Merge branch 'release/v5.3.8'

Author: rappasoft

CHANGELOG.md

@@ -3,6 +3,18 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+## [5.3.8] - 2019-08-21
+### Added
+- Added Azerbaijan language (https://github.com/rappasoft/laravel-boilerplate/pull/1254)
+- Added NIST Password Rules (https://github.com/rappasoft/laravel-boilerplate/pull/1258)
+
+### Changed
+- Assign all permissions to the Admin role without the need to explicitly assign the roles/permissions to the user. (https://github.com/rappasoft/laravel-boilerplate/pull/1227)
+
+### Removed
+- Removed default Google scopes (https://github.com/rappasoft/laravel-boilerplate/pull/1253/files)
+- Removed ChangePassword rule as the new NIST rules cover it
+
 ## 5.3.7 - 2019-08-21
 ### Added
 - Actual changelog
@@ -95,4 +107,5 @@ All notable changes to this project will be documented in this file.
 - Fix yarn tests
 - Fix: Socially logged in users get assigned the default role
 
-[Unreleased]: https://github.com/rappasoft/laravel-boilerplate/compare/v5.3.7...HEAD
+[Unreleased]: https://github.com/rappasoft/laravel-boilerplate/compare/v5.3.8...HEAD
+[5.3.8]: https://github.com/olivierlacan/keep-a-changelog/compare/v5.3.7...v5.3.8

app/Http/Controllers/Frontend/Auth/LoginController.php

@@ -10,6 +10,7 @@
 use App\Events\Frontend\Auth\UserLoggedIn;
 use App\Events\Frontend\Auth\UserLoggedOut;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
+use LangleyFoxall\LaravelNISTPasswordRules\PasswordRules;
 
 /**
  * Class LoginController.
@@ -47,6 +48,22 @@ public function username()
         return config('access.users.username');
     }
 
+    /**
+     * Validate the user login request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return void
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    protected function validateLogin(Request $request)
+    {
+        $request->validate([
+            $this->username() => 'required|string',
+            'password' => PasswordRules::login(),
+        ]);
+    }
+
     /**
      * The user has been authenticated.
      *

app/Http/Requests/Backend/Auth/User/StoreUserRequest.php

@@ -4,6 +4,7 @@
 
 use Illuminate\Validation\Rule;
 use Illuminate\Foundation\Http\FormRequest;
+use LangleyFoxall\LaravelNISTPasswordRules\PasswordRules;
 
 /**
  * Class StoreUserRequest.
@@ -31,7 +32,7 @@ public function rules()
             'first_name' => ['required', 'max:191'],
             'last_name' => ['required', 'max:191'],
             'email' => ['required', 'email', 'max:191', Rule::unique('users')],
-            'password' => ['required', 'min:6', 'confirmed'],
+            'password' => PasswordRules::register($this->email),
             'roles' => ['required', 'array'],
         ];
     }

app/Http/Requests/Backend/Auth/User/UpdateUserPasswordRequest.php

@@ -2,10 +2,9 @@
 
 namespace App\Http\Requests\Backend\Auth\User;
 
-use App\Rules\Auth\ChangePassword;
 use App\Rules\Auth\UnusedPassword;
 use Illuminate\Foundation\Http\FormRequest;
-use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;
+use LangleyFoxall\LaravelNISTPasswordRules\PasswordRules;
 
 /**
  * Class UpdateUserPasswordRequest.
@@ -30,13 +29,12 @@ public function authorize()
     public function rules()
     {
         return [
-            'password' => [
-                'required',
-                'confirmed',
-                new ChangePassword(),
-                new PasswordExposed(),
-                new UnusedPassword((int) $this->segment(4)),
-            ],
+            'password' => array_merge(
+                [
+                    new UnusedPassword((int) $this->segment(4)),
+                ],
+                PasswordRules::changePassword($this->email)
+            ),
         ];
     }
 }

app/Http/Requests/Frontend/Auth/RegisterRequest.php

@@ -4,6 +4,7 @@
 
 use Illuminate\Validation\Rule;
 use Illuminate\Foundation\Http\FormRequest;
+use LangleyFoxall\LaravelNISTPasswordRules\PasswordRules;
 
 /**
  * Class RegisterRequest.
@@ -31,7 +32,7 @@ public function rules()
             'first_name' => ['required', 'string', 'max:191'],
             'last_name' => ['required', 'string', 'max:191'],
             'email' => ['required', 'string', 'email', 'max:191', Rule::unique('users')],
-            'password' => ['required', 'string', 'min:6', 'confirmed'],
+            'password' => PasswordRules::register($this->email),
             'g-recaptcha-response' => ['required_if:captcha_status,true', 'captcha'],
         ];
     }

app/Http/Requests/Frontend/Auth/ResetPasswordRequest.php

@@ -2,10 +2,9 @@
 
 namespace App\Http\Requests\Frontend\Auth;
 
-use App\Rules\Auth\ChangePassword;
 use App\Rules\Auth\UnusedPassword;
 use Illuminate\Foundation\Http\FormRequest;
-use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;
+use LangleyFoxall\LaravelNISTPasswordRules\PasswordRules;
 
 /**
  * Class ResetPasswordRequest.
@@ -32,13 +31,12 @@ public function rules()
         return [
             'token' => ['required'],
             'email' => ['required', 'email'],
-            'password' => [
-                'required',
-                'confirmed',
-                new ChangePassword(),
-                new PasswordExposed(),
-                new UnusedPassword($this->get('token')),
-            ],
+            'password' => array_merge(
+                [
+                    new UnusedPassword($this->get('token')),
+                ],
+                PasswordRules::changePassword($this->email)
+            ),
         ];
     }
 }

app/Http/Requests/Frontend/User/UpdatePasswordRequest.php

@@ -2,10 +2,9 @@
 
 namespace App\Http\Requests\Frontend\User;
 
-use App\Rules\Auth\ChangePassword;
 use App\Rules\Auth\UnusedPassword;
 use Illuminate\Foundation\Http\FormRequest;
-use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;
+use LangleyFoxall\LaravelNISTPasswordRules\PasswordRules;
 
 /**
  * Class UpdatePasswordRequest.
@@ -31,13 +30,15 @@ public function rules()
     {
         return [
             'old_password' => ['required'],
-            'password' => [
-                'required',
-                'confirmed',
-                new ChangePassword(),
-                new PasswordExposed(),
-                new UnusedPassword($this->user()),
-            ],
+            'password' => array_merge(
+                [
+                    new UnusedPassword($this->user()),
+                ],
+                PasswordRules::changePassword(
+                    $this->email,
+                    config('access.users.password_history') ? 'old_password' : null
+                )
+            ),
         ];
     }
 }

app/Providers/AuthServiceProvider.php

@@ -2,6 +2,7 @@
 
 namespace App\Providers;
 
+use Gate;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 
 /**
@@ -25,6 +26,10 @@ public function boot()
     {
         $this->registerPolicies();
 
-        //
+        // Implicitly grant "Admin" role all permissions
+        // This works in the app by using gate-related functions like auth()->user->can() and @can()
+        Gate::before(function ($user, $ability) {
+            return $user->hasRole(config('access.users.admin_role')) ? true : null;
+        });
     }
 }

app/Rules/Auth/ChangePassword.php

@@ -15,9 +15,9 @@
         "beyondcode/laravel-self-diagnosis": "^1.0",
         "creativeorange/gravatar": "~1.0",
         "davejamesmiller/laravel-breadcrumbs": "^5.0",
-        "divineomega/laravel-password-exposed-validation-rule": "^2.0.1",
         "fideloper/proxy": "^4.0",
         "hieu-le/active": "^3.5",
+        "langleyfoxall/laravel-nist-password-rules": "^4.0",
         "laravel/framework": "5.8.*",
         "laravel/socialite": "^4.1",
         "laravel/tinker": "^1.0",