementTrait.php:63 +msgid "Changing another user's password is not allowed" +msgstr "Změna hesla jiného uživatele není povolena" + +#: src/Controller/Traits/PasswordManagementTrait.php:77 +#: src/Controller/Traits/PasswordManagementTrait.php:121 +#: src/Controller/Traits/ProfileTrait.php:54 +msgid "User was not found" +msgstr "Uživatel nebyl nalezen" + +#: src/Controller/Traits/PasswordManagementTrait.php:105 +#: src/Controller/Traits/PasswordManagementTrait.php:117 +#: src/Controller/Traits/PasswordManagementTrait.php:125 +msgid "Password could not be changed" +msgstr "Heslo nebylo možné změnit" + +#: src/Controller/Traits/PasswordManagementTrait.php:113 +msgid "Password has been changed successfully" +msgstr "Heslo bylo úspěšně změněno" + +#: src/Controller/Traits/PasswordManagementTrait.php:167 +msgid "Please check your email to continue with password reset process" +msgstr "Zkontrolujte prosím svůj e-mail a pokračujte v procesu obnovy hesla" + +#: src/Controller/Traits/PasswordManagementTrait.php:170 +#: src/Shell/UsersShell.php:286 +msgid "The password token could not be generated. Please try again" +msgstr "Token hesla se nepodařilo vygenerovat. Zkuste to prosím znovu" + +#: src/Controller/Traits/PasswordManagementTrait.php:176 +#: src/Controller/Traits/UserValidationTrait.php:124 +msgid "User {0} was not found" +msgstr "Uživatel {0} nebyl nalezen" + +#: src/Controller/Traits/PasswordManagementTrait.php:178 +msgid "The user is not active" +msgstr "Uživatel není aktivní" + +#: src/Controller/Traits/PasswordManagementTrait.php:180 +#: src/Controller/Traits/UserValidationTrait.php:119 +#: src/Controller/Traits/UserValidationTrait.php:128 +msgid "Token could not be reset" +msgstr "Token se nepodařilo obnovit" + +#: src/Controller/Traits/PasswordManagementTrait.php:204 +msgid "Google Authenticator token was successfully reset" +msgstr "Token Google Authenticator byl úspěšně obnoven" + +#: src/Controller/Traits/PasswordManagementTrait.php:207 +msgid "Could not reset Google Authenticator" +msgstr "Nepodařilo se obnovit Google Authenticator" + +#: src/Controller/Traits/ProfileTrait.php:58 +msgid "Not authorized, please login first" +msgstr "Nejste oprávněni, nejprve se přihlaste" + +#: src/Controller/Traits/RegisterTrait.php:47 +msgid "You must log out to register a new user account" +msgstr "Chcete-li zaregistrovat nový uživatelský účet, musíte se odhlásit" + +#: src/Controller/Traits/RegisterTrait.php:86 +#: src/Controller/Traits/RegisterTrait.php:117 +msgid "The user could not be saved" +msgstr "Uživatele se nepodařilo uložit" + +#: src/Controller/Traits/RegisterTrait.php:103 +#: src/Loader/LoginComponentLoader.php:33 +msgid "Invalid reCaptcha" +msgstr "Neplatná reCaptcha" + +#: src/Controller/Traits/RegisterTrait.php:151 +msgid "You have registered successfully, please log in" +msgstr "Úspěšně jste se zaregistrovali, přihlaste se prosím" + +#: src/Controller/Traits/RegisterTrait.php:153 +msgid "Please validate your account before log in" +msgstr "Před přihlášením prosím ověřte svůj účet" + +#: src/Controller/Traits/SimpleCrudTrait.php:77 +#: src/Controller/Traits/SimpleCrudTrait.php:107 +msgid "The {0} has been saved" +msgstr "{0} byl uložen" + +#: src/Controller/Traits/SimpleCrudTrait.php:81 +#: src/Controller/Traits/SimpleCrudTrait.php:111 +msgid "The {0} could not be saved" +msgstr "{0} se nepodařilo uložit" + +#: src/Controller/Traits/SimpleCrudTrait.php:131 +msgid "The {0} has been deleted" +msgstr "{0} byl smazán" + +#: src/Controller/Traits/SimpleCrudTrait.php:133 +msgid "The {0} could not be deleted" +msgstr "{0} nelze smazat" + +#: src/Controller/Traits/U2fTrait.php:216 +msgid "U2F requires SSL." +msgstr "U2F vyžaduje SSL." + +#: src/Controller/Traits/UserValidationTrait.php:49 +msgid "User account validated successfully" +msgstr "Uživatelský účet byl úspěšně ověřen" + +#: src/Controller/Traits/UserValidationTrait.php:51 +msgid "User account could not be validated" +msgstr "Uživatelský účet se nepodařilo ověřit" + +#: src/Controller/Traits/UserValidationTrait.php:54 +msgid "User already active" +msgstr "Uživatel je již aktivní" + +#: src/Controller/Traits/UserValidationTrait.php:60 +msgid "Reset password token was validated successfully" +msgstr "Token pro obnovení hesla byl úspěšně ověřen" + +#: src/Controller/Traits/UserValidationTrait.php:68 +msgid "Reset password token could not be validated" +msgstr "Token pro obnovení hesla se nepodařilo ověřit" + +#: src/Controller/Traits/UserValidationTrait.php:72 +msgid "Invalid validation type" +msgstr "Neplatný typ ověření" + +#: src/Controller/Traits/UserValidationTrait.php:75 +msgid "Invalid token or user account already validated" +msgstr "Neplatný token nebo již ověřený uživatelský účet" + +#: src/Controller/Traits/UserValidationTrait.php:81 +msgid "Token already expired" +msgstr "Platnost tokenu již vypršela" + +#: src/Controller/Traits/UserValidationTrait.php:114 +msgid "Token has been reset successfully. Please check your email." +msgstr "Token byl úspěšně obnoven. Zkontrolujte prosím svůj e-mail." + +#: src/Controller/Traits/UserValidationTrait.php:126 +msgid "User {0} is already active" +msgstr "Uživatel {0} je již aktivní" + +#: src/Controller/Traits/Webauthn2faTrait.php:53 +#: src/Controller/Traits/Webauthn2faTrait.php:73 +msgid "User already has configured webauthn2fa" +msgstr "Uživatel již nakonfiguroval webauthn2fa" + +#: src/Controller/Traits/Webauthn2faTrait.php:77 +#: src/Controller/Traits/Webauthn2faTrait.php:122 +msgid "Register error with webauthn for user id: {0}" +msgstr "Chyba registrace u webauthn pro ID uživatele: {0}" + +#: src/Loader/AuthenticationServiceLoader.php:109 +msgid "Property {0}.className should be defined" +msgstr "Měla by být definována vlastnost {0}.className" + +#: src/Loader/LoginComponentLoader.php:31 +msgid "Username or password is incorrect" +msgstr "Uživatelské jméno nebo heslo je nesprávné" + +#: src/Loader/LoginComponentLoader.php:52 +msgid "Could not proceed with social account. Please try again" +msgstr "Nelze pokračovat se sociálním účtem. Zkuste to prosím znovu" + +#: src/Loader/LoginComponentLoader.php:54 +msgid "" +"Your user has not been validated yet. Please check your inbox for " +"instructions" +msgstr "" +"Váš uživatel ještě nebyl ověřen. Zkontrolujte si, prosím, doručenou poštu " +"pro pokyny" + +#: src/Loader/LoginComponentLoader.php:58 +msgid "" +"Your social account has not been validated yet. Please check your inbox for " +"instructions" +msgstr "" +"Váš účet na sociální síti zatím nebyl ověřen. Zkontrolujte si, prosím, " +"doručenou poštu pro pokyny" + +#: src/Mailer/UsersMailer.php:36 +msgid "Your account validation link" +msgstr "Odkaz pro ověření vašeho účtu" + +#: src/Mailer/UsersMailer.php:63 +msgid "{0}Your reset password link" +msgstr "{0}Váš odkaz pro obnovení hesla" + +#: src/Mailer/UsersMailer.php:95 +msgid "{0}Your social account validation link" +msgstr "{0}Odkaz na ověření vašeho účtu na sociální síti" + +#: src/Middleware/SocialAuthMiddleware.php:47 +#: templates/Users/social_email.php:16 +msgid "Please enter your email" +msgstr "Zadejte prosím svůj e-mail" + +#: src/Middleware/SocialAuthMiddleware.php:57 +msgid "Could not identify your account, please try again" +msgstr "Váš účet se nepodařilo identifikovat, zkuste to prosím znovu" + +#: src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php:112 +msgid "You are not authorized to access that location." +msgstr "Nemáte oprávnění pro přístup k této sekci." + +#: src/Model/Behavior/AuthFinderBehavior.php:49 +msgid "Missing 'username' in options data" +msgstr "Chybějící 'username' v datech možností" + +#: src/Model/Behavior/LinkSocialBehavior.php:52 +msgid "Social account already associated to another user" +msgstr "Sociální účet již přiřazený k jinému uživateli" + +#: src/Model/Behavior/PasswordBehavior.php:45 +msgid "Reference cannot be null" +msgstr "Odkaz nemůže být nulový" + +#: src/Model/Behavior/PasswordBehavior.php:50 +msgid "Token expiration cannot be empty" +msgstr "Platnost tokenu nemůže být prázdná" + +#: src/Model/Behavior/PasswordBehavior.php:56 +#: src/Model/Behavior/PasswordBehavior.php:136 +msgid "User not found" +msgstr "Uživatel nebyl nalezen" + +#: src/Model/Behavior/PasswordBehavior.php:60 +#: src/Model/Behavior/RegisterBehavior.php:129 +msgid "User account already validated" +msgstr "Uživatelský účet již byl ověřen" + +#: src/Model/Behavior/PasswordBehavior.php:66 +msgid "User not active" +msgstr "Uživatel není aktivní" + +#: src/Model/Behavior/PasswordBehavior.php:141 +msgid "The current password does not match" +msgstr "Aktuální heslo neodpovídá" + +#: src/Model/Behavior/PasswordBehavior.php:144 +msgid "You cannot use the current password as the new one" +msgstr "Stávající heslo nelze použít jako nové" + +#: src/Model/Behavior/RegisterBehavior.php:107 +msgid "User not found for the given token and email." +msgstr "Uživatel nebyl nalezen pro daný token a e-mail." + +#: src/Model/Behavior/RegisterBehavior.php:110 +msgid "Token has already expired user with no token" +msgstr "Platnost tokenu již vypršela uživatel bez tokenu" + +#: src/Model/Behavior/RegisterBehavior.php:167 +msgid "This field is required" +msgstr "Toto pole je povinné" + +#: src/Model/Behavior/SocialAccountBehavior.php:100 +#: src/Model/Behavior/SocialAccountBehavior.php:130 +msgid "Account already validated" +msgstr "Účet již byl ověřen" + +#: src/Model/Behavior/SocialAccountBehavior.php:104 +#: src/Model/Behavior/SocialAccountBehavior.php:135 +msgid "Account not found for the given token and email." +msgstr "Účet nebyl nalezen pro zadaný token a e-mail." + +#: src/Model/Behavior/SocialBehavior.php:85 +msgid "Unable to login user with reference {0}" +msgstr "Nelze přihlásit uživatele s odkazem {0}" + +#: src/Model/Behavior/SocialBehavior.php:136 +msgid "Email not present" +msgstr "E-mail není přítomen" + +#: src/Model/Table/UsersTable.php:107 +msgid "Your password does not match your confirm password. Please try again" +msgstr "Vaše heslo se neshoduje s potvrzovacím heslem. Zkuste to prosím znovu" + +#: src/Model/Table/UsersTable.php:201 +msgid "Username already exists" +msgstr "Uživatelské jméno již existuje" + +#: src/Model/Table/UsersTable.php:207 +msgid "Email already exists" +msgstr "E-mail již existuje" + +#: src/Shell/UsersShell.php:46 +msgid "Utilities for CakeDC Users Plugin" +msgstr "Nástroje pro plugin CakeDC Users" + +#: src/Shell/UsersShell.php:48 +msgid "Activate an specific user" +msgstr "Aktivace konkrétního uživatele" + +#: src/Shell/UsersShell.php:51 +msgid "Add a new superadmin user for testing purposes" +msgstr "Přidání nového uživatele superadmina pro účely testování" + +#: src/Shell/UsersShell.php:54 +msgid "Add a new user" +msgstr "Přidání nového uživatele" + +#: src/Shell/UsersShell.php:57 +msgid "Change the role for an specific user" +msgstr "Změna role konkrétního uživatele" + +#: src/Shell/UsersShell.php:60 +msgid "Change the api token for an specific user" +msgstr "Změna tokenu api pro konkrétního uživatele" + +#: src/Shell/UsersShell.php:63 +msgid "Deactivate an specific user" +msgstr "Deaktivace konkrétního uživatele" + +#: src/Shell/UsersShell.php:66 +msgid "Delete an specific user" +msgstr "Odstranění konkrétního uživatele" + +#: src/Shell/UsersShell.php:69 +msgid "Reset the password via email" +msgstr "Obnovení hesla prostřednictvím e-mailu" + +#: src/Shell/UsersShell.php:72 +msgid "Reset the password for all users" +msgstr "Obnovení hesla pro všechny uživatele" + +#: src/Shell/UsersShell.php:75 +msgid "Reset the password for an specific user" +msgstr "Obnovení hesla pro konkrétního uživatele" + +#: src/Shell/UsersShell.php:135 src/Shell/UsersShell.php:161 +msgid "Please enter a password." +msgstr "Zadejte prosím heslo." + +#: src/Shell/UsersShell.php:139 +msgid "Password changed for all users" +msgstr "Heslo změněno pro všechny uživatele" + +#: src/Shell/UsersShell.php:140 src/Shell/UsersShell.php:168 +msgid "New password: {0}" +msgstr "Nové heslo: {0}" + +#: src/Shell/UsersShell.php:158 src/Shell/UsersShell.php:186 +#: src/Shell/UsersShell.php:214 src/Shell/UsersShell.php:304 +#: src/Shell/UsersShell.php:403 +msgid "Please enter a username." +msgstr "Zadejte prosím uživatelské jméno." + +#: src/Shell/UsersShell.php:167 +msgid "Password changed for user: {0}" +msgstr "Heslo bylo změněno pro uživatele: {0}" + +#: src/Shell/UsersShell.php:189 +msgid "Please enter a role." +msgstr "Zadejte prosím roli." + +#: src/Shell/UsersShell.php:195 +msgid "Role changed for user: {0}" +msgstr "Role změněna pro uživatele: {0}" + +#: src/Shell/UsersShell.php:196 +msgid "New role: {0}" +msgstr "Nová role: {0}" + +#: src/Shell/UsersShell.php:217 +msgid "Please enter a token." +msgstr "Zadejte prosím token." + +#: src/Shell/UsersShell.php:224 +msgid "User was not saved, check validation errors" +msgstr "Uživatel nebyl uložen, zkontrolujte chyby ověření" + +#: src/Shell/UsersShell.php:229 +msgid "Api token changed for user: {0}" +msgstr "Token API byl změněn pro uživatele: {0}" + +#: src/Shell/UsersShell.php:230 +msgid "New token: {0}" +msgstr "Nový token: {0}" + +#: src/Shell/UsersShell.php:245 +msgid "User was activated: {0}" +msgstr "Uživatel byl aktivován: {0}" + +#: src/Shell/UsersShell.php:260 +msgid "User was de-activated: {0}" +msgstr "Uživatel byl deaktivován: {0}" + +#: src/Shell/UsersShell.php:272 +msgid "Please enter a username or email." +msgstr "Zadejte prosím uživatelské jméno nebo e-mail." + +#: src/Shell/UsersShell.php:280 +msgid "" +"Please ask the user to check the email to continue with password reset " +"process" +msgstr "" +"Požádejte uživatele, aby zkontroloval e-mail a pokračoval v procesu obnovy " +"hesla" + +#: src/Shell/UsersShell.php:350 +msgid "Superuser added:" +msgstr "Přidán superuživatel:" + +#: src/Shell/UsersShell.php:352 +msgid "User added:" +msgstr "Přidán uživatel:" + +#: src/Shell/UsersShell.php:354 +msgid "Id: {0}" +msgstr "ID: {0}" + +#: src/Shell/UsersShell.php:355 +msgid "Username: {0}" +msgstr "Uživatelské jméno: {0}" + +#: src/Shell/UsersShell.php:356 +msgid "Email: {0}" +msgstr "E-mail: {0}" + +#: src/Shell/UsersShell.php:357 +msgid "Role: {0}" +msgstr "Role: {0}" + +#: src/Shell/UsersShell.php:358 +msgid "Password: {0}" +msgstr "Heslo: {0}" + +#: src/Shell/UsersShell.php:360 +msgid "User could not be added:" +msgstr "Uživatele se nepodařilo přidat:" + +#: src/Shell/UsersShell.php:363 +msgid "Field: {0} Error: {1}" +msgstr "Pole: {0} Chyba: {1}" + +#: src/Shell/UsersShell.php:379 +msgid "The user was not found." +msgstr "Uživatel nebyl nalezen." + +#: src/Shell/UsersShell.php:414 +msgid "The user {0} was not deleted. Please try again" +msgstr "Uživatel {0} nebyl odstraněn. Zkuste to prosím znovu" + +#: src/Shell/UsersShell.php:416 +msgid "The user {0} was deleted successfully" +msgstr "Uživatel {0} byl úspěšně odstraněn" + +#: src/View/Helper/UserHelper.php:50 +msgid "Sign in with" +msgstr "Přihlásit pomocí" + +#: src/View/Helper/UserHelper.php:113 +msgid "Logout" +msgstr "Odhlášení" + +#: src/View/Helper/UserHelper.php:134 +msgid "Welcome, {0}" +msgstr "Vítejte, {0}" + +#: src/View/Helper/UserHelper.php:165 +msgid "reCaptcha is not configured! Please configure Users.reCaptcha.key" +msgstr "" +"reCaptcha není nakonfigurována! Nakonfigurujte prosím Users.reCaptcha.key" + +#: src/View/Helper/UserHelper.php:218 +msgid "Connected with {0}" +msgstr "Spojeno s {0}" + +#: src/View/Helper/UserHelper.php:223 +msgid "Connect with {0}" +msgstr "Spojit se s {0}" + +#: templates/Users/add.php:13 templates/Users/edit.php:17 +#: templates/Users/index.php:13 templates/Users/index.php:26 +#: templates/Users/view.php:15 +msgid "Actions" +msgstr "Akce" + +#: templates/Users/add.php:15 templates/Users/edit.php:28 +#: templates/Users/view.php:23 +msgid "List Users" +msgstr "Seznam uživatelů" + +#: templates/Users/add.php:21 templates/Users/register.php:18 +msgid "Add User" +msgstr "Přidat uživatele" + +#: templates/Users/add.php:23 templates/Users/edit.php:36 +#: templates/Users/index.php:22 templates/Users/login.php:20 +#: templates/Users/profile.php:30 templates/Users/register.php:20 +#: templates/Users/view.php:33 +msgid "Username" +msgstr "Uživatelské jméno" + +#: templates/Users/add.php:24 templates/Users/edit.php:37 +#: templates/Users/index.php:23 templates/Users/profile.php:32 +#: templates/Users/register.php:21 templates/Users/view.php:35 +msgid "Email" +msgstr "E-mail" + +#: templates/Users/add.php:25 templates/Users/login.php:21 +#: templates/Users/register.php:22 +msgid "Password" +msgstr "Heslo" + +#: templates/Users/add.php:26 templates/Users/edit.php:38 +#: templates/Users/index.php:24 templates/Users/register.php:28 +msgid "First name" +msgstr "Jméno" + +#: templates/Users/add.php:27 templates/Users/edit.php:39 +#: templates/Users/index.php:25 templates/Users/register.php:29 +msgid "Last name" +msgstr "Příjmení" + +#: templates/Users/add.php:30 templates/Users/edit.php:54 +#: templates/Users/view.php:49 templates/Users/view.php:74 +msgid "Active" +msgstr "Aktivní" + +#: templates/Users/add.php:34 templates/Users/change_password.php:25 +#: templates/Users/edit.php:58 templates/Users/register.php:38 +#: templates/Users/request_reset_password.php:23 +#: templates/Users/resend_token_validation.php:20 +#: templates/Users/social_email.php:19 +msgid "Submit" +msgstr "Odeslat" + +#: templates/Users/change_password.php:5 +msgid "Please enter the new password" +msgstr "Zadejte prosím nové heslo" + +#: templates/Users/change_password.php:10 +msgid "Current password" +msgstr "Současné heslo" + +#: templates/Users/change_password.php:16 +msgid "New password" +msgstr "Nové heslo" + +#: templates/Users/change_password.php:21 templates/Users/register.php:26 +msgid "Confirm password" +msgstr "Potvrďte heslo" + +#: templates/Users/edit.php:22 templates/Users/index.php:40 +msgid "Delete" +msgstr "Odstranit" + +#: templates/Users/edit.php:24 templates/Users/index.php:40 +#: templates/Users/view.php:21 +msgid "Are you sure you want to delete # {0}?" +msgstr "Opravdu chcete odstranit # {0}?" + +#: templates/Users/edit.php:34 templates/Users/view.php:17 +msgid "Edit User" +msgstr "Upravit uživatele" + +#: templates/Users/edit.php:40 templates/Users/view.php:43 +msgid "Token" +msgstr "Token" + +#: templates/Users/edit.php:42 +msgid "Token expires" +msgstr "Platnost tokenu vyprší" + +#: templates/Users/edit.php:45 +msgid "API token" +msgstr "Token rozhraní API" + +#: templates/Users/edit.php:48 +msgid "Activation date" +msgstr "Datum aktivace" + +#: templates/Users/edit.php:51 +msgid "TOS date" +msgstr "Datum TOS" + +#: templates/Users/edit.php:64 +msgid "Reset Google Authenticator Token" +msgstr "Obnovení tokenu Google Authenticator" + +#: templates/Users/edit.php:70 +msgid "Are you sure you want to reset token for user \"{0}\"?" +msgstr "Opravdu chcete obnovit token pro uživatele \"{0}\"?" + +#: templates/Users/index.php:15 +msgid "New {0}" +msgstr "Nový {0}" + +#: templates/Users/index.php:37 +msgid "View" +msgstr "Zobrazit" + +#: templates/Users/index.php:38 +msgid "Change password" +msgstr "Změnit heslo" + +#: templates/Users/index.php:39 +msgid "Edit" +msgstr "Upravit" + +#: templates/Users/index.php:49 +msgid "previous" +msgstr "předchozí" + +#: templates/Users/index.php:51 +msgid "next" +msgstr "další" + +#: templates/Users/login.php:19 +msgid "Please enter your username and password" +msgstr "Zadejte prosím své uživatelské jméno a heslo" + +#: templates/Users/login.php:29 +msgid "Remember me" +msgstr "Pamatuj si mě" + +#: templates/Users/login.php:37 +msgid "Register" +msgstr "Registrovat" + +#: templates/Users/login.php:43 +msgid "Reset Password" +msgstr "Obnovit heslo" + +#: templates/Users/login.php:48 +msgid "Login" +msgstr "Přihlášení" + +#: templates/Users/profile.php:21 +msgid "{0} {1}" +msgstr "{0} {1}" + +#: templates/Users/profile.php:27 +msgid "Change Password" +msgstr "Změnit heslo" + +#: templates/Users/profile.php:38 templates/Users/view.php:68 +msgid "Social Accounts" +msgstr "Sociální účty" + +#: templates/Users/profile.php:42 templates/Users/view.php:73 +msgid "Avatar" +msgstr "Profilový obrázek" + +#: templates/Users/profile.php:43 templates/Users/view.php:72 +msgid "Provider" +msgstr "Poskytovatel" + +#: templates/Users/profile.php:44 +msgid "Link" +msgstr "Odkaz" + +#: templates/Users/profile.php:51 +msgid "Link to {0}" +msgstr "Odkaz na {0}" + +#: templates/Users/register.php:31 +msgid "Accept TOS conditions?" +msgstr "Přijmout podmínky TOS?" + +#: templates/Users/request_reset_password.php:20 +msgid "Please enter your email or username to reset your password" +msgstr "Pro obnovení hesla zadejte svůj e-mail nebo uživatelské jméno" + +#: templates/Users/resend_token_validation.php:15 +msgid "Resend Validation email" +msgstr "Znovu odeslat ověřovací e-mail" + +#: templates/Users/resend_token_validation.php:17 +msgid "Email or username" +msgstr "E-mail nebo uživatelské jméno" + +#: templates/Users/u2f_authenticate.php:22 templates/Users/webauthn2fa.php:25 +msgid "Verify your registered yubico key" +msgstr "Ověření vašeho registrovaného klíče yubico" + +#: templates/Users/u2f_authenticate.php:23 templates/Users/u2f_register.php:23 +#: templates/Users/webauthn2fa.php:20 templates/Users/webauthn2fa.php:26 +msgid "Please insert and tap your yubico key" +msgstr "Vložte prosím klíč yubico a klepněte na něj" + +#: templates/Users/u2f_authenticate.php:24 templates/Users/webauthn2fa.php:27 +msgid "" +"You can now finish the authentication process using the registered device." +msgstr "Nyní můžete dokončit proces ověření pomocí registrovaného zařízení." + +#: templates/Users/u2f_authenticate.php:25 templates/Users/webauthn2fa.php:22 +#: templates/Users/webauthn2fa.php:28 +msgid "" +"When the YubiKey starts blinking, press the golden disc to activate it. " +"Depending on the web browser you might need to confirm the use of extended " +"information from the YubiKey." +msgstr "" +"Jakmile začne klíč YubiKey blikat, aktivujte jej stisknutím zlatého disku. V " +"závislosti na webovém prohlížeči může být nutné potvrdit použití rozšířených " +"informací z klíče YubiKey." + +#: templates/Users/u2f_authenticate.php:27 templates/Users/u2f_register.php:27 +#: templates/Users/webauthn2fa.php:31 +msgid "Reload" +msgstr "Znovu načíst" + +#: templates/Users/u2f_authenticate.php:51 templates/Users/u2f_register.php:56 +msgid "Yubico key check has failed, please try again" +msgstr "Kontrola klíče Yubico selhala, zkuste to prosím znovu" + +#: templates/Users/u2f_register.php:22 templates/Users/webauthn2fa.php:19 +msgid "Registering your yubico key" +msgstr "Registrace klíče Yubico" + +#: templates/Users/verify.php:13 +msgid "Verification Code" +msgstr "Ověřovací kód" + +#: templates/Users/verify.php:15 +msgid "" +" " +"Verify" +msgstr "" +" " +"Ověřit" + +#: templates/Users/view.php:19 +msgid "Delete User" +msgstr "Odstranit uživatele" + +#: templates/Users/view.php:24 +msgid "New User" +msgstr "Nový uživatel" + +#: templates/Users/view.php:31 +msgid "Id" +msgstr "ID" + +#: templates/Users/view.php:37 +msgid "First Name" +msgstr "Jméno" + +#: templates/Users/view.php:39 +msgid "Last Name" +msgstr "Příjmení" + +#: templates/Users/view.php:41 +msgid "Role" +msgstr "Role" + +#: templates/Users/view.php:45 +msgid "Api Token" +msgstr "Token rozhraní API" + +#: templates/Users/view.php:53 +msgid "Token Expires" +msgstr "Platnost tokenu vyprší" + +#: templates/Users/view.php:55 +msgid "Activation Date" +msgstr "Datum aktivace" + +#: templates/Users/view.php:57 +msgid "Tos Date" +msgstr "Datum TOS" + +#: templates/Users/view.php:59 templates/Users/view.php:75 +msgid "Created" +msgstr "Vytvořeno" + +#: templates/Users/view.php:61 templates/Users/view.php:76 +msgid "Modified" +msgstr "Upraveno" + +#: templates/Users/webauthn2fa.php:8 +msgid "Two-factor authentication" +msgstr "Dvoufaktorové ověření" + +#: templates/Users/webauthn2fa.php:21 +msgid "" +"In order to enable your YubiKey the first step is to perform a registration." +msgstr "" +"Chcete-li aktivovat svůj YubiKey, prvním krokem je provedení registrace." + +#: templates/email/html/reset_password.php:14 +#: templates/email/html/social_account_validation.php:14 +#: templates/email/html/validation.php:13 +#: templates/email/text/reset_password.php:12 +#: templates/email/text/social_account_validation.php:12 +#: templates/email/text/validation.php:12 +msgid "Hi {0}" +msgstr "Ahoj {0}" + +#: templates/email/html/reset_password.php:17 +msgid "Reset your password here" +msgstr "Obnovte své heslo zde" + +#: templates/email/html/reset_password.php:20 +#: templates/email/html/social_account_validation.php:23 +#: templates/email/html/validation.php:19 +msgid "" +"If the link is not correctly displayed, please copy the following address in " +"your web browser {0}" +msgstr "" +"Pokud se odkaz nezobrazuje správně, zkopírujte prosím do svého webového " +"prohlížeče následující adresu {0}" + +#: templates/email/html/reset_password.php:27 +#: templates/email/html/social_account_validation.php:30 +#: templates/email/html/validation.php:26 +#: templates/email/text/reset_password.php:20 +#: templates/email/text/social_account_validation.php:20 +#: templates/email/text/validation.php:20 +msgid "Thank you" +msgstr "Děkuji" + +#: templates/email/html/social_account_validation.php:18 +msgid "Activate your social login here" +msgstr "Aktivujte si přihlášení k sociální síti zde" + +#: templates/email/html/validation.php:16 +msgid "Activate your account here" +msgstr "Aktivujte si účet zde" + +#: templates/email/text/reset_password.php:14 +#: templates/email/text/validation.php:14 +msgid "Please copy the following address in your web browser {0}" +msgstr "Zkopírujte prosím do svého webového prohlížeče následující adresu {0}" + +#: templates/email/text/social_account_validation.php:14 +msgid "" +"Please copy the following address in your web browser to activate your " +"social login {0}" +msgstr "" +"Zkopírujte prosím následující adresu do svého webového prohlížeče, abyste " +"aktivovali své přihlášení k sociální síti {0}" From c944a3fabbb4030cce7207eee46e1c3bc729e500 Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Sat, 28 Jan 2023 12:34:54 +0100 Subject: [PATCH 16/71] updated minimum php version from 7.2+ to 7.3+, docs update --- Docs/Home.md | 3 ++- README.md | 2 +- composer.json | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Docs/Home.md b/Docs/Home.md index 4223b0e82..8873856df 100644 --- a/Docs/Home.md +++ b/Docs/Home.md @@ -16,10 +16,11 @@ Documentation * [Authentication](Documentation/Authentication.md) * [Authorization](Documentation/Authorization.md) * [SimpleRbacAuthorize](https://github.com/CakeDC/auth/blob/master/Docs/Documentation/SimpleRbacAuthorize.md) +* [Permissions](Documentation/Permissions.md) * [SuperuserAuthorize](https://github.com/CakeDC/auth/blob/master/Docs/Documentation/SuperuserAuthorize.md) * [Intercept Login Action](Documentation/InterceptLoginAction.md) * [Social Authentication](Documentation/SocialAuthentication.md) -* [Google Authenticator](Documentation/Two-Factor-Authenticator.md) +* [Two Factor Authenticator](Documentation/Two-Factor-Authenticator.md) * [Yubico U2F](Documentation/Yubico-U2F.md) * [UserHelper](Documentation/UserHelper.md) * [AuthLinkHelper](Documentation/AuthLinkHelper.md) diff --git a/README.md b/README.md index ff6e46f46..c188a833c 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ Requirements ------------ * CakePHP 4.0+ -* PHP 7.2+ +* PHP 7.3+ Documentation ------------- diff --git a/composer.json b/composer.json index 54aab97aa..29f9e44f5 100644 --- a/composer.json +++ b/composer.json @@ -29,7 +29,7 @@ "minimum-stability": "dev", "prefer-stable": true, "require": { - "php": ">=7.2.0", + "php": ">=7.3.0", "cakephp/cakephp": "^4.0", "cakedc/auth": "^7.0", "cakephp/authorization": "^2.0.0", From dcc3673f608ed86d21db936651212480861f6640 Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Mon, 30 Jan 2023 13:03:18 +0100 Subject: [PATCH 17/71] added `validateSocialAccount` setting to enable/disable social validation after first social login to existing user account --- Docs/Documentation/SocialAuthentication.md | 18 ++++++++++++++---- config/users.php | 12 +++++++++++- src/Model/Behavior/SocialBehavior.php | 11 +++++++++-- 3 files changed, 34 insertions(+), 7 deletions(-) diff --git a/Docs/Documentation/SocialAuthentication.md b/Docs/Documentation/SocialAuthentication.md index f74b36e7a..c2037943e 100644 --- a/Docs/Documentation/SocialAuthentication.md +++ b/Docs/Documentation/SocialAuthentication.md @@ -23,11 +23,21 @@ Facebook/Twitter applications you want to use and update your file config/users. //This enable social login (authentication) 'Users.Social.login' => true, //This is the required config to setup facebook. -'OAuth.providers.facebook.options.clientId', 'YOUR APP ID'; -'OAuth.providers.facebook.options.clientSecret', 'YOUR APP SECRET'; +'OAuth.providers.facebook.options.clientId' => 'YOUR APP ID', +'OAuth.providers.facebook.options.clientSecret' => 'YOUR APP SECRET', //This is the required config to setup twitter -'OAuth.providers.twitter.options.clientId', 'YOUR APP ID'; -'OAuth.providers.twitter.options.clientSecret', 'YOUR APP SECRET'; +'OAuth.providers.twitter.options.clientId' => 'YOUR APP ID', +'OAuth.providers.twitter.options.clientSecret' => 'YOUR APP SECRET', +``` + +By default the social login validation is enabled for existing accounts. First social login attempt to an existing account will require additional email validation before it can be used. If you trust the providers you are using you can disable this feature globally in your config/users.php file: +```php +'Users.Social.validateSocialAccount' => false, + +``` +Alternatively you can also skip this validation for some providers that you trust in your config/users.php file: +```php +'OAuth.providers.facebook.skipSocialAccountValidation' => true, ``` Check optional configs at [config/users.php](./../../config/users.php) inside 'OAuth' key diff --git a/config/users.php b/config/users.php index ebb64c76e..679fefa10 100644 --- a/config/users.php +++ b/config/users.php @@ -78,6 +78,8 @@ 'Social' => [ // enable social login 'login' => false, + // enable social account validation for first social logins into existing accounts + 'validateSocialAccount' => true, ], 'Profile' => [ // Allow view other users profiles @@ -240,6 +242,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'League\OAuth2\Client\Provider\Facebook', 'mapper' => 'CakeDC\Auth\Social\Mapper\Facebook', + 'skipSocialAccountValidation' => false, 'authParams' => ['scope' => ['public_profile', 'email', 'user_birthday', 'user_gender', 'user_link']], 'options' => [ 'graphApiVersion' => 'v2.8', //bio field was deprecated on >= v2.8 @@ -252,6 +255,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth1Service', 'className' => 'League\OAuth1\Client\Server\Twitter', 'mapper' => 'CakeDC\Auth\Social\Mapper\Twitter', + 'skipSocialAccountValidation' => false, 'options' => [ 'redirectUri' => Router::fullBaseUrl() . '/auth/twitter', 'linkSocialUri' => Router::fullBaseUrl() . '/link-social/twitter', @@ -262,6 +266,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'League\OAuth2\Client\Provider\LinkedIn', 'mapper' => 'CakeDC\Auth\Social\Mapper\LinkedIn', + 'skipSocialAccountValidation' => false, 'options' => [ 'redirectUri' => Router::fullBaseUrl() . '/auth/linkedIn', 'linkSocialUri' => Router::fullBaseUrl() . '/link-social/linkedIn', @@ -272,6 +277,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'League\OAuth2\Client\Provider\Instagram', 'mapper' => 'CakeDC\Auth\Social\Mapper\Instagram', + 'skipSocialAccountValidation' => false, 'options' => [ 'redirectUri' => Router::fullBaseUrl() . '/auth/instagram', 'linkSocialUri' => Router::fullBaseUrl() . '/link-social/instagram', @@ -282,6 +288,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'League\OAuth2\Client\Provider\Google', 'mapper' => 'CakeDC\Auth\Social\Mapper\Google', + 'skipSocialAccountValidation' => false, 'options' => [ 'userFields' => ['url', 'aboutMe'], 'redirectUri' => Router::fullBaseUrl() . '/auth/google', @@ -293,7 +300,8 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'Luchianenco\OAuth2\Client\Provider\Amazon', 'mapper' => 'CakeDC\Auth\Social\Mapper\Amazon', - 'options' => [ + 'skipSocialAccountValidation' => false, + 'options' => [ 'redirectUri' => Router::fullBaseUrl() . '/auth/amazon', 'linkSocialUri' => Router::fullBaseUrl() . '/link-social/amazon', 'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/amazon', @@ -303,6 +311,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'CakeDC\OAuth2\Client\Provider\Cognito', 'mapper' => 'CakeDC\Auth\Social\Mapper\Cognito', + 'skipSocialAccountValidation' => false, 'options' => [ 'redirectUri' => Router::fullBaseUrl() . '/auth/cognito', 'linkSocialUri' => Router::fullBaseUrl() . '/link-social/cognito', @@ -314,6 +323,7 @@ 'service' => 'CakeDC\Auth\Social\Service\OAuth2Service', 'className' => 'TheNetworg\OAuth2\Client\Provider\Azure', 'mapper' => 'CakeDC\Auth\Social\Mapper\Azure', + 'skipSocialAccountValidation' => false, 'options' => [ 'redirectUri' => Router::fullBaseUrl() . '/auth/azure', 'linkSocialUri' => Router::fullBaseUrl() . '/link-social/azure', diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index 7911ed802..7ec8754a2 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -33,6 +33,8 @@ class SocialBehavior extends BaseTokenBehavior use EventDispatcherTrait; use RandomStringTrait; + protected $validateSocialAccount = true; + /** * Username field it can be modified via config * @@ -48,6 +50,7 @@ class SocialBehavior extends BaseTokenBehavior */ public function initialize(array $config): void { + $this->validateSocialAccount = (bool)Configure::read('Users.Social.validateSocialAccount'); if (isset($config['username'])) { $this->_username = $config['username']; } @@ -219,8 +222,12 @@ protected function _populateUser($data, $existingUser, $useEmail, $validateEmail $user = $this->_table->newEntity($userData); $user = $this->_updateActive($user, false, $tokenExpiration); } else { - if ($useEmail && empty($dataValidated)) { - $accountData['active'] = false; + if ( + $useEmail && + empty($dataValidated) || + ($this->validateSocialAccount && !Configure::read('OAuth.providers.' . $data['provider'] . '.skipSocialAccountValidation')) + ) { + $accountData['active'] = 0; } $user = $existingUser; } From 6e01c2ed0223450fba98ec4c5d06ac6c447fe113 Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Mon, 30 Jan 2023 13:52:00 +0100 Subject: [PATCH 18/71] updated cs --- src/Model/Behavior/SocialBehavior.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index 7ec8754a2..763be8c91 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -33,6 +33,11 @@ class SocialBehavior extends BaseTokenBehavior use EventDispatcherTrait; use RandomStringTrait; + /** + * Enables social account validation + * + * @var bool + */ protected $validateSocialAccount = true; /** From 4b9510436aa40ad050bdd333dbb318a8fac29273 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20M=2E=20Gonz=C3=A1lez=20Mart=C3=ADn?= Date: Wed, 1 Feb 2023 11:31:48 +0000 Subject: [PATCH 19/71] Update Translations.md --- Docs/Documentation/Translations.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Docs/Documentation/Translations.md b/Docs/Documentation/Translations.md index 2039ae3ff..333d51799 100644 --- a/Docs/Documentation/Translations.md +++ b/Docs/Documentation/Translations.md @@ -13,6 +13,7 @@ The Plugin is translated into several languages: * Turkish (tr_TR) by @sayinserdar * Ukrainian (uk) by @yarkm13 * German (de) by @LordSimal +* Czech (cs_CZ) by @Mapiiik **Note:** To overwrite the plugin translations, create a file inside your project 'resources/locales//{$lang}/' folder, with the name 'Users.po' and add the strings with the new translations. From 9d06f1bc8351a3722695d7f770396c34e1aa9aba Mon Sep 17 00:00:00 2001 From: "marc.wuerth" Date: Wed, 1 Feb 2023 14:42:17 +0100 Subject: [PATCH 20/71] Adjust tests asserting full URL instead of just path part in redirect Relates to #1002 & #1003 --- .../Controller/Traits/Integration/LoginTraitIntegrationTest.php | 2 +- tests/TestCase/Controller/UsersControllerTest.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 9bf8d74d4..811e6da8c 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -56,7 +56,7 @@ public function testRedirectToLogin() { $this->enableRetainFlashMessages(); $this->get('/pages/home'); - $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fpages%2Fhome'); + $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome'); $this->assertFlashMessage('You are not authorized to access that location.'); } diff --git a/tests/TestCase/Controller/UsersControllerTest.php b/tests/TestCase/Controller/UsersControllerTest.php index 9cebd1f89..36cd28f7a 100644 --- a/tests/TestCase/Controller/UsersControllerTest.php +++ b/tests/TestCase/Controller/UsersControllerTest.php @@ -67,7 +67,7 @@ public function testUnauthorizedRedirectNotLogged() ], ]); $this->get('/users/index'); - $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fusers%2Findex'); + $this->assertRedirectContains('/login?redirect=%2Fusers%2Findex'); } /** From 7052a6a00466dbf1b31f0c6f27ee55cfbd9b6d9e Mon Sep 17 00:00:00 2001 From: "marc.wuerth" Date: Wed, 1 Feb 2023 14:46:16 +0100 Subject: [PATCH 21/71] CS fixes --- .../DefaultRedirectHandler.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php index fabaabe37..374807525 100644 --- a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php +++ b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php @@ -51,8 +51,11 @@ class DefaultRedirectHandler extends CakeRedirectHandler /** * @inheritDoc */ - public function handle(Exception $exception, ServerRequestInterface $request, array $options = []): ResponseInterface - { + public function handle( + Exception $exception, + ServerRequestInterface $request, + array $options = [] + ): ResponseInterface { $options += $this->defaultOptions; $response = parent::handle($exception, $request, $options); $session = $request->getAttribute('session'); @@ -83,7 +86,7 @@ protected function getUrl(ServerRequestInterface $request, array $options): stri if ($redirectUri->getQuery()) { $redirect .= '?' . $redirectUri->getQuery(); } - + $url['?'][$options['queryParam']] = $redirect; } @@ -115,10 +118,10 @@ protected function createFlashMessage($options): array $message = (array)($options['flash'] ?? []); return $message + [ - 'message' => __d('cake_d_c/users', 'You are not authorized to access that location.'), - 'key' => 'flash', - 'element' => 'flash/error', - 'params' => [], - ]; + 'message' => __d('cake_d_c/users', 'You are not authorized to access that location.'), + 'key' => 'flash', + 'element' => 'flash/error', + 'params' => [], + ]; } } From 8510974798bae7685311e4fec3c6f0b915c20aec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20W=C3=BCrth?= Date: Thu, 9 Feb 2023 20:05:16 +0100 Subject: [PATCH 22/71] Improve authenication documentation Varous improvemnts - Formatting - Wording - Grammar error - Code, class name & path highlighing - Namings - De-emphasize less importaant remarks - Update broken links --- Docs/Documentation/Authentication.md | 91 ++++++++++++++-------------- 1 file changed, 46 insertions(+), 45 deletions(-) diff --git a/Docs/Documentation/Authentication.md b/Docs/Documentation/Authentication.md index 9d692dd21..a791c7917 100644 --- a/Docs/Documentation/Authentication.md +++ b/Docs/Documentation/Authentication.md @@ -1,6 +1,7 @@ Authentication ============== -This plugin uses the new authentication plugin [cakephp/authentication](https://github.com/cakephp/authentication/) + +This plugin uses the new CakePHP Authentication plugin [cakephp/authentication](https://github.com/cakephp/authentication/) instead of CakePHP Authentication component, but don't worry, the default configuration should be enough for your projects. @@ -9,11 +10,11 @@ We've tried to simplify configuration as much as possible using defaults, but ke Authentication Component ------------------------ -The default behavior is to load the authentication component at UsersController, -defining the default urls for loginAction, loginRedirect, logoutRedirect but not requiring -the request to have a identity. +The default behavior is to load the authentication component at ``UsersController``, +defining the default URLs for ``loginAction``, ``loginRedirect``, ``logoutRedirect`` but not requiring +the request to have an identity. -If you prefer to load the component yourself you can set 'Auth.AuthenticationComponent.load': +If you prefer to load the component yourself you can set ``Auth.AuthenticationComponent.load``: ``` Configure:write('Auth.AuthenticationComponent.load', false); @@ -27,7 +28,8 @@ $this->loadComponent('Authentication.Authentication', $authenticationConfig); $userId = $this->Authentication->getIdentity()->getIdentifier(); $user = $this->Authentication->getIdentity()->getOriginalData(); ``` -The default configuration for Auth.AuthenticationComponent is: + +The default configuration for ``Auth.AuthenticationComponent`` is: ```php [ @@ -37,28 +39,30 @@ The default configuration for Auth.AuthenticationComponent is: ] ``` -[Check the component options at the it's source code for more infomation](https://github.com/cakephp/authentication/blob/master/src/Controller/Component/AuthenticationComponent.php#L38) +Check [the component options at the its source code](https://github.com/cakephp/authentication/blob/master/src/Controller/Component/AuthenticationComponent.php#L38) for more infomation. Authenticators -------------- -The cakephp/authentication plugin provides the main structure for the authenticators used in this plugin, +The ``cakephp/authentication`` plugin provides the main structure for the authenticators used in this plugin, we also use some custom authenticators to work with social providers, reCaptcha and cookie. The default list of authenticators includes: -- 'Authentication.Session' -- 'CakeDC/Auth.Form' -- 'Authentication.Token' -- 'CakeDC/Auth.Cookie' -- 'CakeDC/Users.Social'//Works with SocialAuthMiddleware -- 'CakeDC/Users.SocialPendingEmail' +- ``Authentication.Session`` +- ``CakeDC/Auth.Form`` +- ``Authentication.Token`` +- ``CakeDC/Auth.Cookie`` +- ``CakeDC/Users.Social`` which works with the ``SocialAuthMiddleware`` +- ``CakeDC/Users.SocialPendingEmail`` + +If you enable ``OneTimePasswordAuthenticator.login`` we also load the ``CakeDC/Auth.TwoFactor`` -**If you enable 'OneTimePasswordAuthenticator.login' we also load the CakeDC/Auth.TwoFactor** +These authenticators should be enough for your application, but you can easily customize it +setting the ``Auth.Authenticators`` config key. -These authenticators should be enough for your application, but you easily customize it -setting the Auth.Authenticators config key. +These authenticators are loaded by the ``\CakeDC\Users\Loader\AuthenticationServiceLoader`` class in the ``loadAuthenticators`` method. See [Authentication Service Loader](#authentication-service-loader) on how to adjust it to your needs. -For example if you add JWT authenticator you must add this to your config/users.php file: +For example, if you want to add the JWT authenticator you must add the following to your ``config/users.php`` file: ```php 'Auth.Authenticators.Jwt' => [ @@ -68,26 +72,20 @@ For example if you add JWT authenticator you must add this to your config/users. ], ``` -**You may have noticed the 'skipTwoFactorVerify' option, this option is used to identify if a authenticator should skip -the two factor flow** - -The authenticators are loaded by \CakeDC\Users\Loader\AuthenticationServiceLoader class at load authentication -service method from plugin object. - -See the full Auth.Authenticators at config/users.php +The ``skipTwoFactorVerify`` option is used to skip the two factor flow for a given authenticator Identifiers ----------- -The identifies are defined to work correctly with the default authenticators, we are using these identifiers: -- Authentication.Password, for Form authenticator -- CakeDC/Users.Social, for Social and SocialPendingEmail authenticators -- Authentication.Token, for TokenAuthenticator +The identifiers are defined to work correctly with the default authenticators, we are using these identifiers: -As you add more authenticators you may need to add identifiers, please check identifiers available at -[official documentation](https://github.com/cakephp/authentication/blob/master/docs/Identifiers.md) +- ``Authentication.Password``, for ``Form`` authenticator +- ``CakeDC/Users.Social``, for ``Social`` and ``SocialPendingEmail`` authenticators +- ``Authentication.Token``, for ``Token`` authenticator -The default value for Auth.Identifiers is: +As you add more authenticators you may also need to add other identifiers, please see [the identifiers available in the official CakePHP Authentication plugin documentation](https://book.cakephp.org/authentication/2/en/identifiers.html). + +The default list for ``Auth.Identifiers`` is: ```php [ @@ -116,24 +114,25 @@ The default value for Auth.Identifiers is: ] ] ``` -The identifiers are loaded by \CakeDC\Users\Loader\AuthenticationServiceLoader class at load authentication -service method from plugin object. +These identifiers are loaded by the ``\CakeDC\Users\Loader\AuthenticationServiceLoader`` class in the ``loadIdentifiers`` method. See [Authentication Service Loader](#authentication-service-loader) on how to adjust it to your needs. Handling Login Result --------------------- -For both form login and social login we use a base component 'CakeDC/Users.Login' to handle login, -it check the result of authentication service to redirect user to a internal page or show an authentication -error. It provide some error messages for specific authentication result status, please check the config/users.php file. -To use a custom component to handle the login you should update your config/users.php file with: +For both form login and social login we use a base component ``CakeDC/Users.Login`` to handle the login. +It checks the result of the authentication service and either redirects the user or shows an authentication +error. It provides some error messages for specific authentication results. Please check the ``config/users.php`` file. + +To use a custom component to handle the login you should update your ``config/users.php`` file with: ```php 'Auth.SocialLoginFailure.component' => 'MyLoginA', 'Auth.FormLoginFailure.component' => 'MyLoginB', ``` -The default configuration are: +The default configuration is: + ```php [ ... @@ -169,13 +168,14 @@ The default configuration are: Authentication Service Loader ----------------------------- -To make the integration with cakephp/authentication easier we load the authenticators and identifiers -defined at Auth configuration and other components to work with social provider, two-factor authentication. -If the configuration is not enough for your project you may create a custom loader extending the -default provided. +To make the integration with CakePHP Authenication plugin easier we load the authenticators and identifiers +defined at the ``Auth`` configuration key. -- Create file src/Loader/AppAuthenticationServiceLoader.php +If the default configuration is not enough for your project's needs you may create a custom loader extending the +default loader provided. + +Fore xample, create a file ``src/Loader/AppAuthenticationServiceLoader.php``: ```php \App\Loader\AppAuthenticationServiceLoader::class, From 9f3b6f6d74acb4876437f6dd74aaa952c4d8b580 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20W=C3=BCrth?= Date: Thu, 9 Feb 2023 23:12:44 +0100 Subject: [PATCH 23/71] Fix typo in authorization config key --- Docs/Documentation/Authorization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Docs/Documentation/Authorization.md b/Docs/Documentation/Authorization.md index 58809f524..af053dd08 100644 --- a/Docs/Documentation/Authorization.md +++ b/Docs/Documentation/Authorization.md @@ -10,7 +10,7 @@ If you don't want the plugin to autoload setup authorization, you can disable in your config/users.php with: ```php -'Auth.Authorization.enabled' => false, +'Auth.Authorization.enable' => false, ``` Authorization Middleware From a4257eea953db575d3581e5ecd8210783c1d0843 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20W=C3=BCrth?= Date: Fri, 10 Feb 2023 13:44:37 +0100 Subject: [PATCH 24/71] Fix typo --- Docs/Documentation/Authentication.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Docs/Documentation/Authentication.md b/Docs/Documentation/Authentication.md index a791c7917..66f94f403 100644 --- a/Docs/Documentation/Authentication.md +++ b/Docs/Documentation/Authentication.md @@ -175,7 +175,7 @@ defined at the ``Auth`` configuration key. If the default configuration is not enough for your project's needs you may create a custom loader extending the default loader provided. -Fore xample, create a file ``src/Loader/AppAuthenticationServiceLoader.php``: +For example, create a file ``src/Loader/AppAuthenticationServiceLoader.php``: ```php Date: Mon, 24 Apr 2023 20:26:48 +0200 Subject: [PATCH 25/71] fix CakePHP 4.5 deprecations --- composer.json | 6 +++--- .../Traits/OneTimePasswordVerifyTrait.php | 6 +++--- src/Controller/Traits/PasswordManagementTrait.php | 4 ++-- src/Model/Table/UsersTable.php | 14 +------------- tests/test_app/TestApp/Http/TestRequestHandler.php | 2 +- 5 files changed, 10 insertions(+), 22 deletions(-) diff --git a/composer.json b/composer.json index 29f9e44f5..be536dbbe 100644 --- a/composer.json +++ b/composer.json @@ -27,10 +27,10 @@ "source": "https://github.com/CakeDC/users" }, "minimum-stability": "dev", - "prefer-stable": true, + "prefer-stable": true, "require": { - "php": ">=7.3.0", - "cakephp/cakephp": "^4.0", + "php": ">=7.4.0", + "cakephp/cakephp": "dev-4.next as 4.5.0", "cakedc/auth": "^7.0", "cakephp/authorization": "^2.0.0", "cakephp/authentication": "^2.0.0" diff --git a/src/Controller/Traits/OneTimePasswordVerifyTrait.php b/src/Controller/Traits/OneTimePasswordVerifyTrait.php index 9538569a6..a2f562f80 100644 --- a/src/Controller/Traits/OneTimePasswordVerifyTrait.php +++ b/src/Controller/Traits/OneTimePasswordVerifyTrait.php @@ -116,8 +116,8 @@ protected function onVerifyGetSecret($user) // catching sql exception in case of any sql inconsistencies try { - $query = $this->getUsersTable()->query(); - $query->update() + $query = $this->getUsersTable()->updateQuery(); + $query ->set(['secret' => $secret]) ->where(['id' => $user['id']]); $query->execute(); @@ -183,7 +183,7 @@ protected function onPostVerifyCodeOkay($loginAction, $user) unset($user['secret']); if (!$user['secret_verified']) { - $this->getUsersTable()->query()->update() + $this->getUsersTable()->updateQuery() ->set(['secret_verified' => true]) ->where(['id' => $user['id']]) ->execute(); diff --git a/src/Controller/Traits/PasswordManagementTrait.php b/src/Controller/Traits/PasswordManagementTrait.php index 09878ae2a..4aaf8c156 100644 --- a/src/Controller/Traits/PasswordManagementTrait.php +++ b/src/Controller/Traits/PasswordManagementTrait.php @@ -195,8 +195,8 @@ public function resetOneTimePasswordAuthenticator($id = null) { if ($this->getRequest()->is('post')) { try { - $query = $this->getUsersTable()->query(); - $query->update() + $query = $this->getUsersTable()->updateQuery(); + $query ->set(['secret_verified' => false, 'secret' => null]) ->where(['id' => $id]); $query->execute(); diff --git a/src/Model/Table/UsersTable.php b/src/Model/Table/UsersTable.php index 4e6954348..70b3f79ac 100644 --- a/src/Model/Table/UsersTable.php +++ b/src/Model/Table/UsersTable.php @@ -51,19 +51,6 @@ class UsersTable extends Table */ public $isValidateEmail = false; - /** - * Field additional_data is json - * - * @param \Cake\Database\Schema\TableSchemaInterface $schema The table definition fetched from database. - * @return \Cake\Database\Schema\TableSchemaInterface the altered schema - */ - protected function _initializeSchema(TableSchemaInterface $schema): TableSchemaInterface - { - $schema->setColumnType('additional_data', 'json'); - - return parent::_initializeSchema($schema); - } - /** * Initialize method * @@ -84,6 +71,7 @@ public function initialize(array $config): void $this->addBehavior('CakeDC/Users.LinkSocial'); $this->addBehavior('CakeDC/Users.AuthFinder'); $this->hasMany('SocialAccounts')->setForeignKey('user_id')->setClassName('CakeDC/Users.SocialAccounts'); + $this->getSchema()->setColumnType('additional_data', 'json'); } /** diff --git a/tests/test_app/TestApp/Http/TestRequestHandler.php b/tests/test_app/TestApp/Http/TestRequestHandler.php index fe913db9b..e13521f01 100644 --- a/tests/test_app/TestApp/Http/TestRequestHandler.php +++ b/tests/test_app/TestApp/Http/TestRequestHandler.php @@ -6,7 +6,7 @@ use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; -use Zend\Diactoros\Response; +use Laminas\Diactoros\Response; class TestRequestHandler implements RequestHandlerInterface { From 81fbbfdfee3be7d5dabbf9ac9a252e098e7cede3 Mon Sep 17 00:00:00 2001 From: Kevin Pfeifer Date: Mon, 24 Apr 2023 20:28:24 +0200 Subject: [PATCH 26/71] adjust CI --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 032c79a25..624eacb05 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,11 +9,11 @@ on: jobs: testsuite: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: - php-version: ['7.3', '7.4', '8.0', '8.1'] + php-version: ['7.4', '8.0', '8.1'] db-type: [sqlite, mysql, pgsql] prefer-lowest: [''] @@ -79,7 +79,7 @@ jobs: cs-stan: name: Coding Standard & Static Analysis - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v2 @@ -87,7 +87,7 @@ jobs: - name: Setup PHP uses: shivammathur/setup-php@v2 with: - php-version: '7.3' + php-version: '7.4' extensions: mbstring, intl, apcu coverage: none From 9fa0025919955ef7d4ceed3a893e3ee3402a3a69 Mon Sep 17 00:00:00 2001 From: Kevin Pfeifer Date: Mon, 24 Apr 2023 20:32:16 +0200 Subject: [PATCH 27/71] fix tests --- .../Traits/Integration/LoginTraitIntegrationTest.php | 12 ++++++------ .../PasswordManagementTraitIntegrationTest.php | 2 +- .../Integration/RegisterTraitIntegrationTest.php | 12 ++++++------ 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 811e6da8c..8868e168e 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -76,8 +76,8 @@ public function testLoginGetRequestNoSocialLogin() $this->assertResponseNotContains('Username or password is incorrect'); $this->assertResponseContains('
'); $this->assertResponseContains('Please enter your username and password'); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains('Register'); @@ -102,8 +102,8 @@ public function testLoginGetRequest() $this->assertResponseNotContains('Username or password is incorrect'); $this->assertResponseContains(''); $this->assertResponseContains('Please enter your username and password'); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains('Register'); @@ -131,8 +131,8 @@ public function testLoginPostRequestInvalidPassword() $this->assertResponseContains('Username or password is incorrect'); $this->assertResponseContains(''); $this->assertResponseContains('Please enter your username and password'); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains(''); } diff --git a/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php index 47a9e337d..03afa07e4 100644 --- a/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php @@ -41,7 +41,7 @@ public function testRequestResetPassword() $this->get('/users/request-reset-password'); $this->assertResponseOk(); $this->assertResponseContains('Please enter your email or username to reset your password'); - $this->assertResponseContains(''); + $this->assertResponseContains(''); } /** diff --git a/tests/TestCase/Controller/Traits/Integration/RegisterTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/RegisterTraitIntegrationTest.php index 8c7d4e852..5addda8c6 100644 --- a/tests/TestCase/Controller/Traits/Integration/RegisterTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/RegisterTraitIntegrationTest.php @@ -45,9 +45,9 @@ public function testRegister() $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains(''); } @@ -80,9 +80,9 @@ public function testRegisterPostWithErrors() $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); + $this->assertResponseContains(''); $this->assertResponseContains(''); $this->assertResponseContains(''); } From 4ff5c60f84dec89b9684053b09a95c5d7488bfb5 Mon Sep 17 00:00:00 2001 From: Kevin Pfeifer Date: Mon, 24 Apr 2023 20:34:13 +0200 Subject: [PATCH 28/71] fix cs --- src/Model/Table/UsersTable.php | 1 - tests/test_app/TestApp/Http/TestRequestHandler.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Model/Table/UsersTable.php b/src/Model/Table/UsersTable.php index 70b3f79ac..1bdda36d8 100644 --- a/src/Model/Table/UsersTable.php +++ b/src/Model/Table/UsersTable.php @@ -13,7 +13,6 @@ namespace CakeDC\Users\Model\Table; -use Cake\Database\Schema\TableSchemaInterface; use Cake\ORM\RulesChecker; use Cake\ORM\Table; use Cake\Validation\Validator; diff --git a/tests/test_app/TestApp/Http/TestRequestHandler.php b/tests/test_app/TestApp/Http/TestRequestHandler.php index e13521f01..dffda2ca1 100644 --- a/tests/test_app/TestApp/Http/TestRequestHandler.php +++ b/tests/test_app/TestApp/Http/TestRequestHandler.php @@ -3,10 +3,10 @@ namespace TestApp\Http; +use Laminas\Diactoros\Response; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; -use Laminas\Diactoros\Response; class TestRequestHandler implements RequestHandlerInterface { From d40de9834b59355ed2ed5dba165789198e76f0e7 Mon Sep 17 00:00:00 2001 From: Kevin Pfeifer Date: Wed, 26 Apr 2023 11:22:12 +0200 Subject: [PATCH 29/71] fix UsersTable schema --- src/Model/Table/UsersTable.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/Model/Table/UsersTable.php b/src/Model/Table/UsersTable.php index 1bdda36d8..ff3e3e587 100644 --- a/src/Model/Table/UsersTable.php +++ b/src/Model/Table/UsersTable.php @@ -13,6 +13,7 @@ namespace CakeDC\Users\Model\Table; +use Cake\Database\Schema\TableSchemaInterface; use Cake\ORM\RulesChecker; use Cake\ORM\Table; use Cake\Validation\Validator; @@ -70,7 +71,19 @@ public function initialize(array $config): void $this->addBehavior('CakeDC/Users.LinkSocial'); $this->addBehavior('CakeDC/Users.AuthFinder'); $this->hasMany('SocialAccounts')->setForeignKey('user_id')->setClassName('CakeDC/Users.SocialAccounts'); - $this->getSchema()->setColumnType('additional_data', 'json'); + } + + /** + * Returns the schema table object describing this table's properties. + * + * @return \Cake\Database\Schema\TableSchemaInterface + */ + public function getSchema(): TableSchemaInterface + { + $schema = parent::getSchema(); + $schema->setColumnType('additional_data', 'json'); + + return $schema; } /** From 34988ab808a8d562d25a4fcd0fd424afebf0a39b Mon Sep 17 00:00:00 2001 From: Bence Date: Sun, 11 Jun 2023 16:34:52 +0100 Subject: [PATCH 30/71] Update Permissions.md Missing comma --- Docs/Documentation/Permissions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Docs/Documentation/Permissions.md b/Docs/Documentation/Permissions.md index d2b55f20f..6447cdca5 100644 --- a/Docs/Documentation/Permissions.md +++ b/Docs/Documentation/Permissions.md @@ -23,7 +23,7 @@ return [ //...... all other rules [ 'controller' => 'Pages', - 'action' => ['home', 'contact', 'projects'] + 'action' => ['home', 'contact', 'projects'], 'bypassAuth' => true, ], ], From 471f12bab0b5a2f746201eed65edcbd6ae2e0613 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20M=2E=20Gonz=C3=A1lez=20Mart=C3=ADn?= Date: Fri, 7 Jul 2023 19:39:20 +0100 Subject: [PATCH 31/71] Update Extending-the-Plugin.md --- Docs/Documentation/Extending-the-Plugin.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Docs/Documentation/Extending-the-Plugin.md b/Docs/Documentation/Extending-the-Plugin.md index 4f8cfe77e..a57142893 100644 --- a/Docs/Documentation/Extending-the-Plugin.md +++ b/Docs/Documentation/Extending-the-Plugin.md @@ -22,6 +22,13 @@ use CakeDC\Users\Model\Table\UsersTable; */ class MyUsersTable extends UsersTable { + // important, you'll need to override the alias if you extend from an existing table + public function initialize(array $config): void + { + parent::initialize($config); + + $this->setAlias('MyUsers'); + } } ``` From cb4e067f8fc8c8f90e99a6dab89199a1e2cb440d Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 13 Jul 2023 23:26:46 +0300 Subject: [PATCH 32/71] use url builder for login redirect --- src/Controller/Traits/UserValidationTrait.php | 5 ++-- .../Traits/UserValidationTraitTest.php | 29 ++++++++++++++----- 2 files changed, 25 insertions(+), 9 deletions(-) diff --git a/src/Controller/Traits/UserValidationTrait.php b/src/Controller/Traits/UserValidationTrait.php index 16bcf90a0..5b03d516a 100644 --- a/src/Controller/Traits/UserValidationTrait.php +++ b/src/Controller/Traits/UserValidationTrait.php @@ -18,6 +18,7 @@ use CakeDC\Users\Exception\UserAlreadyActiveException; use CakeDC\Users\Exception\UserNotFoundException; use CakeDC\Users\Plugin; +use CakeDC\Users\Utility\UsersUrl; use Exception; /** @@ -81,7 +82,7 @@ public function validate($type = null, $token = null) $this->Flash->error(__d('cake_d_c/users', 'Token already expired')); } - return $this->redirect(['action' => 'login']); + return $this->redirect(UsersUrl::actionUrl('login')); } /** @@ -119,7 +120,7 @@ public function resendTokenValidation() $this->Flash->error(__d('cake_d_c/users', 'Token could not be reset')); } - return $this->redirect(['action' => 'login']); + return $this->redirect(UsersUrl::actionUrl('login')); } catch (UserNotFoundException $ex) { $this->Flash->error(__d('cake_d_c/users', 'User {0} was not found', $reference)); } catch (UserAlreadyActiveException $ex) { diff --git a/tests/TestCase/Controller/Traits/UserValidationTraitTest.php b/tests/TestCase/Controller/Traits/UserValidationTraitTest.php index 584d8596c..f6852f38e 100644 --- a/tests/TestCase/Controller/Traits/UserValidationTraitTest.php +++ b/tests/TestCase/Controller/Traits/UserValidationTraitTest.php @@ -50,7 +50,7 @@ public function testValidateHappyEmail() ->with('User account validated successfully'); $this->Trait->expects($this->once()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->validate('email', 'token-3'); $user = $this->table->findById($user->id)->first(); $this->assertTrue($user->active); @@ -89,7 +89,7 @@ public function testValidateUserNotFound() ->with('Invalid token or user account already validated'); $this->Trait->expects($this->once()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->validate('email', 'not-found'); } @@ -106,7 +106,7 @@ public function testValidateTokenExpired() ->with('Token already expired'); $this->Trait->expects($this->once()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->validate('email', '6614f65816754310a5f0553436dd89e9'); } @@ -143,7 +143,7 @@ public function testValidateInvalidOp() ->with('Invalid validation type'); $this->Trait->expects($this->once()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->validate('invalid-op', '6614f65816754310a5f0553436dd89e9'); } @@ -188,7 +188,7 @@ public function testResendTokenValidationHappy() ->with('Token has been reset successfully. Please check your email.'); $this->Trait->expects($this->once()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->resendTokenValidation(); } @@ -239,7 +239,7 @@ public function testResendTokenValidationAlreadyActive() ->with('User user-4 is already active'); $this->Trait->expects($this->never()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->resendTokenValidation(); } @@ -262,7 +262,22 @@ public function testResendTokenValidationNotFound() ->with('User not-found was not found'); $this->Trait->expects($this->never()) ->method('redirect') - ->with(['action' => 'login']); + ->with($this->loginUrl()); $this->Trait->resendTokenValidation(); } + + /** + * Login redirect url. + * + * @return array + */ + protected function loginUrl(): array + { + return [ + 'action' => 'login', + 'prefix' => false, + 'plugin' => 'CakeDC/Users', + 'controller' => 'Users', + ]; + } } From cb29dea5cc37594d5c7e011b7bad7cac80b76d3f Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Fri, 14 Jul 2023 00:15:38 +0300 Subject: [PATCH 33/71] code style fixes --- .../Traits/UserValidationTraitTest.php | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/TestCase/Controller/Traits/UserValidationTraitTest.php b/tests/TestCase/Controller/Traits/UserValidationTraitTest.php index f6852f38e..f8310c97f 100644 --- a/tests/TestCase/Controller/Traits/UserValidationTraitTest.php +++ b/tests/TestCase/Controller/Traits/UserValidationTraitTest.php @@ -265,19 +265,19 @@ public function testResendTokenValidationNotFound() ->with($this->loginUrl()); $this->Trait->resendTokenValidation(); } - + /** * Login redirect url. * * @return array */ - protected function loginUrl(): array - { - return [ - 'action' => 'login', - 'prefix' => false, - 'plugin' => 'CakeDC/Users', - 'controller' => 'Users', - ]; - } + protected function loginUrl(): array + { + return [ + 'action' => 'login', + 'prefix' => false, + 'plugin' => 'CakeDC/Users', + 'controller' => 'Users', + ]; + } } From e88f782671b05b52db2033f21f1c057850f18656 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20Gonz=C3=A1lez?= Date: Fri, 1 Sep 2023 16:55:12 +0100 Subject: [PATCH 34/71] update docs about linkedin compatibility --- Docs/Documentation/Installation.md | 1 - Docs/Documentation/Overview.md | 2 +- Docs/Documentation/SocialAuthentication.md | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/Docs/Documentation/Installation.md b/Docs/Documentation/Installation.md index f9d8d8e8d..94b939bf8 100644 --- a/Docs/Documentation/Installation.md +++ b/Docs/Documentation/Installation.md @@ -14,7 +14,6 @@ If you want to use social login features... composer require league/oauth2-facebook:@stable composer require league/oauth2-instagram:@stable composer require league/oauth2-google:@stable -composer require league/oauth2-linkedin:@stable composer require league/oauth1-client:@stable ``` diff --git a/Docs/Documentation/Overview.md b/Docs/Documentation/Overview.md index cc47d0159..95fa06d6c 100644 --- a/Docs/Documentation/Overview.md +++ b/Docs/Documentation/Overview.md @@ -8,7 +8,7 @@ The plugin itself is already capable of: * User registration * Account verification by a token sent via email * User login (email / password) -* Social login (Twitter, Facebook, Google, Instagram, LinkedIn) +* Social login (Twitter, Facebook, Google, Instagram) * Password reset based on requesting a token by email and entering a new password * User management (add / edit / delete) * Simple roles management diff --git a/Docs/Documentation/SocialAuthentication.md b/Docs/Documentation/SocialAuthentication.md index c2037943e..adc8d2b5d 100644 --- a/Docs/Documentation/SocialAuthentication.md +++ b/Docs/Documentation/SocialAuthentication.md @@ -6,9 +6,9 @@ We currently support the following providers to perform login as well as to link * Facebook * Twitter * Google -* LinkedIn * Instagram * Amazon +* LinkedIn (deprecated, it's not working with the OAuth 2.0 provider. They switched to OpenID-Connect.) Please [contact us](https://cakedc.com/contact) if you need to support another provider. From afb616cc9e6abe3786b69218de7af19d32507896 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodrigo=20P=C3=A9rez?= Date: Thu, 21 Sep 2023 16:17:20 +0100 Subject: [PATCH 35/71] Fix issue with password rehash with a custom password field --- src/Controller/Component/LoginComponent.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 76794abd1..7178ca0ce 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -198,8 +198,9 @@ protected function handlePasswordRehash($service, $user, \Cake\Http\ServerReques if (!$checker || method_exists($checker, 'needsPasswordRehash') && !$checker->needsPasswordRehash()) { continue; } - $password = $request->getData('password'); - $user->set('password', $password); + $passwordField = $checker->getConfig('fields.password', 'password'); + $password = $request->getData($passwordField); + $user->set($passwordField, $password); $user->setDirty('modified'); $this->getController()->getUsersTable()->save($user); break; From 539f71f45f02419c1d5898e67c75a732d97ebb5f Mon Sep 17 00:00:00 2001 From: Stefan <> Date: Mon, 25 Sep 2023 12:40:35 +0200 Subject: [PATCH 36/71] Added Dutch translation --- resources/locales/nl_NL/users.mo | Bin 0 -> 17871 bytes resources/locales/nl_NL/users.po | 926 +++++++++++++++++++++++++++++++ 2 files changed, 926 insertions(+) create mode 100644 resources/locales/nl_NL/users.mo create mode 100644 resources/locales/nl_NL/users.po diff --git a/resources/locales/nl_NL/users.mo b/resources/locales/nl_NL/users.mo new file mode 100644 index 0000000000000000000000000000000000000000..5118cbb52d0de0def826892173bea48ac0a2b6cd GIT binary patch literal 17871 zcmb`N36x}2dB-0LgA5`Ln+m9JhS5=(uGzrBh8bw4dlqMPdKnfKUst`Ze$!R;%6hN5 z=|Nl&V_bPN!BuBGw63sd0L<1+HIVQjVz4yI(uezHh zrcQtTe|6tozWZ(WyZ6?QPC54d9-nVPXG7^S&pY`T&-?b%RqA<9Tj6;x2TuS`0LQ>H zz*mFM0lVPyz#G8z;N9-~kHO>l{u@yBmYw2xXM#TXeDFf>WbjIdGay5I*MLt0uLCRK zJHTgv_kkM!8=%_%4fsOvKf&|BGf%bc_k-$p!r>J7V!qFUtHE2rb>P>)XM&G7Ty~o0 z(UtcsP~*M?d^UJFxB={do59;b_4D`OD)5-o?L1e5>TfN07Ptk}d@cu11YZL_3v7VL zg4ctZ&)dM`!1sZ4>D>fMUU!44{~(A6y?=1{3s-(DN?1<$*&s#U8uxvR!=0e`9tFk6 zTfnD)?*yfn8^8ek0JsNy6qMYyGpNR!0M7xZLCNc#Ab;Lh_$R*q*5Qvp&F3ee=J_*F zd_4+kUdJLtjlUd}yjFnH?|BZlfHJl1pvD~qPXa?wdQU*{dmX6uZwJ->E>L#&MTg%9 zpUd}$LD|JA2vPmK4BQ9q051k_1P_5n!Iyy*j8gV74bs$mFDN~H3Y1*$2Umhe-TPmH z8fOJcW{TcAa1h)9t^uzDUjTj*d;`2=SAzU`@8X~M`!pzf|2(L9JOHY{?|`zKAAlEvzXmn0%{VP4 z=8b}y&tXvGTnEbE?gYi}4?ywvFetuH_HDZtIlLH@T}^<}?<+y+=`g7JZv^@CZsMQb z-v_P*9|XnEBcS-*u+sY3ASk;V10}a95SG1ngPO-(4!;LVACG{94DT3>QT0y;HSQKr z@|pmppD9p!?Sh)`ZJ_4$Wl(YEC@B5?)RmvkV3N;z(AWj2b_YO)^rk`0=k4zM2SM?D zA1FS)?aChprROtNTfLqI-oy77fwGeyf+n6L{Ed7c16BT3hxdY-|G$FL$1_%K)je*^O84WOLe;AP;6;O(IFeh(jrCh&NKD7(K9)O-&*d=)6Wng&k-o1l>^D1L4L zHU0-dRN#FKRQtaIp9%gDTmk+YsQ&*OJQ+L{=2d^8{6C=jISc0Jz;nT?z}vtGd@9P5{Wn31yw8Br&p(4|zwCS~?^WPMe7^*IA$YCB z+dp`{u1b7Dcci=Yg7ohC=rGr+VSAep^8Yn%z0hC?62b7#{0-NCdAR)x75Y%PA z6QJIwp!m22+yg!UYMv_)wr~@88aVFoFsSx#0FMJd3~Jolz-NJf1d6}!fU>ingR-yZ zZt*-s;8j4yr#h&19|xZeehJh(zX!sC_Y+Y3t){YYH>iF);OXFv;920OLD}7dpyu(Y zD_?c7T`#wSmrz~pFV^- z?;7)DWvRzELsz>p!8hEq#{P5n{7LW~&|9JBKm*Y8q5C1}v;}3K<9Lw#B+J9Da0Zmj z>d@DrE1;FoXQ8VgeVCq+!%IL!<<+1sLHZyP^O0Sg>7G9W{*HT|2IT{iQ}+2Z4}SoC z%M}FR*C6S96(n1JE%f`)d!TEfw?k9V2cgTLJ0N|k&^WYAU-(GRS3<9bJ`cr^WPTF# z0qA!j+1M?RJ~vx1`JEnL3Hf?(p9?|U$oos^^{y;~eeU5D5S4mu=nJmwdN71!2XBNv z0-X%K1^N*5F6a}`H=$QR`dk8Sf+nFqg)Bx)*vL)PYWeZiVzY7rNX$*?;n{4@1X7 zEC*)Yc>qkH*Fn3WBhYQoJ0X4k1bPaz8G1jY&qnCWkmBOm&^&Y_^gifQ&~j)yvK#)4s<)D&$FT9%@gq)+zPFQJ__9fH6ZVzq#d;U zY9mOJEvxE{`Sx^Fjaz>HG|-6a15s<0A9SK%U^=SR!q%2mX{Q^m+IrDCHQwq^gq>(= z-Wxiw%TME(u;mR^t6@9!$M%o+$c2qy0JZuJ0qmuWRkKiX=cuJC~ZleLGRl||N zSs0+HpR~hjG!<3-ZW4BSZ|37}#}6Fi(_ts2f`!DBn@1hpnTi3vN&FiE3U-EVh0?KlY&)6Q16jJ6|x%nF?+BYwX+ z9klA96_P3q`q!+#)*I@CKC@vI_b?Zri!}CYVIxEa=cpD+TB=$nOhVO1!G<%#;wsv( zMh_vypyO>b1N#Rsrn$IN%f7e!zDsdI&aG6rK>n^L)$GKL&d!^#w2_f3Kz4ISJ{4h)Mo6eVD7=Vpp%jOaHgelq*jJ%NyAxN#j45Yvj)#hWppS<_ zJFBuCaa>1)LtSLVz||m)QB}_8tnuE(#>Y$LoZGsc4h?%^8x8{;XmQ6GHpb*xumhDt@_R(~=n3$cr%mqnl2;V5i+Zh?7 z+g0;+*+INrQzoi4qSj1iyww=#SJTG4UyG72p)PkdsC zF|WCB(x2?abBZU50=rs1p2-&+KWqh)7>22Ld3Q3}9lGAk{E{?miwP z(MTsy{H)NK39y+z`5|1=HFe-G>%drQ1MirM-fcT;a~lq8bhn#?@bNQ80QEEEddfwwoV zu|VJu`-s)!2-G}e!KU=ZT94`}diA~;G4#HQp?%nBfNRE`=tx1ec0nOrC8?Lk)9j%X z;fZd>rjxv0>9yu#N9?sOx{F&ZdX1+s*2$0{@7|OwH?QWpw6P~hkT0QHV@c4}>9A@` zLgSw*iU~cfZfFB*CN%2^_$cu$VFI>0+uWGt|E>L#a|^i3w5Cf(8DCGX-$G00 zX^VykqvJ|82GIx^26?bu@InT)pwQUWg3`>C@%St;ax=+B$!hd9l`fT#WNIoi*Hg?= z9XRTaSKzP`imOXm`MrMF!c{)>6iVQNfyN@l`E~Cnfx@qn)cPzI+j-{#|2wohLg83 ziCrF?ma5R7c`s6LHVR5JHX_T1F-iA9yu#DJJZfolS(FV_dS#zRqk2oBT?w8yYP0vD zzKw|q2Vwu)B_vhuBgtB2#+Pk&^6U`ff+Xl0_2C z;w|~REbCT|81{-aE%}bwz*TzXc%iR%b{kSFn^oRvR!cp&noIDfnkDvJbu;3Emp$I~ zDqs8h+vG2@`b?5sfXyloo$$5Ys3Q>=uQUJsk*nL3CAKWjVnS2uYL?lga+td6rkY8z z3K1u4w$u4yg}irhm)V&c!K%sZVp_3vb=NeXiW#sZ?p&h%D=_Mc6T6)qn~Mjga1h)} z(T$ZvI|_o5H@xT8XVIH^8Pd zb1Ke6ud=R;7n>F)&(_F#$lJM{TV9U2{YzW z=_?@FF;_2&p^ttgo`gO*)8OVHs(QxI1L0oKCVs7g+% zpgnXT7*-nT*+nJ3Qdz~R*zzL#gn>xr|WVz4bkkfgVT4mZJJlci91AN==@Mc z{jZ_-VwY;F!!d38c%9eH5*vwC%C#?Zn=LP*HfzhYlvT>ZXMP@JJ1OsX%_1Z9m`zqM zRLzIjNw(848>o4)7quqitBp610(0()RdJYVJ2rDwp!)5*%Ts9=9n|X-XDfv*X>V37 zjM2mJXQQ~Ac=>K$ekV?PVRL0Zp)8VGXRhRJD$3p!Sah%g8kN|UDHE$zNA|8yn1v{2 zv_{T;nB$UxU9|xsMS`pb{R0R0zkFodm_IRcaCF!HeajE*A24_wfzCpOrH42%#t6-WmC3nrs<`DFt;Y`!M`4#c63(>7H$ zRW>gF|2x``LUuU)r~8zVh!OAW>{MEu*2i&YE(kbVYF*6nUw(dL))K!S8b#5lR(v^w zv$Y~N8agf}b{4Dc=3QOq5LqTY%YiCin^b4uxLpsaPJzu~6(R?8+7RdftWq2W7HkBV zjT@yQhHxg5D8a1eqtV5zFK zBgtN6C5%{@9*ve(EHQ#31x?FbG_VM;xn9Z&cFIum(ek>cgQ5VDh%IBINko)=qp~`> z3WAn*DMrhkPQB2TQjT0o{-%JNGiUB98Sc5%La&*L+if-@%0^TNBWFN1-!qvaJ{cvA?o9gl{O{msC76-Gyq(>shM^Vp zkneUKKZ%S3uQ~1*`?uJ*qOmj1UMtb4R8z#&b!kz4lTS(`_T#J~h ze!rohlOtBsPqad2zo^kh+aecAOY^Xiw1S|S4crU2{X?4QY;*mI{BC7C$yk$bW?54r zFoDyW{_+RRe^K4r&;px1{maql3;}{Bi!a=;3^jDpU{VTe{B9p&Rv_FP)w-FkMSN{7 zecY39(HG1R`b?x`6(Rg&oe;Kg8PfUUEsNMTfpX4QW=@Vnc!Mw2_8D07XXwc;d29V< zj0@JHkhr63rFu z6l`ZDtHO;8InyKp!96FV!(vkRGhyOf#W?LgyYl6Oc&?xqw-=UJb95CsUoU+(@+p-l z8dJF#)YqB~NipDBWwKxGtz6zB>j#%Ng_VPCYjNFOq&{=bJ#OJb-PfSs{d+5VU&Yd> zJ%*i|c7lK__QGOPVuB4Q-)$@+A7NKB6CEbrul0F@f=$8#*DQTzb(= zZ1p9bW<@YZ7rljR$*yy&wynh7ZXE-aCv0{L%4~ZRSujtuVhzSDH4ON8H5RO5w2|?a z%%xznvhqB~=o2z+`exEEb*`#{fD4{c0es5?p0*1Mf|^NZU7ctqoMn!m>== zrs9!eXR1(6@@H?hh){)#EwjMn%Zj<&(z3Sjev4R2u2#3}Vk2bpaU?q2;ws48`P0P1 zCpm-T8ZBf790A%uEXU1OE7`n~=zkCIz)va&(``vbceH=Od{uVdm-5UAZ zVWmzav>b_Kd;UD^ICp>i3$a7F`xo??=@JRLEY)MRvu7YlZF7+`rRqq1F1_Lxgp zMQ(TPmF<@^!!~Jb;P%_KB`Pgk*?O`YHFtV_-6pVl1h-x6U7kF14H!|+k%$SxoIpKKBUa~!? zNp*W&I72G!C+wceoFkPh_H)Jx?CL(DDQc{xyAb<})hJCrOUZg8XU&jBu_oI$liU_# zvvvrx{E*Gw)7k&Zb};SKa&;q*0V%4`sf*SvCfX{a0YQ}yKRHTLa##ki}{olf41^+Qz^9n@iSY%uHRx`TdKDcW%TncrlkBeMC;OtD7C^*gFfHi2DPjSB|GlSRFg%tXFhO4`xt$ASB1!L=3x=J7cz*vrYT5 zO$U6tP^_9MYX$C*T@&@TjEs$GSq@lOF>2V6l$J~nTV$=7`(_7W75@s9XE-UIK@>Nv z@S__kE^yU*wn`|_{MP+3zn;&yJ6k$_!sp!C@rF0c50C4immePHvA(=;tmL;A?#D1V haB-63`gO+A7rK6?vnRNtRuC;WSzIf4TdsWXe*qIvouvQ( literal 0 HcmV?d00001 diff --git a/resources/locales/nl_NL/users.po b/resources/locales/nl_NL/users.po new file mode 100644 index 000000000..e383ff802 --- /dev/null +++ b/resources/locales/nl_NL/users.po @@ -0,0 +1,926 @@ +# LANGUAGE translation of CakePHP Application +# Copyright YEAR NAME +# +msgid "" +msgstr "" +"Project-Id-Version: PROJECT VERSION\n" +"POT-Creation-Date: 2022-03-11 13:46+0100\n" +"PO-Revision-Date: 2023-09-25 12:37+0200\n" +"Last-Translator: \n" +"Language-Team: LANGUAGE \n" +"Language: nl_NL\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 3.3.2\n" + +#: src/Controller/SocialAccountsController.php:50 +msgid "Account validated successfully" +msgstr "De account is succesvol gevalideerd" + +#: src/Controller/SocialAccountsController.php:52 +msgid "Account could not be validated" +msgstr "De account kon niet worden gevalideerd" + +#: src/Controller/SocialAccountsController.php:55 +msgid "Invalid token and/or social account" +msgstr "Ongeldige token of sociale media account" + +#: src/Controller/SocialAccountsController.php:57 +#: src/Controller/SocialAccountsController.php:85 +msgid "Social Account already active" +msgstr "Sociale media account al geactiveerd" + +#: src/Controller/SocialAccountsController.php:59 +msgid "Social Account could not be validated" +msgstr "Sociale media account kon niet worden gevalideerd" + +#: src/Controller/SocialAccountsController.php:78 +msgid "Email sent successfully" +msgstr "E-mail succesvol verzonden" + +#: src/Controller/SocialAccountsController.php:80 +msgid "Email could not be sent" +msgstr "E-mail kon niet worden verzonden" + +#: src/Controller/SocialAccountsController.php:83 +msgid "Invalid account" +msgstr "De account is niet geldig" + +#: src/Controller/SocialAccountsController.php:87 +msgid "Email could not be resent" +msgstr "E-mail kon niet worden verzonden" + +#: src/Controller/Traits/LinkSocialTrait.php:56 +msgid "Could not associate account, please try again." +msgstr "De account kon niet worden gekoppeld, probeer het alstublieft opnieuw." + +#: src/Controller/Traits/LinkSocialTrait.php:80 +msgid "Social account was associated." +msgstr "Sociale media account is gekoppeld." + +#: src/Controller/Traits/LoginTrait.php:73 +msgid "You've successfully logged out" +msgstr "U bent uitgelogd" + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:75 +msgid "Please enable Google Authenticator first." +msgstr "Activeer alstublieft eerst de Google Authenticator." + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:90 +msgid "Could not find user data" +msgstr "Gebruikersdata niet gevonden" + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:129 +msgid "Could not verify, please try again" +msgstr "Verificatie mislukt, probeer het alstublieft opnieuw" + +#: src/Controller/Traits/OneTimePasswordVerifyTrait.php:161 +msgid "Verification code is invalid. Try again" +msgstr "De verificatiecode is ongeldig. Probeer het alstublieft opnieuw" + +#: src/Controller/Traits/PasswordManagementTrait.php:63 +msgid "Changing another user's password is not allowed" +msgstr "Het wachtwoord van een andere gebruiker veranderen is niet toegestaan" + +#: src/Controller/Traits/PasswordManagementTrait.php:77 +#: src/Controller/Traits/PasswordManagementTrait.php:121 +#: src/Controller/Traits/ProfileTrait.php:54 +msgid "User was not found" +msgstr "Kon de gebruiker niet vinden" + +#: src/Controller/Traits/PasswordManagementTrait.php:105 +#: src/Controller/Traits/PasswordManagementTrait.php:117 +#: src/Controller/Traits/PasswordManagementTrait.php:125 +msgid "Password could not be changed" +msgstr "Het wachtwoord kon niet worden gewijzigd" + +#: src/Controller/Traits/PasswordManagementTrait.php:113 +msgid "Password has been changed successfully" +msgstr "Het wachtwoord is gewijzigd" + +#: src/Controller/Traits/PasswordManagementTrait.php:167 +msgid "Please check your email to continue with password reset process" +msgstr "" +"Er is een e-mail naar u verzonden, met instructies voor het opnieuw " +"instellen van uw wachtwoord" + +#: src/Controller/Traits/PasswordManagementTrait.php:170 +#: src/Shell/UsersShell.php:286 +msgid "The password token could not be generated. Please try again" +msgstr "" +"De token om uw wachtwoord opnieuw in te stellen, kon niet worden " +"gegenereerd. Probeer het alstublieft opnieuw" + +#: src/Controller/Traits/PasswordManagementTrait.php:176 +#: src/Controller/Traits/UserValidationTrait.php:124 +msgid "User {0} was not found" +msgstr "Gebruiker {0} niet gevonden" + +#: src/Controller/Traits/PasswordManagementTrait.php:178 +msgid "The user is not active" +msgstr "Deze gebruiker is niet actief" + +#: src/Controller/Traits/PasswordManagementTrait.php:180 +#: src/Controller/Traits/UserValidationTrait.php:119 +#: src/Controller/Traits/UserValidationTrait.php:128 +msgid "Token could not be reset" +msgstr "Kon de token niet opnieuw instellen" + +#: src/Controller/Traits/PasswordManagementTrait.php:204 +msgid "Google Authenticator token was successfully reset" +msgstr "De Google Authenticator token is opnieuw ingesteld" + +#: src/Controller/Traits/PasswordManagementTrait.php:207 +msgid "Could not reset Google Authenticator" +msgstr "Kon de Google Authenticator niet opnieuw instellen" + +#: src/Controller/Traits/ProfileTrait.php:58 +msgid "Not authorized, please login first" +msgstr "Niet toegestaan, log alstublieft eerst in" + +#: src/Controller/Traits/RegisterTrait.php:47 +msgid "You must log out to register a new user account" +msgstr "U moet uitloggen, voordat u een nieuwe gebruiker kunt registreren" + +#: src/Controller/Traits/RegisterTrait.php:86 +#: src/Controller/Traits/RegisterTrait.php:117 +msgid "The user could not be saved" +msgstr "De gebruiker kon niet worden opgeslagen" + +#: src/Controller/Traits/RegisterTrait.php:103 +#: src/Loader/LoginComponentLoader.php:33 +msgid "Invalid reCaptcha" +msgstr "Ongeldige reCaptcha" + +#: src/Controller/Traits/RegisterTrait.php:151 +msgid "You have registered successfully, please log in" +msgstr "U bent succesvol geregistreerd, log alstublieft in" + +#: src/Controller/Traits/RegisterTrait.php:153 +msgid "Please validate your account before log in" +msgstr "Valideer alstublieft eerst uw account voordat u inlogt" + +#: src/Controller/Traits/SimpleCrudTrait.php:77 +#: src/Controller/Traits/SimpleCrudTrait.php:107 +msgid "The {0} has been saved" +msgstr "De {0} is opgeslagen" + +#: src/Controller/Traits/SimpleCrudTrait.php:81 +#: src/Controller/Traits/SimpleCrudTrait.php:111 +msgid "The {0} could not be saved" +msgstr "De {0} kon niet worden opgeslagen" + +#: src/Controller/Traits/SimpleCrudTrait.php:131 +msgid "The {0} has been deleted" +msgstr "De {0} is verwijderd" + +#: src/Controller/Traits/SimpleCrudTrait.php:133 +msgid "The {0} could not be deleted" +msgstr "De {0} kon niet worden verwijderd" + +#: src/Controller/Traits/U2fTrait.php:216 +msgid "U2F requires SSL." +msgstr "Voor U2F is SSL nodig." + +#: src/Controller/Traits/UserValidationTrait.php:49 +msgid "User account validated successfully" +msgstr "De account is succesvol gevalideerd" + +#: src/Controller/Traits/UserValidationTrait.php:51 +msgid "User account could not be validated" +msgstr "De account kon niet worden gevalideerd" + +#: src/Controller/Traits/UserValidationTrait.php:54 +msgid "User already active" +msgstr "Deze gebruiker is al actief" + +#: src/Controller/Traits/UserValidationTrait.php:60 +msgid "Reset password token was validated successfully" +msgstr "De token om uw wachtwoord opnieuw in te stellen is gevalideerd" + +#: src/Controller/Traits/UserValidationTrait.php:68 +msgid "Reset password token could not be validated" +msgstr "" +"De token om uw wachtwoord opnieuw in te stellen kon niet worden gevalideerd" + +#: src/Controller/Traits/UserValidationTrait.php:72 +msgid "Invalid validation type" +msgstr "Ongeldig validatietype" + +#: src/Controller/Traits/UserValidationTrait.php:75 +msgid "Invalid token or user account already validated" +msgstr "De token is ongeldig of de account is a gevalideerd" + +#: src/Controller/Traits/UserValidationTrait.php:81 +msgid "Token already expired" +msgstr "De token is al verlopen" + +#: src/Controller/Traits/UserValidationTrait.php:114 +msgid "Token has been reset successfully. Please check your email." +msgstr "De token is opnieuw ingesteld. U ontvangt hierover een e-mail." + +#: src/Controller/Traits/UserValidationTrait.php:126 +msgid "User {0} is already active" +msgstr "Gebruiker {0} is al actief" + +#: src/Controller/Traits/Webauthn2faTrait.php:53 +#: src/Controller/Traits/Webauthn2faTrait.php:73 +msgid "User already has configured webauthn2fa" +msgstr "De gebruiker heeft webauthn2fa al geconfigureerd" + +#: src/Controller/Traits/Webauthn2faTrait.php:77 +#: src/Controller/Traits/Webauthn2faTrait.php:122 +msgid "Register error with webauthn for user id: {0}" +msgstr "" +"Er ging iets fout bij het registreren van webauthn voor gebruiker id: {0}" + +#: src/Loader/AuthenticationServiceLoader.php:109 +msgid "Property {0}.className should be defined" +msgstr "De property {0}.className moet worden gedefinieerd" + +#: src/Loader/LoginComponentLoader.php:31 +msgid "Username or password is incorrect" +msgstr "De gebruikersnaam of het wachtwoord is incorrect" + +#: src/Loader/LoginComponentLoader.php:52 +msgid "Could not proceed with social account. Please try again" +msgstr "" +"Kon geen verbinding maken met de sociale media account. Probeer het " +"alstublieft opnieuw" + +#: src/Loader/LoginComponentLoader.php:54 +msgid "" +"Your user has not been validated yet. Please check your inbox for " +"instructions" +msgstr "" +"Uw account is nog niet gevalideerd. Zie voor instructies alstublieft uw " +"mailbox" + +#: src/Loader/LoginComponentLoader.php:58 +msgid "" +"Your social account has not been validated yet. Please check your inbox for " +"instructions" +msgstr "" +"Uw sociale media account is nog niet gevalideerd. Zie voor instructies " +"alstublieft uw mailbox" + +#: src/Mailer/UsersMailer.php:36 +msgid "Your account validation link" +msgstr "De link voor het valideren van uw account" + +#: src/Mailer/UsersMailer.php:63 +msgid "{0}Your reset password link" +msgstr "{0} De link om uw wachtwoord opnieuw in te stellen" + +#: src/Mailer/UsersMailer.php:95 +msgid "{0}Your social account validation link" +msgstr "{0} De link om uw sociale media account te valideren" + +#: src/Middleware/SocialAuthMiddleware.php:47 +#: templates/Users/social_email.php:16 +msgid "Please enter your email" +msgstr "Vul alstublieft uw e-mailadres in" + +#: src/Middleware/SocialAuthMiddleware.php:57 +msgid "Could not identify your account, please try again" +msgstr "Kon uw account niet identificeren, probeer het alstublieft opnieuw" + +#: src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php:112 +msgid "You are not authorized to access that location." +msgstr "U heeft onvoldoende rechten om die pagina te bekijken." + +#: src/Model/Behavior/AuthFinderBehavior.php:49 +msgid "Missing 'username' in options data" +msgstr "Het veld 'username' ontbreekt bij de opties" + +#: src/Model/Behavior/LinkSocialBehavior.php:52 +msgid "Social account already associated to another user" +msgstr "Deze sociale media account is al gekoppeld aan een andere gebruiker" + +#: src/Model/Behavior/PasswordBehavior.php:45 +msgid "Reference cannot be null" +msgstr "Referentie mag niet leeg zijn" + +#: src/Model/Behavior/PasswordBehavior.php:50 +msgid "Token expiration cannot be empty" +msgstr "Vervaldatum van de token mag niet leeg zijn" + +#: src/Model/Behavior/PasswordBehavior.php:56 +#: src/Model/Behavior/PasswordBehavior.php:136 +msgid "User not found" +msgstr "De gebruiker kon niet worden gevonden" + +#: src/Model/Behavior/PasswordBehavior.php:60 +#: src/Model/Behavior/RegisterBehavior.php:129 +msgid "User account already validated" +msgstr "De gebruikersaccount is al gevalideerd" + +#: src/Model/Behavior/PasswordBehavior.php:66 +msgid "User not active" +msgstr "De gebruiker is niet actief" + +#: src/Model/Behavior/PasswordBehavior.php:141 +msgid "The current password does not match" +msgstr "Het huidige wachtwoord is niet correct" + +#: src/Model/Behavior/PasswordBehavior.php:144 +msgid "You cannot use the current password as the new one" +msgstr "Uw nieuwe wachtwoord mag niet hetzelfde zijn als uw oude wachtwoord" + +#: src/Model/Behavior/RegisterBehavior.php:107 +msgid "User not found for the given token and email." +msgstr "Kon geen gebruiker vinden met de opgegeven token of e-mailadres." + +#: src/Model/Behavior/RegisterBehavior.php:110 +msgid "Token has already expired user with no token" +msgstr "De token is al verlopen of de gebruiker heeft geen token" + +#: src/Model/Behavior/RegisterBehavior.php:167 +msgid "This field is required" +msgstr "Dit veld moet worden ingevuld" + +#: src/Model/Behavior/SocialAccountBehavior.php:100 +#: src/Model/Behavior/SocialAccountBehavior.php:130 +msgid "Account already validated" +msgstr "De account is al gevalideerd" + +#: src/Model/Behavior/SocialAccountBehavior.php:104 +#: src/Model/Behavior/SocialAccountBehavior.php:135 +msgid "Account not found for the given token and email." +msgstr "Kon geen account vinden met de opgegeven token of e-mailadres." + +#: src/Model/Behavior/SocialBehavior.php:85 +msgid "Unable to login user with reference {0}" +msgstr "Inloggen van de gebruiker met referentie {0} is niet gelukt" + +#: src/Model/Behavior/SocialBehavior.php:136 +msgid "Email not present" +msgstr "E-mail is niet ingegeven" + +#: src/Model/Table/UsersTable.php:107 +msgid "Your password does not match your confirm password. Please try again" +msgstr "De twee ingegeven wachtwoorden komen niet overeen" + +#: src/Model/Table/UsersTable.php:201 +msgid "Username already exists" +msgstr "Deze gebruikernaam is al gebruikt" + +#: src/Model/Table/UsersTable.php:207 +msgid "Email already exists" +msgstr "Dit e-mailadres is al gebruikt" + +#: src/Shell/UsersShell.php:46 +msgid "Utilities for CakeDC Users Plugin" +msgstr "Hulpprogramma's voor de CakeDC Users Plugin" + +#: src/Shell/UsersShell.php:48 +msgid "Activate an specific user" +msgstr "Activeer een specifieke gebruiker" + +#: src/Shell/UsersShell.php:51 +msgid "Add a new superadmin user for testing purposes" +msgstr "Voeg een superbeheerder toe, voor testdoeleinden" + +#: src/Shell/UsersShell.php:54 +msgid "Add a new user" +msgstr "Voeg een nieuwe gebruiker toe" + +#: src/Shell/UsersShell.php:57 +msgid "Change the role for an specific user" +msgstr "Verander de rol van een specifieke gebruiker" + +#: src/Shell/UsersShell.php:60 +msgid "Change the api token for an specific user" +msgstr "Wijzig de api token voor een specifieke gebruiker" + +#: src/Shell/UsersShell.php:63 +msgid "Deactivate an specific user" +msgstr "Deactiveer een specifieke gebruiker" + +#: src/Shell/UsersShell.php:66 +msgid "Delete an specific user" +msgstr "Verwijder een specifieke gebruiker" + +#: src/Shell/UsersShell.php:69 +msgid "Reset the password via email" +msgstr "Reset het wachtwoord via e-mail" + +#: src/Shell/UsersShell.php:72 +msgid "Reset the password for all users" +msgstr "Reset het wachtwoord van alle gebruikers" + +#: src/Shell/UsersShell.php:75 +msgid "Reset the password for an specific user" +msgstr "Reset het wachtwoord van een specifieke gebruiker" + +#: src/Shell/UsersShell.php:135 src/Shell/UsersShell.php:161 +msgid "Please enter a password." +msgstr "Vul alstublieft een wachtwoord in." + +#: src/Shell/UsersShell.php:139 +msgid "Password changed for all users" +msgstr "Het wachtwoord van alle gebruikers is gewijzigd" + +#: src/Shell/UsersShell.php:140 src/Shell/UsersShell.php:168 +msgid "New password: {0}" +msgstr "Nieuwe wachtwoord: {0}" + +#: src/Shell/UsersShell.php:158 src/Shell/UsersShell.php:186 +#: src/Shell/UsersShell.php:214 src/Shell/UsersShell.php:304 +#: src/Shell/UsersShell.php:403 +msgid "Please enter a username." +msgstr "Vul alstublieft een gebruikersnaam in." + +#: src/Shell/UsersShell.php:167 +msgid "Password changed for user: {0}" +msgstr "Het wachtwoord van de gebruiker {0} is gewijzigd" + +#: src/Shell/UsersShell.php:189 +msgid "Please enter a role." +msgstr "Vul alstublieft een rol in." + +#: src/Shell/UsersShell.php:195 +msgid "Role changed for user: {0}" +msgstr "De rol van de gebruiker {0} is gewijzigd" + +#: src/Shell/UsersShell.php:196 +msgid "New role: {0}" +msgstr "Nieuwe rol: {0}" + +#: src/Shell/UsersShell.php:217 +msgid "Please enter a token." +msgstr "Vul alstublieft een token in." + +#: src/Shell/UsersShell.php:224 +msgid "User was not saved, check validation errors" +msgstr "De gebruiker is niet opgeslagen, controleer de data-validatie-fouten" + +#: src/Shell/UsersShell.php:229 +msgid "Api token changed for user: {0}" +msgstr "De api token van de gebruiker {0} is gewijzigd" + +#: src/Shell/UsersShell.php:230 +msgid "New token: {0}" +msgstr "Nieuwe token: {0}" + +#: src/Shell/UsersShell.php:245 +msgid "User was activated: {0}" +msgstr "De gebruiker is geactiveerd: {0}" + +#: src/Shell/UsersShell.php:260 +msgid "User was de-activated: {0}" +msgstr "De gebruiker is gedeactiveerd: {0}" + +#: src/Shell/UsersShell.php:272 +msgid "Please enter a username or email." +msgstr "Vul alstublieft een nieuwe gebruikersnaam of e-mailadres in." + +#: src/Shell/UsersShell.php:280 +msgid "" +"Please ask the user to check the email to continue with password reset " +"process" +msgstr "" +"Vraag alstublieft de gebruiker om de e-mail te bekijken, om verder te gaan " +"met het opnieuw instellen van het wachtwoord" + +#: src/Shell/UsersShell.php:350 +msgid "Superuser added:" +msgstr "Supergebruiker toegevoegd:" + +#: src/Shell/UsersShell.php:352 +msgid "User added:" +msgstr "Gebruiker toegevoegd:" + +#: src/Shell/UsersShell.php:354 +msgid "Id: {0}" +msgstr "Id: {0}" + +#: src/Shell/UsersShell.php:355 +msgid "Username: {0}" +msgstr "Gebruikersnaam: {0}" + +#: src/Shell/UsersShell.php:356 +msgid "Email: {0}" +msgstr "E-mailadres: {0}" + +#: src/Shell/UsersShell.php:357 +msgid "Role: {0}" +msgstr "Rol: {0}" + +#: src/Shell/UsersShell.php:358 +msgid "Password: {0}" +msgstr "Wachtwoord: {0}" + +#: src/Shell/UsersShell.php:360 +msgid "User could not be added:" +msgstr "De gebruiker kon niet worden toegevoegd:" + +#: src/Shell/UsersShell.php:363 +msgid "Field: {0} Error: {1}" +msgstr "Veld: {0} Foutmelding: {1}" + +#: src/Shell/UsersShell.php:379 +msgid "The user was not found." +msgstr "De gebruiker kon niet worden gevonden." + +#: src/Shell/UsersShell.php:414 +msgid "The user {0} was not deleted. Please try again" +msgstr "" +"De gebruiker {0} kon niet worden verwijderd. Probeer het alstublieft opnieuw" + +#: src/Shell/UsersShell.php:416 +msgid "The user {0} was deleted successfully" +msgstr "De gebruiker {0} is succesvol verwijderd" + +#: src/View/Helper/UserHelper.php:50 +msgid "Sign in with" +msgstr "Log in met" + +#: src/View/Helper/UserHelper.php:113 +msgid "Logout" +msgstr "Uitloggen" + +#: src/View/Helper/UserHelper.php:134 +msgid "Welcome, {0}" +msgstr "Welkom, {0}" + +#: src/View/Helper/UserHelper.php:165 +msgid "reCaptcha is not configured! Please configure Users.reCaptcha.key" +msgstr "" +"reCaptcha is niet geconfigureerd! Configureer alstublieft Users.reCaptcha.key" + +#: src/View/Helper/UserHelper.php:218 +msgid "Connected with {0}" +msgstr "Verbonden met {0}" + +#: src/View/Helper/UserHelper.php:223 +msgid "Connect with {0}" +msgstr "Verbindt met {0}" + +#: templates/Users/add.php:13 templates/Users/edit.php:17 +#: templates/Users/index.php:13 templates/Users/index.php:26 +#: templates/Users/view.php:15 +msgid "Actions" +msgstr "Acties" + +#: templates/Users/add.php:15 templates/Users/edit.php:28 +#: templates/Users/view.php:23 +msgid "List Users" +msgstr "Gebruikersoverzicht" + +#: templates/Users/add.php:21 templates/Users/register.php:18 +msgid "Add User" +msgstr "Voeg gebruiker toe" + +#: templates/Users/add.php:23 templates/Users/edit.php:36 +#: templates/Users/index.php:22 templates/Users/login.php:20 +#: templates/Users/profile.php:30 templates/Users/register.php:20 +#: templates/Users/view.php:33 +msgid "Username" +msgstr "Gebruikersnaam" + +#: templates/Users/add.php:24 templates/Users/edit.php:37 +#: templates/Users/index.php:23 templates/Users/profile.php:32 +#: templates/Users/register.php:21 templates/Users/view.php:35 +msgid "Email" +msgstr "E-mailadres" + +#: templates/Users/add.php:25 templates/Users/login.php:21 +#: templates/Users/register.php:22 +msgid "Password" +msgstr "Wachtwoord" + +#: templates/Users/add.php:26 templates/Users/edit.php:38 +#: templates/Users/index.php:24 templates/Users/register.php:28 +msgid "First name" +msgstr "Voornaam" + +#: templates/Users/add.php:27 templates/Users/edit.php:39 +#: templates/Users/index.php:25 templates/Users/register.php:29 +msgid "Last name" +msgstr "Achternaam" + +#: templates/Users/add.php:30 templates/Users/edit.php:54 +#: templates/Users/view.php:49 templates/Users/view.php:74 +msgid "Active" +msgstr "Actief" + +#: templates/Users/add.php:34 templates/Users/change_password.php:25 +#: templates/Users/edit.php:58 templates/Users/register.php:38 +#: templates/Users/request_reset_password.php:23 +#: templates/Users/resend_token_validation.php:20 +#: templates/Users/social_email.php:19 +msgid "Submit" +msgstr "Verzenden" + +#: templates/Users/change_password.php:5 +msgid "Please enter the new password" +msgstr "Kies alstublieft een nieuwe wachtwoord" + +#: templates/Users/change_password.php:10 +msgid "Current password" +msgstr "Huidige wachtwoord" + +#: templates/Users/change_password.php:16 +msgid "New password" +msgstr "Nieuwe wachtwoord" + +#: templates/Users/change_password.php:21 templates/Users/register.php:26 +msgid "Confirm password" +msgstr "Bevestig wachtwoord" + +#: templates/Users/edit.php:22 templates/Users/index.php:40 +msgid "Delete" +msgstr "Verwijder" + +#: templates/Users/edit.php:24 templates/Users/index.php:40 +#: templates/Users/view.php:21 +msgid "Are you sure you want to delete # {0}?" +msgstr "Weet u zeker dat u # {0} wilt verwijderen?" + +#: templates/Users/edit.php:34 templates/Users/view.php:17 +msgid "Edit User" +msgstr "Bewerk gebruiker" + +#: templates/Users/edit.php:40 templates/Users/view.php:43 +msgid "Token" +msgstr "Token" + +#: templates/Users/edit.php:42 +msgid "Token expires" +msgstr "Token vervalt op" + +#: templates/Users/edit.php:45 +msgid "API token" +msgstr "API token" + +#: templates/Users/edit.php:48 +msgid "Activation date" +msgstr "Activatiedatum" + +#: templates/Users/edit.php:51 +msgid "TOS date" +msgstr "Alg. Voorw. datum" + +#: templates/Users/edit.php:64 +msgid "Reset Google Authenticator Token" +msgstr "Reset Google Authenticator Token" + +#: templates/Users/edit.php:70 +msgid "Are you sure you want to reset token for user \"{0}\"?" +msgstr "" +"Weet u zeker dat u de token van de gebruiker \"{0}\" opnieuw in wilt stellen?" + +#: templates/Users/index.php:15 +msgid "New {0}" +msgstr "Nieuwe {0}" + +#: templates/Users/index.php:37 +msgid "View" +msgstr "Bekijk" + +#: templates/Users/index.php:38 +msgid "Change password" +msgstr "Wijzig wachtwoord" + +#: templates/Users/index.php:39 +msgid "Edit" +msgstr "Bewerk" + +#: templates/Users/index.php:49 +msgid "previous" +msgstr "vorige" + +#: templates/Users/index.php:51 +msgid "next" +msgstr "volgende" + +#: templates/Users/login.php:19 +msgid "Please enter your username and password" +msgstr "Vul alstublieft uw gebruikersnaam en wachtwoord in" + +#: templates/Users/login.php:29 +msgid "Remember me" +msgstr "Onthoud mij" + +#: templates/Users/login.php:37 +msgid "Register" +msgstr "Registreer" + +#: templates/Users/login.php:43 +msgid "Reset Password" +msgstr "Wachtwoord opnieuw instellen" + +#: templates/Users/login.php:48 +msgid "Login" +msgstr "Inloggen" + +#: templates/Users/profile.php:21 +msgid "{0} {1}" +msgstr "{0} {1}" + +#: templates/Users/profile.php:27 +msgid "Change Password" +msgstr "Wachtwoord wijzigen" + +#: templates/Users/profile.php:38 templates/Users/view.php:68 +msgid "Social Accounts" +msgstr "Sociale media accounts" + +#: templates/Users/profile.php:42 templates/Users/view.php:73 +msgid "Avatar" +msgstr "Profielfoto" + +#: templates/Users/profile.php:43 templates/Users/view.php:72 +msgid "Provider" +msgstr "Provider" + +#: templates/Users/profile.php:44 +msgid "Link" +msgstr "Link" + +#: templates/Users/profile.php:51 +msgid "Link to {0}" +msgstr "Link naar {0}" + +#: templates/Users/register.php:31 +msgid "Accept TOS conditions?" +msgstr "Accepteer de algemene voorwaarden?" + +#: templates/Users/request_reset_password.php:20 +msgid "Please enter your email or username to reset your password" +msgstr "" +"Vul alstublieft uw e-mailadres of gebruikersnaam in om uw wachtwoord opnieuw " +"in te stellen" + +#: templates/Users/resend_token_validation.php:15 +msgid "Resend Validation email" +msgstr "Verstuur validatie e-mail opnieuw" + +#: templates/Users/resend_token_validation.php:17 +msgid "Email or username" +msgstr "E-mailadres of gebruikersnaam" + +#: templates/Users/u2f_authenticate.php:22 templates/Users/webauthn2fa.php:25 +msgid "Verify your registered yubico key" +msgstr "Verifieer uw geregistreerde Yubico Key" + +#: templates/Users/u2f_authenticate.php:23 templates/Users/u2f_register.php:23 +#: templates/Users/webauthn2fa.php:20 templates/Users/webauthn2fa.php:26 +msgid "Please insert and tap your yubico key" +msgstr "Plaats en druk op uw Yubico Key" + +#: templates/Users/u2f_authenticate.php:24 templates/Users/webauthn2fa.php:27 +msgid "" +"You can now finish the authentication process using the registered device." +msgstr "" +"U kunt nu het authenticatieproces afronden, met het geregistreerde apparaat." + +#: templates/Users/u2f_authenticate.php:25 templates/Users/webauthn2fa.php:22 +#: templates/Users/webauthn2fa.php:28 +msgid "" +"When the YubiKey starts blinking, press the golden disc to activate it. " +"Depending on the web browser you might need to confirm the use of extended " +"information from the YubiKey." +msgstr "" +"Zodra de YubiKey start te knipperen, druk dan op de gouden cirkel om hem te " +"activeren. Afhankelijk van uw webbrowser moet u misschien toestemming geven " +"om de YubiKey te kunnen gebruiken." + +#: templates/Users/u2f_authenticate.php:27 templates/Users/u2f_register.php:27 +#: templates/Users/webauthn2fa.php:31 +msgid "Reload" +msgstr "Opnieuw laden" + +#: templates/Users/u2f_authenticate.php:51 templates/Users/u2f_register.php:56 +msgid "Yubico key check has failed, please try again" +msgstr "De Yubico Key check is mislukt, probeer het alstublieft opnieuw" + +#: templates/Users/u2f_register.php:22 templates/Users/webauthn2fa.php:19 +msgid "Registering your yubico key" +msgstr "Registreer uw Yubico Key" + +#: templates/Users/verify.php:13 +msgid "Verification Code" +msgstr "Verificatiecode" + +#: templates/Users/verify.php:15 +msgid "" +" " +"Verify" +msgstr "" +" " +"Verifieer" + +#: templates/Users/view.php:19 +msgid "Delete User" +msgstr "Verwijder Gebruiker" + +#: templates/Users/view.php:24 +msgid "New User" +msgstr "Nieuwe Gebruiker" + +#: templates/Users/view.php:31 +msgid "Id" +msgstr "Id" + +#: templates/Users/view.php:37 +msgid "First Name" +msgstr "Voornaam" + +#: templates/Users/view.php:39 +msgid "Last Name" +msgstr "Achternaam" + +#: templates/Users/view.php:41 +msgid "Role" +msgstr "Rol" + +#: templates/Users/view.php:45 +msgid "Api Token" +msgstr "API Token" + +#: templates/Users/view.php:53 +msgid "Token Expires" +msgstr "Token vervaltt op" + +#: templates/Users/view.php:55 +msgid "Activation Date" +msgstr "Activatiedatum" + +#: templates/Users/view.php:57 +msgid "Tos Date" +msgstr "Alg. Voorw. Datum" + +#: templates/Users/view.php:59 templates/Users/view.php:75 +msgid "Created" +msgstr "Gemaakt op" + +#: templates/Users/view.php:61 templates/Users/view.php:76 +msgid "Modified" +msgstr "Bewerkt op" + +#: templates/Users/webauthn2fa.php:8 +msgid "Two-factor authentication" +msgstr "Tweefactor-authenticatie" + +#: templates/Users/webauthn2fa.php:21 +msgid "" +"In order to enable your YubiKey the first step is to perform a registration." +msgstr "" +"Voordat uw Yubikey ingeschakeld kan worden, moet die eerst worden " +"geregistreerd." + +#: templates/email/html/reset_password.php:14 +#: templates/email/html/social_account_validation.php:14 +#: templates/email/html/validation.php:13 +#: templates/email/text/reset_password.php:12 +#: templates/email/text/social_account_validation.php:12 +#: templates/email/text/validation.php:12 +msgid "Hi {0}" +msgstr "Beste {0}" + +#: templates/email/html/reset_password.php:17 +msgid "Reset your password here" +msgstr "Uw wachtwoord opnieuw instellen kan hier" + +#: templates/email/html/reset_password.php:20 +#: templates/email/html/social_account_validation.php:23 +#: templates/email/html/validation.php:19 +msgid "" +"If the link is not correctly displayed, please copy the following address in " +"your web browser {0}" +msgstr "" +"Als de link niet correct wordt weergegeven, kopieer en plak dan de volgende " +"link in uw webbrowser {0}" + +#: templates/email/html/reset_password.php:27 +#: templates/email/html/social_account_validation.php:30 +#: templates/email/html/validation.php:26 +#: templates/email/text/reset_password.php:20 +#: templates/email/text/social_account_validation.php:20 +#: templates/email/text/validation.php:20 +msgid "Thank you" +msgstr "Bedankt" + +#: templates/email/html/social_account_validation.php:18 +msgid "Activate your social login here" +msgstr "Activeer uw sociale media login hier" + +#: templates/email/html/validation.php:16 +msgid "Activate your account here" +msgstr "Activeer uw account hier" + +#: templates/email/text/reset_password.php:14 +#: templates/email/text/validation.php:14 +msgid "Please copy the following address in your web browser {0}" +msgstr "Kopieer en plak alstublieft de volgende link in uw webbrowser {0}" + +#: templates/email/text/social_account_validation.php:14 +msgid "" +"Please copy the following address in your web browser to activate your " +"social login {0}" +msgstr "" +"Kopieer en plak alstublieft de volgende link in uw webbrowser, om uw sociale " +"media login te activeren {0}" From 273dc51207a7681b5825292c9b0d633659d5a4ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20M=2E=20Gonz=C3=A1lez=20Mart=C3=ADn?= Date: Mon, 25 Sep 2023 13:05:43 -0700 Subject: [PATCH 37/71] Update Translations.md --- Docs/Documentation/Translations.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Docs/Documentation/Translations.md b/Docs/Documentation/Translations.md index 333d51799..566911ea7 100644 --- a/Docs/Documentation/Translations.md +++ b/Docs/Documentation/Translations.md @@ -14,6 +14,7 @@ The Plugin is translated into several languages: * Ukrainian (uk) by @yarkm13 * German (de) by @LordSimal * Czech (cs_CZ) by @Mapiiik +* Dutch (nl_NL) by @StefanvanR **Note:** To overwrite the plugin translations, create a file inside your project 'resources/locales//{$lang}/' folder, with the name 'Users.po' and add the strings with the new translations. From 8d89daac72e29300f66fe4f9cbed667a98d452c0 Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 19 Oct 2023 01:32:01 +0300 Subject: [PATCH 38/71] feature to build validation url. Useful for api driven setups --- src/Mailer/UsersMailer.php | 31 ++++++++++++++++++------- src/Model/Behavior/PasswordBehavior.php | 18 +++++++++----- 2 files changed, 35 insertions(+), 14 deletions(-) diff --git a/src/Mailer/UsersMailer.php b/src/Mailer/UsersMailer.php index 2e4070e96..468407e5e 100644 --- a/src/Mailer/UsersMailer.php +++ b/src/Mailer/UsersMailer.php @@ -28,17 +28,25 @@ class UsersMailer extends Mailer * @param \Cake\Datasource\EntityInterface $user User entity * @return void */ - protected function validation(EntityInterface $user) + protected function validation(EntityInterface $user, $options = []) { $firstName = isset($user['first_name']) ? $user['first_name'] . ', ' : ''; // un-hide the token to be able to send it in the email content $user->setHidden(['password', 'token_expires', 'api_token']); $subject = __d('cake_d_c/users', 'Your account validation link'); - $viewVars = [ - 'activationUrl' => UsersUrl::actionUrl('validateEmail', [ + + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $generator = $options['linkGenerator']; + $link = $generator($user['token']); + } else { + $link = UsersUrl::actionUrl('validateEmail', [ '_full' => true, $user['token'], - ]), + ]); + } + + $viewVars = [ + 'activationUrl' => $link, ] + $user->toArray(); $this @@ -57,18 +65,25 @@ protected function validation(EntityInterface $user) * @param \Cake\Datasource\EntityInterface $user User entity * @return void */ - protected function resetPassword(EntityInterface $user) + protected function resetPassword(EntityInterface $user, $options = []) { $firstName = isset($user['first_name']) ? $user['first_name'] . ', ' : ''; $subject = __d('cake_d_c/users', '{0}Your reset password link', $firstName); // un-hide the token to be able to send it in the email content $user->setHidden(['password', 'token_expires', 'api_token']); - $viewVars = [ - 'activationUrl' => UsersUrl::actionUrl('resetPassword', [ + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $generator = $options['linkGenerator']; + $link = $generator($user['token']); + } else { + $link = UsersUrl::actionUrl('resetPassword', [ '_full' => true, $user['token'], - ]), + ]); + } + + $viewVars = [ + 'activationUrl' => $link, ] + $user->toArray(); $this diff --git a/src/Model/Behavior/PasswordBehavior.php b/src/Model/Behavior/PasswordBehavior.php index e307d15a0..cbc93c523 100644 --- a/src/Model/Behavior/PasswordBehavior.php +++ b/src/Model/Behavior/PasswordBehavior.php @@ -68,12 +68,16 @@ public function resetToken($reference, array $options = []) $user->updateToken($expiration); $saveResult = $this->_table->save($user); if ($options['sendEmail'] ?? false) { + $emailOptions = []; + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $emailOptions['linkGenerator'] = $options['linkGenerator']; + } switch ($options['type'] ?? null) { case 'email': - $this->_sendValidationEmail($user); + $this->_sendValidationEmail($user, $emailOptions); break; case 'password': - $this->_sendResetPasswordEmail($user); + $this->_sendResetPasswordEmail($user, $emailOptions); break; } } @@ -85,27 +89,29 @@ public function resetToken($reference, array $options = []) * Send the reset password related email link * * @param \Cake\Datasource\EntityInterface $user user + * @param array $options Options. * @return void */ - protected function _sendResetPasswordEmail($user) + protected function _sendResetPasswordEmail($user, $options = []) { $this ->getMailer(Configure::read('Users.Email.mailerClass') ?: 'CakeDC/Users.Users') - ->send('resetPassword', [$user]); + ->send('resetPassword', [$user, $options]); } /** * Wrapper for mailer * * @param \Cake\Datasource\EntityInterface $user user + * @param array $options Options. * @return void */ - protected function _sendValidationEmail($user) + protected function _sendValidationEmail($user, $options = []) { $mailer = Configure::read('Users.Email.mailerClass') ?: 'CakeDC/Users.Users'; $this ->getMailer($mailer) - ->send('validation', [$user]); + ->send('validation', [$user, $options]); } /** From ff9401f93c0253836f68d896c3bdb5cfc8b17f5d Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 19 Oct 2023 01:32:28 +0300 Subject: [PATCH 39/71] update composer to use cakephp 4.5 by tag --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index be536dbbe..d7a8d914f 100644 --- a/composer.json +++ b/composer.json @@ -30,7 +30,7 @@ "prefer-stable": true, "require": { "php": ">=7.4.0", - "cakephp/cakephp": "dev-4.next as 4.5.0", + "cakephp/cakephp": "^4.5", "cakedc/auth": "^7.0", "cakephp/authorization": "^2.0.0", "cakephp/authentication": "^2.0.0" From 3f8ce19333ac294212c583689e3b1e751e2ce67a Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 19 Oct 2023 01:32:01 +0300 Subject: [PATCH 40/71] feature to build validation url. Useful for api driven setups --- src/Mailer/UsersMailer.php | 31 ++++++++++++++++++------- src/Model/Behavior/PasswordBehavior.php | 18 +++++++++----- 2 files changed, 35 insertions(+), 14 deletions(-) diff --git a/src/Mailer/UsersMailer.php b/src/Mailer/UsersMailer.php index 2e4070e96..468407e5e 100644 --- a/src/Mailer/UsersMailer.php +++ b/src/Mailer/UsersMailer.php @@ -28,17 +28,25 @@ class UsersMailer extends Mailer * @param \Cake\Datasource\EntityInterface $user User entity * @return void */ - protected function validation(EntityInterface $user) + protected function validation(EntityInterface $user, $options = []) { $firstName = isset($user['first_name']) ? $user['first_name'] . ', ' : ''; // un-hide the token to be able to send it in the email content $user->setHidden(['password', 'token_expires', 'api_token']); $subject = __d('cake_d_c/users', 'Your account validation link'); - $viewVars = [ - 'activationUrl' => UsersUrl::actionUrl('validateEmail', [ + + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $generator = $options['linkGenerator']; + $link = $generator($user['token']); + } else { + $link = UsersUrl::actionUrl('validateEmail', [ '_full' => true, $user['token'], - ]), + ]); + } + + $viewVars = [ + 'activationUrl' => $link, ] + $user->toArray(); $this @@ -57,18 +65,25 @@ protected function validation(EntityInterface $user) * @param \Cake\Datasource\EntityInterface $user User entity * @return void */ - protected function resetPassword(EntityInterface $user) + protected function resetPassword(EntityInterface $user, $options = []) { $firstName = isset($user['first_name']) ? $user['first_name'] . ', ' : ''; $subject = __d('cake_d_c/users', '{0}Your reset password link', $firstName); // un-hide the token to be able to send it in the email content $user->setHidden(['password', 'token_expires', 'api_token']); - $viewVars = [ - 'activationUrl' => UsersUrl::actionUrl('resetPassword', [ + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $generator = $options['linkGenerator']; + $link = $generator($user['token']); + } else { + $link = UsersUrl::actionUrl('resetPassword', [ '_full' => true, $user['token'], - ]), + ]); + } + + $viewVars = [ + 'activationUrl' => $link, ] + $user->toArray(); $this diff --git a/src/Model/Behavior/PasswordBehavior.php b/src/Model/Behavior/PasswordBehavior.php index e307d15a0..cbc93c523 100644 --- a/src/Model/Behavior/PasswordBehavior.php +++ b/src/Model/Behavior/PasswordBehavior.php @@ -68,12 +68,16 @@ public function resetToken($reference, array $options = []) $user->updateToken($expiration); $saveResult = $this->_table->save($user); if ($options['sendEmail'] ?? false) { + $emailOptions = []; + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $emailOptions['linkGenerator'] = $options['linkGenerator']; + } switch ($options['type'] ?? null) { case 'email': - $this->_sendValidationEmail($user); + $this->_sendValidationEmail($user, $emailOptions); break; case 'password': - $this->_sendResetPasswordEmail($user); + $this->_sendResetPasswordEmail($user, $emailOptions); break; } } @@ -85,27 +89,29 @@ public function resetToken($reference, array $options = []) * Send the reset password related email link * * @param \Cake\Datasource\EntityInterface $user user + * @param array $options Options. * @return void */ - protected function _sendResetPasswordEmail($user) + protected function _sendResetPasswordEmail($user, $options = []) { $this ->getMailer(Configure::read('Users.Email.mailerClass') ?: 'CakeDC/Users.Users') - ->send('resetPassword', [$user]); + ->send('resetPassword', [$user, $options]); } /** * Wrapper for mailer * * @param \Cake\Datasource\EntityInterface $user user + * @param array $options Options. * @return void */ - protected function _sendValidationEmail($user) + protected function _sendValidationEmail($user, $options = []) { $mailer = Configure::read('Users.Email.mailerClass') ?: 'CakeDC/Users.Users'; $this ->getMailer($mailer) - ->send('validation', [$user]); + ->send('validation', [$user, $options]); } /** From 6a7773487b48a05391e74787de28247c5bc0ba08 Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 19 Oct 2023 17:45:41 +0300 Subject: [PATCH 41/71] update cakephp 4.4 branch refs --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index be536dbbe..3aab71705 100644 --- a/composer.json +++ b/composer.json @@ -30,7 +30,7 @@ "prefer-stable": true, "require": { "php": ">=7.4.0", - "cakephp/cakephp": "dev-4.next as 4.5.0", + "cakephp/cakephp": "4.4.*", "cakedc/auth": "^7.0", "cakephp/authorization": "^2.0.0", "cakephp/authentication": "^2.0.0" From 98dcd77b46d94a6e200534ecf650b9a154b98e21 Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 19 Oct 2023 19:41:25 +0300 Subject: [PATCH 42/71] fix failed tests --- .../Traits/OneTimePasswordVerifyTrait.php | 7 +------ .../Integration/LoginTraitIntegrationTest.php | 18 +++++++++--------- .../PasswordManagementTraitIntegrationTest.php | 2 +- .../RegisterTraitIntegrationTest.php | 12 ++++++------ .../test_app/TestApp/Mailer/OverrideMailer.php | 2 +- 5 files changed, 18 insertions(+), 23 deletions(-) diff --git a/src/Controller/Traits/OneTimePasswordVerifyTrait.php b/src/Controller/Traits/OneTimePasswordVerifyTrait.php index a2f562f80..9151e1b8d 100644 --- a/src/Controller/Traits/OneTimePasswordVerifyTrait.php +++ b/src/Controller/Traits/OneTimePasswordVerifyTrait.php @@ -116,16 +116,11 @@ protected function onVerifyGetSecret($user) // catching sql exception in case of any sql inconsistencies try { - $query = $this->getUsersTable()->updateQuery(); - $query - ->set(['secret' => $secret]) - ->where(['id' => $user['id']]); - $query->execute(); + $query = $this->getUsersTable()->updateAll(['secret' => $secret], ['id' => $user['id']]); $user['secret'] = $secret; $this->getRequest()->getSession()->write(AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY, $user); } catch (\Exception $e) { $this->getRequest()->getSession()->destroy(); - $this->log($e); $message = __d('cake_d_c/users', 'Could not verify, please try again'); $this->Flash->error($message, [ 'key' => 'auth', diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 8868e168e..cbf340ba3 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -76,9 +76,9 @@ public function testLoginGetRequestNoSocialLogin() $this->assertResponseNotContains('Username or password is incorrect'); $this->assertResponseContains(''); $this->assertResponseContains('Please enter your username and password'); - $this->assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); $this->assertResponseContains('Register'); $this->assertResponseContains('Reset Password'); @@ -102,9 +102,9 @@ public function testLoginGetRequest() $this->assertResponseNotContains('Username or password is incorrect'); $this->assertResponseContains(''); $this->assertResponseContains('Please enter your username and password'); - $this->assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); $this->assertResponseContains('Register'); $this->assertResponseContains('Reset Password'); @@ -131,9 +131,9 @@ public function testLoginPostRequestInvalidPassword() $this->assertResponseContains('Username or password is incorrect'); $this->assertResponseContains(''); $this->assertResponseContains('Please enter your username and password'); - $this->assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); } diff --git a/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php index 03afa07e4..96c858886 100644 --- a/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php @@ -41,7 +41,7 @@ public function testRequestResetPassword() $this->get('/users/request-reset-password'); $this->assertResponseOk(); $this->assertResponseContains('Please enter your email or username to reset your password'); - $this->assertResponseContains(''); + $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); $this->assertResponseContains(''); } @@ -80,9 +80,9 @@ public function testRegisterPostWithErrors() $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); - $this->assertResponseContains(''); - $this->assertResponseContains(''); + $this->assertResponseContains('assertResponseContains('assertResponseContains('assertResponseContains(''); $this->assertResponseContains(''); } diff --git a/tests/test_app/TestApp/Mailer/OverrideMailer.php b/tests/test_app/TestApp/Mailer/OverrideMailer.php index 3dbe44fe8..5b5cb79c8 100644 --- a/tests/test_app/TestApp/Mailer/OverrideMailer.php +++ b/tests/test_app/TestApp/Mailer/OverrideMailer.php @@ -27,7 +27,7 @@ class OverrideMailer extends UsersMailer * @param EntityInterface $user * @return array|void */ - public function resetPassword(EntityInterface $user) + public function resetPassword(EntityInterface $user, $options = []) { parent::resetPassword($user); $this->setSubject('This is the new subject'); From 9229d7705e17abdfc6f9d197de4c206f4bcb3da6 Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Thu, 19 Oct 2023 19:47:08 +0300 Subject: [PATCH 43/71] (chore) coding standards --- phpstan-baseline.neon | 5 ---- .../Traits/OneTimePasswordVerifyTrait.php | 5 +--- .../Traits/PasswordManagementTrait.php | 6 +--- src/Mailer/UsersMailer.php | 28 +++++++++---------- src/Model/Behavior/PasswordBehavior.php | 8 +++--- .../TestApp/Mailer/OverrideMailer.php | 2 +- 6 files changed, 21 insertions(+), 33 deletions(-) diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index 52b966521..2dc114261 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -65,11 +65,6 @@ parameters: count: 1 path: src/Controller/UsersController.php - - - message: "#^Parameter \\#1 \\$message of method Cake\\\\Controller\\\\Controller\\:\\:log\\(\\) expects string, Exception given\\.$#" - count: 1 - path: src/Controller/UsersController.php - - message: "#^Parameter \\#1 \\$object of method Cake\\\\Controller\\\\Controller\\:\\:paginate\\(\\) expects Cake\\\\ORM\\\\Query\\|Cake\\\\ORM\\\\Table\\|string\\|null, Cake\\\\Datasource\\\\RepositoryInterface given\\.$#" count: 1 diff --git a/src/Controller/Traits/OneTimePasswordVerifyTrait.php b/src/Controller/Traits/OneTimePasswordVerifyTrait.php index 9151e1b8d..336d4edf4 100644 --- a/src/Controller/Traits/OneTimePasswordVerifyTrait.php +++ b/src/Controller/Traits/OneTimePasswordVerifyTrait.php @@ -178,10 +178,7 @@ protected function onPostVerifyCodeOkay($loginAction, $user) unset($user['secret']); if (!$user['secret_verified']) { - $this->getUsersTable()->updateQuery() - ->set(['secret_verified' => true]) - ->where(['id' => $user['id']]) - ->execute(); + $this->getUsersTable()->updateAll(['secret_verified' => true], ['id' => $user['id']]); } $this->getRequest()->getSession()->delete(AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY); diff --git a/src/Controller/Traits/PasswordManagementTrait.php b/src/Controller/Traits/PasswordManagementTrait.php index 4aaf8c156..56a1383f1 100644 --- a/src/Controller/Traits/PasswordManagementTrait.php +++ b/src/Controller/Traits/PasswordManagementTrait.php @@ -195,11 +195,7 @@ public function resetOneTimePasswordAuthenticator($id = null) { if ($this->getRequest()->is('post')) { try { - $query = $this->getUsersTable()->updateQuery(); - $query - ->set(['secret_verified' => false, 'secret' => null]) - ->where(['id' => $id]); - $query->execute(); + $query = $this->getUsersTable()->updateAll(['secret_verified' => false, 'secret' => null], ['id' => $id]); $message = __d('cake_d_c/users', 'Google Authenticator token was successfully reset'); $this->Flash->success($message, 'default'); diff --git a/src/Mailer/UsersMailer.php b/src/Mailer/UsersMailer.php index 468407e5e..ca5a25de3 100644 --- a/src/Mailer/UsersMailer.php +++ b/src/Mailer/UsersMailer.php @@ -28,22 +28,22 @@ class UsersMailer extends Mailer * @param \Cake\Datasource\EntityInterface $user User entity * @return void */ - protected function validation(EntityInterface $user, $options = []) + protected function validation(EntityInterface $user, array $options = []) { $firstName = isset($user['first_name']) ? $user['first_name'] . ', ' : ''; // un-hide the token to be able to send it in the email content $user->setHidden(['password', 'token_expires', 'api_token']); $subject = __d('cake_d_c/users', 'Your account validation link'); - if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { - $generator = $options['linkGenerator']; - $link = $generator($user['token']); - } else { - $link = UsersUrl::actionUrl('validateEmail', [ + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $generator = $options['linkGenerator']; + $link = $generator($user['token']); + } else { + $link = UsersUrl::actionUrl('validateEmail', [ '_full' => true, $user['token'], ]); - } + } $viewVars = [ 'activationUrl' => $link, @@ -65,22 +65,22 @@ protected function validation(EntityInterface $user, $options = []) * @param \Cake\Datasource\EntityInterface $user User entity * @return void */ - protected function resetPassword(EntityInterface $user, $options = []) + protected function resetPassword(EntityInterface $user, array $options = []) { $firstName = isset($user['first_name']) ? $user['first_name'] . ', ' : ''; $subject = __d('cake_d_c/users', '{0}Your reset password link', $firstName); // un-hide the token to be able to send it in the email content $user->setHidden(['password', 'token_expires', 'api_token']); - if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { - $generator = $options['linkGenerator']; - $link = $generator($user['token']); - } else { - $link = UsersUrl::actionUrl('resetPassword', [ + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $generator = $options['linkGenerator']; + $link = $generator($user['token']); + } else { + $link = UsersUrl::actionUrl('resetPassword', [ '_full' => true, $user['token'], ]); - } + } $viewVars = [ 'activationUrl' => $link, diff --git a/src/Model/Behavior/PasswordBehavior.php b/src/Model/Behavior/PasswordBehavior.php index cbc93c523..22156e1dc 100644 --- a/src/Model/Behavior/PasswordBehavior.php +++ b/src/Model/Behavior/PasswordBehavior.php @@ -68,10 +68,10 @@ public function resetToken($reference, array $options = []) $user->updateToken($expiration); $saveResult = $this->_table->save($user); if ($options['sendEmail'] ?? false) { - $emailOptions = []; - if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { - $emailOptions['linkGenerator'] = $options['linkGenerator']; - } + $emailOptions = []; + if (isset($options['linkGenerator']) && is_callable($options['linkGenerator'])) { + $emailOptions['linkGenerator'] = $options['linkGenerator']; + } switch ($options['type'] ?? null) { case 'email': $this->_sendValidationEmail($user, $emailOptions); diff --git a/tests/test_app/TestApp/Mailer/OverrideMailer.php b/tests/test_app/TestApp/Mailer/OverrideMailer.php index 5b5cb79c8..ae9d5dbba 100644 --- a/tests/test_app/TestApp/Mailer/OverrideMailer.php +++ b/tests/test_app/TestApp/Mailer/OverrideMailer.php @@ -27,7 +27,7 @@ class OverrideMailer extends UsersMailer * @param EntityInterface $user * @return array|void */ - public function resetPassword(EntityInterface $user, $options = []) + public function resetPassword(EntityInterface $user, array $options = []) { parent::resetPassword($user); $this->setSubject('This is the new subject'); From f33e1a05e4bd8253dbe69ec0145ca6e44635fe54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20M=2E=20Gonz=C3=A1lez=20Mart=C3=ADn?= Date: Wed, 25 Oct 2023 09:48:26 +0100 Subject: [PATCH 44/71] Update Installation.md --- Docs/Documentation/Installation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Docs/Documentation/Installation.md b/Docs/Documentation/Installation.md index 94b939bf8..463a838d5 100644 --- a/Docs/Documentation/Installation.md +++ b/Docs/Documentation/Installation.md @@ -105,7 +105,7 @@ section to check all the customization options You can create the first user, the super user by issuing the following command ``` -bin/cake users addSuperuser +bin/cake users add_superuser ``` Customization From 9537acd901f3431d8fd0de047731ca490519098e Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Fri, 27 Oct 2023 14:24:40 +0200 Subject: [PATCH 45/71] fix wrong unit test --- .../Traits/Integration/LoginTraitIntegrationTest.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 195bafdb6..810e92964 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -57,6 +57,7 @@ public function testRedirectToLogin() Configure::write('debug', false); $this->enableRetainFlashMessages(); $this->get('/pages/home'); + $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome'); $this->assertFlashMessage('You are not authorized to access that location.'); } @@ -67,7 +68,7 @@ public function testRedirectToLoginDebug() $this->enableRetainFlashMessages(); $this->get('/pages/home'); - $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fpages%2Fhome'); + $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome'); $this->assertFlashMessage('You are not authorized to access that location.Location = http://localhost/pages/home'); } From 8695585b684078d87b0e146d5944ded5bcac5a04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20M=2E=20Gonz=C3=A1lez=20Mart=C3=ADn?= Date: Thu, 2 Nov 2023 14:51:26 +0000 Subject: [PATCH 46/71] Update CHANGELOG.md --- CHANGELOG.md | 72 +++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 63 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9461dd5c3..bd799ce97 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,47 @@ Changelog ========= -Releases for CakePHP 4.3 -------------- +Releases for CakePHP 4.5 +------------------------ +* 11.3.3 + * Add display of unauthorized url in flash message when debug is true + +* 11.3.2 + * Improve documentation, coding standards + +* 11.3.1 + * Merge changes from diverged branches, including link generator and keep CakePHP 4.5 compatibility + +* 11.3.0 + * Require CakePHP ^4.5 + +Releases for CakePHP 4.4 +------------------------ +* 11.2.5 + * Fix failed tests and code standards + +* 11.2.4 + * Fix dependencies, require CakePHP 4.4.* + +* 11.2.3 + * Improved documentation + * Deprecate (broken) compatibility with Linkedin Oauth based connector, they only provide compatibility with OpenID Connect now + * Add Dutch translation by Stefan + * Add `linkGenerator` for emails, useful for API driven apps + * Fix CakePHP 4.5 deprecations + * Fix webauthn loading issues + +* 11.2.2 + * Fix issue with password rehash with a custom password field + +* 11.2.1 + * Use UsersUrl and unify url building for login action * 11.2.0 * Feature/microsoft login by @arodu in #1000 - * add more events into login component (before login, after login failure) by @rochamarcelo in #1007 + * Add more events into login component (before login, after login failure) by @rochamarcelo in #1007 + +* 11.1.1 + * Use url builder for login redirect * 11.1.0 * German (de) by @LordSimal @@ -15,8 +51,22 @@ Releases for CakePHP 4.3 * Switched tests to new cakephp schema * Update to PHPUnit 9.5 +* There are NO tags for 10.x we jumped from 9.x to 11.x + Releases for CakePHP 4 -------------- +---------------------- +* 9.3.1 + * Add CI tests for PHP 8.1 + * Add events `EVENT_BEFORE_LOGIN`, `EVENT_AFTER_LOGIN_FAILURE` + +* 9.3.0 + * Improve documentation + * Add webauthn as two factor authentication + +* 9.2.1 + * Improve documentation + * Fix change password issue + * 9.2.0 * Switch to github actions * New event AfterEmailTokenValidation @@ -35,7 +85,7 @@ Releases for CakePHP 4 * Ukrainian (uk) by @yarkm13 * Docs improvements * Fix DebugKit permissions issues - + * 9.0.2 * Added a custom Unauthorized Handler * If logged user access unauthorized url he is redirected to referer url or '/' if no referer url @@ -59,9 +109,13 @@ Releases for CakePHP 4 * Migrated usage of AuthComponent to Authorization/Authentication plugins. Releases for CakePHP 3 -------------- +---------------------- +* 8.5.2 + * Add optional merge configuration option + * 8.5.1 * Added new `UsersAuthComponent::EVENT_SOCIAL_LOGIN_EXISTING_ACCOUNT` + * 8.5.0 * Added new `UsersAuthComponent::EVENT_BEFORE_SOCIAL_LOGIN_REDIRECT` * Added finder to get existing social account @@ -77,10 +131,10 @@ Releases for CakePHP 3 * 8.2.1 * Fix scope in facebook social login -* 8.2 +* 8.2.0 * Removed deprecations for CakePHP 3.7 -* 8.1 +* 8.1.0 * Added Yubico U2F Authentication * 8.0.3 @@ -227,7 +281,7 @@ Releases for CakePHP 3 * Link social accounts in profile Releases for CakePHP 2 -------------- +---------------------- * 2.1.3 * Fixed unit tests for compatibility with CakePHP 2.7 From 4a0497e27c82c5f6f44d9a570d5bcbc8930fe1f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodrigo=20P=C3=A9rez?= Date: Wed, 22 Nov 2023 16:50:56 +0000 Subject: [PATCH 47/71] Fix Detected invalid UTF-8 for field... issue when storing session data from Webauthn in a mongo database --- CHANGELOG.md | 3 +++ src/Webauthn/AuthenticateAdapter.php | 6 ++++-- src/Webauthn/RegisterAdapter.php | 6 ++++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bd799ce97..cd67206d1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ Changelog ========= Releases for CakePHP 4.5 ------------------------ +* 11.3.4 + * Fix `Detected invalid UTF-8 for field...` issue when storing session data from `Webauthn` in a mongo database. + * 11.3.3 * Add display of unauthorized url in flash message when debug is true diff --git a/src/Webauthn/AuthenticateAdapter.php b/src/Webauthn/AuthenticateAdapter.php index 592c9590a..e899cad43 100644 --- a/src/Webauthn/AuthenticateAdapter.php +++ b/src/Webauthn/AuthenticateAdapter.php @@ -34,7 +34,7 @@ public function getOptions(): PublicKeyCredentialRequestOptions ); $this->request->getSession()->write( 'Webauthn2fa.authenticateOptions', - $options + json_encode($options) ); return $options; @@ -47,7 +47,9 @@ public function getOptions(): PublicKeyCredentialRequestOptions */ public function verifyResponse(): \Webauthn\PublicKeyCredentialSource { - $options = $this->request->getSession()->read('Webauthn2fa.authenticateOptions'); + $options = PublicKeyCredentialRequestOptions::createFromString( + (string)$this->request->getSession()->read('Webauthn2fa.authenticateOptions') + ); return $this->loadAndCheckAssertionResponse($options); } diff --git a/src/Webauthn/RegisterAdapter.php b/src/Webauthn/RegisterAdapter.php index c28b0504a..a4ef2a1f1 100644 --- a/src/Webauthn/RegisterAdapter.php +++ b/src/Webauthn/RegisterAdapter.php @@ -28,7 +28,7 @@ public function getOptions(): PublicKeyCredentialCreationOptions PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE, [] ); - $this->request->getSession()->write('Webauthn2fa.registerOptions', $options); + $this->request->getSession()->write('Webauthn2fa.registerOptions', json_encode($options)); $this->request->getSession()->write('Webauthn2fa.userEntity', $userEntity); return $options; @@ -41,7 +41,9 @@ public function getOptions(): PublicKeyCredentialCreationOptions */ public function verifyResponse(): \Webauthn\PublicKeyCredentialSource { - $options = $this->request->getSession()->read('Webauthn2fa.registerOptions'); + $options = PublicKeyCredentialCreationOptions::createFromString( + (string)$this->request->getSession()->read('Webauthn2fa.registerOptions') + ); $credential = $this->loadAndCheckAttestationResponse($options); $this->repository->saveCredentialSource($credential); From 60515d83280ccd9594ca5c9b402fdd67ef1efcdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodrigo=20P=C3=A9rez?= Date: Wed, 22 Nov 2023 17:16:07 +0000 Subject: [PATCH 48/71] Fux webauthn tests --- src/Webauthn/AuthenticateAdapter.php | 1 + src/Webauthn/RegisterAdapter.php | 1 + tests/TestCase/Webauthn/AuthenticateAdapterTest.php | 2 +- tests/TestCase/Webauthn/RegisterAdapterTest.php | 2 +- 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/Webauthn/AuthenticateAdapter.php b/src/Webauthn/AuthenticateAdapter.php index e899cad43..24cd2965f 100644 --- a/src/Webauthn/AuthenticateAdapter.php +++ b/src/Webauthn/AuthenticateAdapter.php @@ -47,6 +47,7 @@ public function getOptions(): PublicKeyCredentialRequestOptions */ public function verifyResponse(): \Webauthn\PublicKeyCredentialSource { + /** @var \Webauthn\PublicKeyCredentialRequestOptions $options */ $options = PublicKeyCredentialRequestOptions::createFromString( (string)$this->request->getSession()->read('Webauthn2fa.authenticateOptions') ); diff --git a/src/Webauthn/RegisterAdapter.php b/src/Webauthn/RegisterAdapter.php index a4ef2a1f1..283bc85ac 100644 --- a/src/Webauthn/RegisterAdapter.php +++ b/src/Webauthn/RegisterAdapter.php @@ -41,6 +41,7 @@ public function getOptions(): PublicKeyCredentialCreationOptions */ public function verifyResponse(): \Webauthn\PublicKeyCredentialSource { + /** @var \Webauthn\PublicKeyCredentialCreationOptions $options */ $options = PublicKeyCredentialCreationOptions::createFromString( (string)$this->request->getSession()->read('Webauthn2fa.registerOptions') ); diff --git a/tests/TestCase/Webauthn/AuthenticateAdapterTest.php b/tests/TestCase/Webauthn/AuthenticateAdapterTest.php index 70c101c90..83773530d 100644 --- a/tests/TestCase/Webauthn/AuthenticateAdapterTest.php +++ b/tests/TestCase/Webauthn/AuthenticateAdapterTest.php @@ -36,7 +36,7 @@ public function testGetOptions() $adapter = new AuthenticateAdapter($request); $options = $adapter->getOptions(); $this->assertInstanceOf(PublicKeyCredentialRequestOptions::class, $options); - $this->assertSame($options, $request->getSession()->read('Webauthn2fa.authenticateOptions')); + $this->assertSame(json_encode($options), $request->getSession()->read('Webauthn2fa.authenticateOptions')); $data = json_decode('{"id":"LFdoCFJTyB82ZzSJUHc-c72yraRc_1mPvGX8ToE8su39xX26Jcqd31LUkKOS36FIAWgWl6itMKqmDvruha6ywA","rawId":"LFdoCFJTyB82ZzSJUHc-c72yraRc_1mPvGX8ToE8su39xX26Jcqd31LUkKOS36FIAWgWl6itMKqmDvruha6ywA","response":{"authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MBAAAAAA","signature":"MEYCIQCv7EqsBRtf2E4o_BjzZfBwNpP8fLjd5y6TUOLWt5l9DQIhANiYig9newAJZYTzG1i5lwP-YQk9uXFnnDaHnr2yCKXL","userHandle":"","clientDataJSON":"eyJjaGFsbGVuZ2UiOiJ4ZGowQ0JmWDY5MnFzQVRweTBrTmM4NTMzSmR2ZExVcHFZUDh3RFRYX1pFIiwiY2xpZW50RXh0ZW5zaW9ucyI6e30sImhhc2hBbGdvcml0aG0iOiJTSEEtMjU2Iiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIiwidHlwZSI6IndlYmF1dGhuLmdldCJ9"},"type":"public-key"}', true); $request = $request->withParsedBody($data); diff --git a/tests/TestCase/Webauthn/RegisterAdapterTest.php b/tests/TestCase/Webauthn/RegisterAdapterTest.php index 3ce86a8e8..e2fe93510 100644 --- a/tests/TestCase/Webauthn/RegisterAdapterTest.php +++ b/tests/TestCase/Webauthn/RegisterAdapterTest.php @@ -37,7 +37,7 @@ public function testGetOptions() $this->assertFalse($adapter->hasCredential()); $options = $adapter->getOptions(); $this->assertInstanceOf(PublicKeyCredentialCreationOptions::class, $options); - $this->assertSame($options, $request->getSession()->read('Webauthn2fa.registerOptions')); + $this->assertSame(json_encode($options), $request->getSession()->read('Webauthn2fa.registerOptions')); $data = '{"id":"LFdoCFJTyB82ZzSJUHc-c72yraRc_1mPvGX8ToE8su39xX26Jcqd31LUkKOS36FIAWgWl6itMKqmDvruha6ywA","rawId":"LFdoCFJTyB82ZzSJUHc-c72yraRc_1mPvGX8ToE8su39xX26Jcqd31LUkKOS36FIAWgWl6itMKqmDvruha6ywA","response":{"clientDataJSON":"eyJjaGFsbGVuZ2UiOiJOeHlab3B3VktiRmw3RW5uTWFlXzVGbmlyN1FKN1FXcDFVRlVLakZIbGZrIiwiY2xpZW50RXh0ZW5zaW9ucyI6e30sImhhc2hBbGdvcml0aG0iOiJTSEEtMjU2Iiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIiwidHlwZSI6IndlYmF1dGhuLmNyZWF0ZSJ9","attestationObject":"o2NmbXRoZmlkby11MmZnYXR0U3RtdKJjc2lnWEcwRQIgVzzvX3Nyp_g9j9f2B-tPWy6puW01aZHI8RXjwqfDjtQCIQDLsdniGPO9iKr7tdgVV-FnBYhvzlZLG3u28rVt10YXfGN4NWOBWQJOMIICSjCCATKgAwIBAgIEVxb3wDANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZdWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAwMDBaGA8yMDUwMDkwNDAwMDAwMFowLDEqMCgGA1UEAwwhWXViaWNvIFUyRiBFRSBTZXJpYWwgMjUwNTY5MjI2MTc2MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZNkcVNbZV43TsGB4TEY21UijmDqvNSfO6y3G4ytnnjP86ehjFK28-FdSGy9MSZ-Ur3BVZb4iGVsptk5NrQ3QYqM7MDkwIgYJKwYBBAGCxAoCBBUxLjMuNi4xLjQuMS40MTQ4Mi4xLjUwEwYLKwYBBAGC5RwCAQEEBAMCBSAwDQYJKoZIhvcNAQELBQADggEBAHibGMqbpNt2IOL4i4z96VEmbSoid9Xj--m2jJqg6RpqSOp1TO8L3lmEA22uf4uj_eZLUXYEw6EbLm11TUo3Ge-odpMPoODzBj9aTKC8oDFPfwWj6l1O3ZHTSma1XVyPqG4A579f3YAjfrPbgj404xJns0mqx5wkpxKlnoBKqo1rqSUmonencd4xanO_PHEfxU0iZif615Xk9E4bcANPCfz-OLfeKXiT-1msixwzz8XGvl2OTMJ_Sh9G9vhE-HjAcovcHfumcdoQh_WM445Za6Pyn9BZQV3FCqMviRR809sIATfU5lu86wu_5UGIGI7MFDEYeVGSqzpzh6mlcn8QSIZoYXV0aERhdGFYxEmWDeWIDoxodDQXD2R2YFuP5K65ooYyx5lc87qDHZdjQQAAAAAAAAAAAAAAAAAAAAAAAAAAAEAsV2gIUlPIHzZnNIlQdz5zvbKtpFz_WY-8ZfxOgTyy7f3Ffbolyp3fUtSQo5LfoUgBaBaXqK0wqqYO-u6FrrLApQECAyYgASFYIPr9-YH8DuBsOnaI3KJa0a39hyxh9LDtHErNvfQSyxQsIlgg4rAuQQ5uy4VXGFbkiAt0uwgJJodp-DymkoBcrGsLtkI"},"type":"public-key"}'; $request = $request->withParsedBody( From 9994c60b3515a120d56bd57108a9faf395979abe Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Thu, 28 Dec 2023 15:06:51 -0400 Subject: [PATCH 49/71] fix: minor fix on last_login datetime format --- src/Controller/Component/LoginComponent.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 7178ca0ce..2ac11f282 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -239,7 +239,7 @@ protected function updateLastLogin($user) $now = \Cake\I18n\FrozenTime::now(); $user->set('last_login', $now); $this->getController()->getUsersTable()->updateAll( - ['last_login' => $now], + ['last_login' => $now->format('Y-m-d H:i:s')], ['id' => $user->id] ); } From 268d522d888d0434e375be8afb9a022addbbef5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Florencio=20Hern=C3=A1ndez?= <110687305+flohdez@users.noreply.github.com> Date: Fri, 29 Dec 2023 11:41:17 +0000 Subject: [PATCH 50/71] Update ci.yml with php8.2 and php8.3 --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 624eacb05..a04c36da4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,7 +13,7 @@ jobs: strategy: fail-fast: false matrix: - php-version: ['7.4', '8.0', '8.1'] + php-version: ['7.4', '8.0', '8.1', '8.2', '8.3'] db-type: [sqlite, mysql, pgsql] prefer-lowest: [''] @@ -117,4 +117,4 @@ jobs: - name: Run phpstan if: success() || failure() - run: composer stan \ No newline at end of file + run: composer stan From b8a78b45a56fb2723c32ab9c29a4272dceaf0a6a Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Tue, 6 Feb 2024 08:43:45 -0400 Subject: [PATCH 51/71] fix: remove deprecated code on profile logic --- config/users.php | 1 + src/Controller/Traits/ProfileTrait.php | 7 ++++--- templates/Users/profile.php | 5 +++-- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/config/users.php b/config/users.php index 679fefa10..5c31b72fa 100644 --- a/config/users.php +++ b/config/users.php @@ -84,6 +84,7 @@ 'Profile' => [ // Allow view other users profiles 'viewOthers' => true, + 'contain' => [], ], 'Key' => [ 'Session' => [ diff --git a/src/Controller/Traits/ProfileTrait.php b/src/Controller/Traits/ProfileTrait.php index a67ac991c..2a54cd9d1 100644 --- a/src/Controller/Traits/ProfileTrait.php +++ b/src/Controller/Traits/ProfileTrait.php @@ -41,10 +41,11 @@ public function profile($id = null) $id = $loggedUserId; } try { - $appContain = (array)Configure::read('Auth.authenticate.' . AuthComponent::ALL . '.contain'); - $socialContain = Configure::read('Users.Social.login') ? ['SocialAccounts'] : []; + $appContain = (array)Configure::read('Users.Profile.contain', []); $user = $this->getUsersTable()->get($id, [ - 'contain' => array_merge((array)$appContain, (array)$socialContain), + 'contain' => array_merge($appContain, [ + 'SocialAccounts', + ]), ]); $this->set('avatarPlaceholder', Configure::read('Users.Avatar.placeholder')); if ($user->id === $loggedUserId) { diff --git a/templates/Users/profile.php b/templates/Users/profile.php index bd786ffc1..aa4759fb7 100644 --- a/templates/Users/profile.php +++ b/templates/Users/profile.php @@ -23,8 +23,9 @@ ) ?> - - Html->link(__d('cake_d_c/users', 'Change Password'), ['plugin' => 'CakeDC/Users', 'controller' => 'Users', 'action' => 'changePassword']); ?> + + Html->link(__d('cake_d_c/users', 'Change Password'), ['plugin' => 'CakeDC/Users', 'controller' => 'Users', 'action' => 'changePassword']); ?> +
From ad6c651319421a4903707ab94212fcaf4e2b3f76 Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Tue, 6 Feb 2024 08:47:01 -0400 Subject: [PATCH 52/71] cs fix --- src/Controller/Traits/ProfileTrait.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Controller/Traits/ProfileTrait.php b/src/Controller/Traits/ProfileTrait.php index 2a54cd9d1..5f662c57c 100644 --- a/src/Controller/Traits/ProfileTrait.php +++ b/src/Controller/Traits/ProfileTrait.php @@ -13,7 +13,6 @@ namespace CakeDC\Users\Controller\Traits; -use Cake\Controller\Component\AuthComponent; use Cake\Core\Configure; use Cake\Datasource\Exception\InvalidPrimaryKeyException; use Cake\Datasource\Exception\RecordNotFoundException; From 870b86419bc9b72e17fcde34f483996230db0893 Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Tue, 6 Feb 2024 15:42:08 -0400 Subject: [PATCH 53/71] fix: config for updateLastLogin --- config/users.php | 3 +++ src/Controller/Component/LoginComponent.php | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/config/users.php b/config/users.php index 679fefa10..c70dddcea 100644 --- a/config/users.php +++ b/config/users.php @@ -47,6 +47,9 @@ // determines if registration workflow includes email validation 'validate' => true, ], + 'Login' => [ + 'updateLastLogin' => true, + ], 'Registration' => [ // determines if the register is enabled 'active' => true, diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 2ac11f282..9e0626486 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -236,6 +236,10 @@ protected function checkSafeHost(?string $queryRedirect = null): bool */ protected function updateLastLogin($user) { + if (!Configure::read('Users.Login.updateLastLogin', true)) { + return; + } + $now = \Cake\I18n\FrozenTime::now(); $user->set('last_login', $now); $this->getController()->getUsersTable()->updateAll( From a7d7dbea44df596606933f39434015a2e685c874 Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Tue, 6 Feb 2024 15:52:27 -0400 Subject: [PATCH 54/71] fix: lastLoginField on config --- config/users.php | 1 + src/Controller/Component/LoginComponent.php | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/config/users.php b/config/users.php index c70dddcea..c925911ac 100644 --- a/config/users.php +++ b/config/users.php @@ -49,6 +49,7 @@ ], 'Login' => [ 'updateLastLogin' => true, + 'lastLoginField' => 'last_login', ], 'Registration' => [ // determines if the register is enabled diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 9e0626486..a4b956906 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -239,11 +239,11 @@ protected function updateLastLogin($user) if (!Configure::read('Users.Login.updateLastLogin', true)) { return; } - + $field = Configure::read('Users.Login.lastLoginField', 'last_login'); $now = \Cake\I18n\FrozenTime::now(); - $user->set('last_login', $now); + $user->set($field, $now); $this->getController()->getUsersTable()->updateAll( - ['last_login' => $now->format('Y-m-d H:i:s')], + [$field => $now->format('Y-m-d H:i:s')], ['id' => $user->id] ); } From ec1986412f7ee29235f44d2f96b1408036e241e7 Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Tue, 6 Feb 2024 16:42:32 -0400 Subject: [PATCH 55/71] feat:flash message on login --- config/users.php | 3 +++ src/Controller/Component/LoginComponent.php | 16 ++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/config/users.php b/config/users.php index 679fefa10..3b9876b6b 100644 --- a/config/users.php +++ b/config/users.php @@ -47,6 +47,9 @@ // determines if registration workflow includes email validation 'validate' => true, ], + 'Login' => [ + 'flashMessage' => false, // bool + ], 'Registration' => [ // determines if the register is enabled 'active' => true, diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 76794abd1..907a99865 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -76,6 +76,7 @@ public function handleLogin($errorOnlyPost, $redirectFailure) $user = $request->getAttribute('identity')->getOriginalData(); $this->handlePasswordRehash($service, $user, $request); $this->updateLastLogin($user); + $this->addFlashMessage($user); return $this->afterIdentifyUser($user); } @@ -242,4 +243,19 @@ protected function updateLastLogin($user) ['id' => $user->id] ); } + + /** + * Add a flash message informing user is logged in + * + * @param array $user user data + * @return void + */ + protected function addFlashMessage($user) + { + if (!Configure::read('Users.Login.flashMessage')) { + return; + } + + $this->getController()->Flash->success(__d('cake_d_c/users', 'Welcome, {0}', $user->username)); + } } From 6db34ad293de5220c063cdbfc62fac29f99d7f2f Mon Sep 17 00:00:00 2001 From: Alberto Rodriguez Date: Tue, 6 Feb 2024 16:51:58 -0400 Subject: [PATCH 56/71] minor fix --- src/Controller/Component/LoginComponent.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php index 907a99865..5219ae0ff 100644 --- a/src/Controller/Component/LoginComponent.php +++ b/src/Controller/Component/LoginComponent.php @@ -256,6 +256,6 @@ protected function addFlashMessage($user) return; } - $this->getController()->Flash->success(__d('cake_d_c/users', 'Welcome, {0}', $user->username)); + $this->getController()->Flash->success(__d('cake_d_c/users', 'Welcome, {0}', $user['username'])); } } From 4bb06bb31bdd5da5b2080cfac7fac9d4a4f935fc Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Fri, 9 Feb 2024 01:50:32 +0300 Subject: [PATCH 57/71] extract two factor logic into separate classes processing each type of 2fa. --- composer.json | 2 +- src/Loader/AuthenticationServiceLoader.php | 19 ++++++------------- src/Loader/MiddlewareQueueLoader.php | 14 +++----------- .../Integration/LoginTraitIntegrationTest.php | 5 +++++ tests/TestCase/PluginTest.php | 19 +++++++++++++++++++ .../AuthenticationServiceProviderTest.php | 4 ++++ tests/test_app/config/users.php | 5 +++++ 7 files changed, 43 insertions(+), 25 deletions(-) diff --git a/composer.json b/composer.json index d7a8d914f..3481f0386 100644 --- a/composer.json +++ b/composer.json @@ -31,7 +31,7 @@ "require": { "php": ">=7.4.0", "cakephp/cakephp": "^4.5", - "cakedc/auth": "^7.0", + "cakedc/auth": "^7.3", "cakephp/authorization": "^2.0.0", "cakephp/authentication": "^2.0.0" }, diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index de1b01b33..e2186ea9f 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -15,7 +15,7 @@ use Cake\Core\Configure; use CakeDC\Auth\Authentication\AuthenticationService; -use CakeDC\Users\Plugin; +use CakeDC\Auth\Authentication\TwoFactorProcessorLoader; use Psr\Http\Message\ServerRequestInterface; /** @@ -34,10 +34,11 @@ class AuthenticationServiceLoader */ public function __invoke(ServerRequestInterface $request) { - $service = new AuthenticationService(); + $processors = TwoFactorProcessorLoader::processors(); + $service = new AuthenticationService(['processors' => $processors]); $this->loadIdentifiers($service); $this->loadAuthenticators($service); - $this->loadTwoFactorAuthenticator($service); + $this->loadTwoFactorAuthenticator($service, $processors); return $service; } @@ -81,17 +82,9 @@ protected function loadAuthenticators($service) * @param \CakeDC\Auth\Authentication\AuthenticationService $service Authentication service to load identifiers * @return void */ - protected function loadTwoFactorAuthenticator($service) + protected function loadTwoFactorAuthenticator($service, $processors) { - $u2fEnabled = Configure::read('U2f.enabled') !== false; - if ($u2fEnabled) { - trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); - } - if ( - Configure::read('OneTimePasswordAuthenticator.login') !== false - || Configure::read('Webauthn2fa.enabled') !== false - || $u2fEnabled - ) { + if (collection($processors)->some(fn ($processor) => $processor->enabled())) { $service->loadAuthenticator('CakeDC/Auth.TwoFactor', [ 'skipTwoFactorVerify' => true, ]); diff --git a/src/Loader/MiddlewareQueueLoader.php b/src/Loader/MiddlewareQueueLoader.php index bed495ff0..88babe4e9 100644 --- a/src/Loader/MiddlewareQueueLoader.php +++ b/src/Loader/MiddlewareQueueLoader.php @@ -20,10 +20,10 @@ use Authorization\Middleware\RequestAuthorizationMiddleware; use Cake\Core\Configure; use Cake\Http\MiddlewareQueue; +use CakeDC\Auth\Authentication\TwoFactorProcessorLoader; use CakeDC\Auth\Middleware\TwoFactorMiddleware; use CakeDC\Users\Middleware\SocialAuthMiddleware; use CakeDC\Users\Middleware\SocialEmailMiddleware; -use CakeDC\Users\Plugin; /** * Class MiddlewareQueueLoader @@ -96,16 +96,8 @@ protected function loadAuthenticationMiddleware( */ protected function load2faMiddleware(MiddlewareQueue $middlewareQueue) { - $u2fEnabled = Configure::read('U2f.enabled') !== false; - if ($u2fEnabled) { - trigger_error(Plugin::DEPRECATED_MESSAGE_U2F, E_USER_DEPRECATED); - } - - if ( - Configure::read('OneTimePasswordAuthenticator.login') !== false - || Configure::read('Webauthn2fa.enabled') !== false - || $u2fEnabled - ) { + $processors = TwoFactorProcessorLoader::processors(); + if (collection($processors)->some(fn ($processor) => $processor->enabled())) { $middlewareQueue->add(TwoFactorMiddleware::class); } } diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php index 810e92964..da539de1a 100644 --- a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php @@ -221,6 +221,11 @@ public function testLoginPostRequestRightPasswordIsEnabledU2f() { EventManager::instance()->on('TestApp.afterPluginBootstrap', function () { Configure::write(['U2f.enabled' => true]); + Configure::write([ + 'TwoFactorProcessors' => [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\U2FProcessor::class, + ], + ]); }); $this->enableRetainFlashMessages(); $this->post('/login', [ diff --git a/tests/TestCase/PluginTest.php b/tests/TestCase/PluginTest.php index d4fedf44f..73cf259a9 100644 --- a/tests/TestCase/PluginTest.php +++ b/tests/TestCase/PluginTest.php @@ -41,6 +41,9 @@ public function testMiddleware() { Configure::write('Users.Social.login', true); Configure::write('OneTimePasswordAuthenticator.login', true); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); Configure::write('Auth.Authorization.enable', true); $plugin = new Plugin(); @@ -75,6 +78,9 @@ public function testMiddlewareAuthorizationMiddlewareAndRbacMiddleware() Configure::write('Users.Social.login', true); Configure::write('OneTimePasswordAuthenticator.login', true); Configure::write('Auth.Authorization.enable', true); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); $plugin = new Plugin(); @@ -106,6 +112,9 @@ public function testMiddlewareWithoutAuhorization() Configure::write('Users.Social.login', true); Configure::write('OneTimePasswordAuthenticator.login', true); Configure::write('Auth.Authorization.enable', false); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); $plugin = new Plugin(); @@ -133,6 +142,10 @@ public function testMiddlewareNotSocial() Configure::write('Users.Social.login', false); Configure::write('OneTimePasswordAuthenticator.login', true); Configure::write('Auth.Authorization.enable', true); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); + $plugin = new Plugin(); $middleware = new MiddlewareQueue(); @@ -158,6 +171,9 @@ public function testMiddlewareNotOneTimePasswordAuthenticator() Configure::write('Users.Social.login', true); Configure::write('OneTimePasswordAuthenticator.login', false); Configure::write('Auth.Authorization.enable', true); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); $plugin = new Plugin(); $middleware = new MiddlewareQueue(); @@ -185,6 +201,9 @@ public function testMiddlewareNotGoogleAuthenticationAndNotSocial() Configure::write('Users.Social.login', false); Configure::write('OneTimePasswordAuthenticator.login', false); Configure::write('Auth.Authorization.enable', true); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); $plugin = new Plugin(); $middleware = new MiddlewareQueue(); diff --git a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php index a3ed282bf..620f229d1 100644 --- a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php +++ b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php @@ -78,6 +78,9 @@ public function testGetAuthenticationService() 'Authentication.JwtSubject', ]); Configure::write('OneTimePasswordAuthenticator.login', true); + Configure::write('TwoFactorProcessors', [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ]); $authenticationServiceProvider = new AuthenticationServiceProvider(); $service = $authenticationServiceProvider->getAuthenticationService(new ServerRequest(), new Response()); @@ -215,6 +218,7 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator( 'Authentication.JwtSubject', ]); Configure::write('OneTimePasswordAuthenticator.login', false); + Configure::write('TwoFactorProcessors', []); $authenticationServiceProvider = new AuthenticationServiceProvider(); $service = $authenticationServiceProvider->getAuthenticationService(new ServerRequest(), new Response()); diff --git a/tests/test_app/config/users.php b/tests/test_app/config/users.php index 35e35adcd..3c5850970 100644 --- a/tests/test_app/config/users.php +++ b/tests/test_app/config/users.php @@ -9,4 +9,9 @@ 'OAuth.providers.twitter.options.clientSecret' => '999988899', 'OAuth.providers.google.options.clientId' => '0000000990909090', 'OAuth.providers.google.options.clientSecret' => '1565464559789798', + 'TwoFactorProcessors' => [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + \CakeDC\Auth\Authentication\TwoFactorProcessor\U2FProcessor::class, + \CakeDC\Auth\Authentication\TwoFactorProcessor\Webauthn2faProcessor::class, + ], ]; From 25ffb4a81c071deb681e4ff6ccdaae9122696126 Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Fri, 9 Feb 2024 20:19:43 +0300 Subject: [PATCH 58/71] update changelogs. Release 13.0.0 --- CHANGELOG.md | 3 +++ composer.json | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cd67206d1..5fb54c669 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ Changelog ========= Releases for CakePHP 4.5 ------------------------ +* 13.0.0 + * Set dependecy for CakeDC/Auth to 9.0. Perform 2FA refactoring, + * 11.3.4 * Fix `Detected invalid UTF-8 for field...` issue when storing session data from `Webauthn` in a mongo database. diff --git a/composer.json b/composer.json index 3481f0386..5b72ac240 100644 --- a/composer.json +++ b/composer.json @@ -31,7 +31,7 @@ "require": { "php": ">=7.4.0", "cakephp/cakephp": "^4.5", - "cakedc/auth": "^7.3", + "cakedc/auth": "^9.0", "cakephp/authorization": "^2.0.0", "cakephp/authentication": "^2.0.0" }, From 80905edc3793536c106ae5724277c90597d6a6e9 Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Fri, 9 Feb 2024 20:24:19 +0300 Subject: [PATCH 59/71] code style fixes --- src/Loader/AuthenticationServiceLoader.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index e2186ea9f..f92388c1e 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -16,6 +16,7 @@ use Cake\Core\Configure; use CakeDC\Auth\Authentication\AuthenticationService; use CakeDC\Auth\Authentication\TwoFactorProcessorLoader; +use CakeDC\Auth\Authentication\TwoFactorProcessorCollection; use Psr\Http\Message\ServerRequestInterface; /** @@ -80,6 +81,7 @@ protected function loadAuthenticators($service) * Load the CakeDC/Auth.TwoFactor based on config OneTimePasswordAuthenticator.login * * @param \CakeDC\Auth\Authentication\AuthenticationService $service Authentication service to load identifiers + * @param \CakeDC\Auth\Authentication\TwoFactorProcessorCollection $processors TwoFactorProcessors collection * @return void */ protected function loadTwoFactorAuthenticator($service, $processors) From e9acd218593ad818ba67c4cd9da391961ddeb17f Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Fri, 9 Feb 2024 20:28:30 +0300 Subject: [PATCH 60/71] code style fixes --- src/Loader/AuthenticationServiceLoader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index f92388c1e..e6f7c75d1 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -15,8 +15,8 @@ use Cake\Core\Configure; use CakeDC\Auth\Authentication\AuthenticationService; -use CakeDC\Auth\Authentication\TwoFactorProcessorLoader; use CakeDC\Auth\Authentication\TwoFactorProcessorCollection; +use CakeDC\Auth\Authentication\TwoFactorProcessorLoader; use Psr\Http\Message\ServerRequestInterface; /** From d10f9806a0f6b3f27347064c29749ea6413c3d9a Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Fri, 9 Feb 2024 20:33:02 +0300 Subject: [PATCH 61/71] code style fixes --- src/Loader/AuthenticationServiceLoader.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php index e6f7c75d1..6c0c454d5 100644 --- a/src/Loader/AuthenticationServiceLoader.php +++ b/src/Loader/AuthenticationServiceLoader.php @@ -15,7 +15,6 @@ use Cake\Core\Configure; use CakeDC\Auth\Authentication\AuthenticationService; -use CakeDC\Auth\Authentication\TwoFactorProcessorCollection; use CakeDC\Auth\Authentication\TwoFactorProcessorLoader; use Psr\Http\Message\ServerRequestInterface; From 6d602d56c792614fd254ec8a045964362a706450 Mon Sep 17 00:00:00 2001 From: Evgeny Tomenko Date: Tue, 12 Mar 2024 00:56:23 +0300 Subject: [PATCH 62/71] Update CHANGELOG.md --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cd67206d1..b2640dfc1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ Changelog ========= Releases for CakePHP 4.5 ------------------------ +* 11.3.5 + * Update ci.yml with php8.2 and php8.3 + * fix: minor fix on last_login datetime format + * Update Permissions.md + * fix: config for updateLastLogin + * fix: remove deprecated code on profile logic + * feat:flash message on login, on cake4 + * 11.3.4 * Fix `Detected invalid UTF-8 for field...` issue when storing session data from `Webauthn` in a mongo database. From 36a3bec867ce28dd8c5e1a52658dc63cfca1093c Mon Sep 17 00:00:00 2001 From: Yevgeny Tomenko Date: Tue, 12 Mar 2024 01:01:32 +0300 Subject: [PATCH 63/71] load default 2fa authenticators --- config/users.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/config/users.php b/config/users.php index 17bcb28d9..0dc308026 100644 --- a/config/users.php +++ b/config/users.php @@ -154,6 +154,10 @@ 'id' => null,//default value is the current domain 'checker' => \CakeDC\Auth\Authentication\DefaultWebauthn2fAuthenticationChecker::class, ], + 'TwoFactorProcessors' => [ + \CakeDC\Auth\Authentication\TwoFactorProcessor\Webauthn2faProcessor::class, + \CakeDC\Auth\Authentication\TwoFactorProcessor\OneTimePasswordProcessor::class, + ], // default configuration used to auto-load the Auth Component, override to change the way Auth works 'Auth' => [ 'Authentication' => [ From 5c1f6367064ec0c3464f4eb533143fac26a435c2 Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Tue, 12 Mar 2024 13:06:31 +0100 Subject: [PATCH 64/71] respond with a generic message instead of 'That account does not exist' --- src/Controller/Traits/PasswordManagementTrait.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/Controller/Traits/PasswordManagementTrait.php b/src/Controller/Traits/PasswordManagementTrait.php index 56a1383f1..b0324f913 100644 --- a/src/Controller/Traits/PasswordManagementTrait.php +++ b/src/Controller/Traits/PasswordManagementTrait.php @@ -164,20 +164,20 @@ public function requestResetPassword() 'type' => 'password', ]); if ($resetUser) { - $msg = __d('cake_d_c/users', 'Please check your email to continue with password reset process'); + $msg = __d('cake_d_c/users', 'If the account is valid, the system will send an instructional email to the address on record.'); $this->Flash->success($msg); } else { - $msg = __d('cake_d_c/users', 'The password token could not be generated. Please try again'); + $msg = __d('cake_d_c/users', 'There was an error please contact Administrator'); $this->Flash->error($msg); } return $this->redirect(['action' => 'login']); - } catch (UserNotFoundException $exception) { - $this->Flash->error(__d('cake_d_c/users', 'User {0} was not found', $reference)); - } catch (UserNotActiveException $exception) { - $this->Flash->error(__d('cake_d_c/users', 'The user is not active')); + } catch (UserNotFoundException | UserNotActiveException $exception) { + $msg = __d('cake_d_c/users', 'If the account is valid, the system will send an instructional email to the address on record.'); + $this->Flash->success($msg); } catch (Exception $exception) { - $this->Flash->error(__d('cake_d_c/users', 'Token could not be reset')); + $msg = __d('cake_d_c/users', 'There was an error please contact Administrator'); + $this->Flash->error($msg); $this->log($exception->getMessage()); } } From 158dd5ee96537d0005486f323eaa5fe96148221e Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Tue, 12 Mar 2024 17:34:35 +0100 Subject: [PATCH 65/71] fix tests --- .../Integration/PasswordManagementTraitIntegrationTest.php | 4 ++-- .../Controller/Traits/PasswordManagementTraitTest.php | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php index 96c858886..5950f97e5 100644 --- a/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php +++ b/tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php @@ -61,7 +61,7 @@ public function testRequestResetPasswordPostValidEmail() ]; $this->post('/users/request-reset-password', $data); $this->assertRedirect('/login'); - $this->assertFlashMessage('Please check your email to continue with password reset process'); + $this->assertFlashMessage('If the account is valid, the system will send an instructional email to the address on record.'); $userAfter = $Table->find()->where(['email' => '4@example.com'])->firstOrFail(); $this->assertNotEquals('token-4', $userAfter->token); $this->assertNotEmpty($userAfter->token); @@ -107,6 +107,6 @@ public function testRequestResetPasswordPostInvalidEmail() ]; $this->post('/users/request-reset-password', $data); $this->assertResponseOk(); - $this->assertFlashMessage('User someother.un@example.com was not found'); + $this->assertFlashMessage('If the account is valid, the system will send an instructional email to the address on record.'); } } diff --git a/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php b/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php index 9a3d8a6ad..8384ad9a8 100644 --- a/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php +++ b/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php @@ -401,7 +401,7 @@ public function testRequestPasswordEmptyReference() ->will($this->returnValue($reference)); $this->Trait->Flash->expects($this->any()) ->method('error') - ->with('Token could not be reset'); + ->with('There was an error please contact Administrator'); $this->Trait->expects($this->never()) ->method('redirect'); @@ -431,8 +431,8 @@ public function testEnsureUserActiveForResetPasswordFeature($ensureActive) ->with('reference') ->will($this->returnValue($reference)); $this->Trait->Flash->expects($expectError) - ->method('error') - ->with('The user is not active'); + ->method('success') + ->with('If the account is valid, the system will send an instructional email to the address on record.'); $this->Trait->requestResetPassword(); $this->assertNotEquals('xxx', $this->table->get('00000000-0000-0000-0000-000000000001')->token); } From 5da6e897082bb22e3dcddd543bb96ba24fc8ced3 Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Wed, 13 Mar 2024 09:47:00 +0100 Subject: [PATCH 66/71] fix test testEnsureUserActiveForResetPasswordFeature --- .../TestCase/Controller/Traits/PasswordManagementTraitTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php b/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php index 8384ad9a8..dcbd7d1bf 100644 --- a/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php +++ b/tests/TestCase/Controller/Traits/PasswordManagementTraitTest.php @@ -415,7 +415,7 @@ public function testRequestPasswordEmptyReference() */ public function testEnsureUserActiveForResetPasswordFeature($ensureActive) { - $expectError = $this->never(); + $expectError = $this->any(); if ($ensureActive) { Configure::write('Users.Registration.ensureActive', true); From d850b917d717f196195825c20035c8788068a959 Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Wed, 4 Sep 2024 11:03:58 +0200 Subject: [PATCH 67/71] #1096: fixed `findExistingForSocialLogin` finder --- src/Model/Behavior/SocialBehavior.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index 763be8c91..d6e35f803 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -14,8 +14,10 @@ namespace CakeDC\Users\Model\Behavior; use Cake\Core\Configure; +use Cake\Database\Expression\QueryExpression; use Cake\Datasource\EntityInterface; use Cake\Event\EventDispatcherTrait; +use Cake\ORM\Query; use Cake\Utility\Hash; use CakeDC\Users\Exception\AccountNotActiveException; use CakeDC\Users\Exception\MissingEmailException; @@ -276,11 +278,15 @@ public function generateUniqueUsername($username) * @param array $options Find options with email key. * @return \Cake\ORM\Query */ - public function findExistingForSocialLogin(\Cake\ORM\Query $query, array $options) + public function findExistingForSocialLogin(Query $query, array $options) { - return $query->where([ - $this->_table->aliasField('email') => $options['email'], - ]); + if (!array_key_exists('email', $options)) { + throw new MissingEmailException(__d('cake_d_c/users', 'Email not present')); + } + + return $query->where(fn(QueryExpression $expression) => $expression + ->eq($this->_table->aliasField('email'), $options['email']) + ); } /** From 76293422987a968c4766d97ef20e720fc44f836d Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Wed, 4 Sep 2024 11:10:06 +0200 Subject: [PATCH 68/71] #1096: updated exception message --- src/Model/Behavior/SocialBehavior.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index d6e35f803..84e1f783e 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -281,7 +281,7 @@ public function generateUniqueUsername($username) public function findExistingForSocialLogin(Query $query, array $options) { if (!array_key_exists('email', $options)) { - throw new MissingEmailException(__d('cake_d_c/users', 'Email not present')); + throw new MissingEmailException(__d('cake_d_c/users', 'Missing `email` option in option array')); } return $query->where(fn(QueryExpression $expression) => $expression From 299bfcd26c2fc647adb36b87a4b54a93b6de8657 Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Wed, 4 Sep 2024 11:10:25 +0200 Subject: [PATCH 69/71] #1096: updated exception message --- src/Model/Behavior/SocialBehavior.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index 84e1f783e..e15c01696 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -281,7 +281,7 @@ public function generateUniqueUsername($username) public function findExistingForSocialLogin(Query $query, array $options) { if (!array_key_exists('email', $options)) { - throw new MissingEmailException(__d('cake_d_c/users', 'Missing `email` option in option array')); + throw new MissingEmailException(__d('cake_d_c/users', 'Missing `email` option in options array')); } return $query->where(fn(QueryExpression $expression) => $expression From 916e1581ce25e778283c31fa72d1ab1688f89cc0 Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Wed, 4 Sep 2024 20:30:13 +0200 Subject: [PATCH 70/71] #1096: fixed cs --- src/Model/Behavior/SocialBehavior.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index e15c01696..218d7e391 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -285,8 +285,7 @@ public function findExistingForSocialLogin(Query $query, array $options) } return $query->where(fn(QueryExpression $expression) => $expression - ->eq($this->_table->aliasField('email'), $options['email']) - ); + ->eq($this->_table->aliasField('email'), $options['email'])); } /** From 7c27286420ea5539db9f1fc6b62fe36f0e606ccc Mon Sep 17 00:00:00 2001 From: Adam Rusinowski Date: Thu, 5 Sep 2024 09:49:39 +0200 Subject: [PATCH 71/71] #1096: simplified finder --- src/Model/Behavior/SocialBehavior.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/Model/Behavior/SocialBehavior.php b/src/Model/Behavior/SocialBehavior.php index 218d7e391..097955fa2 100644 --- a/src/Model/Behavior/SocialBehavior.php +++ b/src/Model/Behavior/SocialBehavior.php @@ -14,7 +14,6 @@ namespace CakeDC\Users\Model\Behavior; use Cake\Core\Configure; -use Cake\Database\Expression\QueryExpression; use Cake\Datasource\EntityInterface; use Cake\Event\EventDispatcherTrait; use Cake\ORM\Query; @@ -140,7 +139,6 @@ protected function _createSocialUser($data, $options = []) $useEmail = $options['use_email'] ?? null; $validateEmail = $options['validate_email'] ?? null; $tokenExpiration = $options['token_expiration'] ?? null; - $existingUser = null; $email = $data['email'] ?? null; if ($useEmail && empty($email)) { throw new MissingEmailException(__d('cake_d_c/users', 'Email not present')); @@ -283,9 +281,13 @@ public function findExistingForSocialLogin(Query $query, array $options) if (!array_key_exists('email', $options)) { throw new MissingEmailException(__d('cake_d_c/users', 'Missing `email` option in options array')); } + if (!$options['email']) { + return $query->where('1 != 1'); + } - return $query->where(fn(QueryExpression $expression) => $expression - ->eq($this->_table->aliasField('email'), $options['email'])); + return $query->where([ + $this->_table->aliasField('email') => $options['email'], + ]); } /**