feat(auth): prohibit disposable emails (#560)

This commit is contained in:
paranarimasu
2023-03-20 11:12:04 -05:00
committed by GitHub
parent 8faf07d56f
commit 3ab6a476be
11 changed files with 173 additions and 14 deletions
+6 -6
View File
@@ -29,16 +29,16 @@ class CreateNewUser implements CreatesNewUsers
public function create(array $input): User
{
Validator::make($input, [
'name' => ['required', 'string', 'max:255', 'alpha_dash', Rule::unique(User::TABLE)],
'email' => ['required', 'string', 'email', 'max:255', Rule::unique(User::TABLE)],
'password' => Password::required(),
User::ATTRIBUTE_NAME => ['required', 'string', 'max:255', 'alpha_dash', Rule::unique(User::TABLE)],
User::ATTRIBUTE_EMAIL => ['required', 'string', 'email', 'max:255', 'indisposable', Rule::unique(User::TABLE)],
User::ATTRIBUTE_PASSWORD => Password::required(),
'terms' => ['required'],
])->validate();
$user = new User([
User::ATTRIBUTE_NAME => Arr::get($input, 'name'),
User::ATTRIBUTE_EMAIL => Arr::get($input, 'email'),
User::ATTRIBUTE_PASSWORD => Hash::make(Arr::get($input, 'password')),
User::ATTRIBUTE_NAME => Arr::get($input, User::ATTRIBUTE_NAME),
User::ATTRIBUTE_EMAIL => Arr::get($input, User::ATTRIBUTE_EMAIL),
User::ATTRIBUTE_PASSWORD => Hash::make(Arr::get($input, User::ATTRIBUTE_PASSWORD)),
]);
$user->save();
+2 -2
View File
@@ -29,11 +29,11 @@ class ResetUserPassword implements ResetsUserPasswords
public function reset(User $user, array $input): void
{
Validator::make($input, [
'password' => Password::required(),
User::ATTRIBUTE_PASSWORD => Password::required(),
])->validate();
$user->forceFill([
User::ATTRIBUTE_PASSWORD => Hash::make(Arr::get($input, 'password')),
User::ATTRIBUTE_PASSWORD => Hash::make(Arr::get($input, User::ATTRIBUTE_PASSWORD)),
])->save();
}
}
+2 -2
View File
@@ -31,7 +31,7 @@ class UpdateUserPassword implements UpdatesUserPasswords
{
Validator::make($input, [
'current_password' => ['required', 'string'],
'password' => Password::required(),
User::ATTRIBUTE_PASSWORD => Password::required(),
])->after(function (IlluminateValidator $validator) use ($user, $input) {
if (! isset($input['current_password']) || ! Hash::check($input['current_password'], $user->password)) {
$validator->errors()
@@ -40,7 +40,7 @@ class UpdateUserPassword implements UpdatesUserPasswords
})->validateWithBag('updatePassword');
$user->forceFill([
User::ATTRIBUTE_PASSWORD => Hash::make(Arr::get($input, 'password')),
User::ATTRIBUTE_PASSWORD => Hash::make(Arr::get($input, User::ATTRIBUTE_PASSWORD)),
])->save();
}
}
@@ -29,7 +29,7 @@ class UpdateUserProfileInformation implements UpdatesUserProfileInformation
{
$validated = Validator::make($input, [
User::ATTRIBUTE_NAME => ['sometimes', 'required', 'string', 'max:255', 'alpha_dash', Rule::unique(User::TABLE)->ignore($user->id)],
User::ATTRIBUTE_EMAIL => ['sometimes', 'required', 'string', 'email', 'max:255', Rule::unique(User::TABLE)->ignore($user->id)],
User::ATTRIBUTE_EMAIL => ['sometimes', 'required', 'string', 'email', 'max:255', 'indisposable', Rule::unique(User::TABLE)->ignore($user->id)],
])->validate();
$email = Arr::get($validated, User::ATTRIBUTE_EMAIL);
+7
View File
@@ -21,6 +21,7 @@ use Illuminate\Support\Facades\Config;
use Laravel\Horizon\Console\SnapshotCommand;
use Laravel\Sanctum\Console\Commands\PruneExpired;
use Laravel\Telescope\Console\PruneCommand as PruneTelescopeEntriesCommand;
use Propaganistas\LaravelDisposableEmail\Console\UpdateDisposableDomainsCommand;
/**
* Class Kernel.
@@ -110,6 +111,12 @@ class Kernel extends ConsoleKernel
->runInBackground()
->storeOutput()
->hourly();
$schedule->command(UpdateDisposableDomainsCommand::class)
->withoutOverlapping()
->runInBackground()
->storeOutput()
->weekly();
}
/**
+1
View File
@@ -47,6 +47,7 @@
"laravel/tinker": "^2.8",
"league/flysystem-aws-s3-v3": "^3.0",
"pbmedia/laravel-ffmpeg": "^8.3",
"propaganistas/laravel-disposable-email": "^2.2",
"spatie/db-dumper": "^3.1.1",
"spatie/laravel-permission": "^5.8",
"staudenmeir/belongs-to-through": "^2.12",
Generated
+76 -1
View File
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "ff7e688c9d9cfd387797a6f966145198",
"content-hash": "e3bbf30e62ddad243e652db24175650c",
"packages": [
{
"name": "akaunting/laravel-setting",
@@ -5472,6 +5472,81 @@
},
"time": "2022-06-13T21:57:56+00:00"
},
{
"name": "propaganistas/laravel-disposable-email",
"version": "2.2.4",
"source": {
"type": "git",
"url": "https://github.com/Propaganistas/Laravel-Disposable-Email.git",
"reference": "80d65e8e959dca6e968a54a0f51b74074ee6421e"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Propaganistas/Laravel-Disposable-Email/zipball/80d65e8e959dca6e968a54a0f51b74074ee6421e",
"reference": "80d65e8e959dca6e968a54a0f51b74074ee6421e",
"shasum": ""
},
"require": {
"ext-json": "*",
"illuminate/cache": "^8.0|^9.0|^10.0",
"illuminate/config": "^8.0|^9.0|^10.0",
"illuminate/console": "^8.0|^9.0|^10.0",
"illuminate/contracts": "^8.0|^9.0|^10.0",
"illuminate/support": "^8.0|^9.0|^10.0",
"illuminate/validation": "^8.0|^9.0|^10.0",
"php": "^8.0"
},
"require-dev": {
"mockery/mockery": "^1.4.2",
"orchestra/testbench": "*",
"phpunit/phpunit": "^9.5.10"
},
"type": "library",
"extra": {
"laravel": {
"providers": [
"Propaganistas\\LaravelDisposableEmail\\DisposableEmailServiceProvider"
]
}
},
"autoload": {
"psr-4": {
"Propaganistas\\LaravelDisposableEmail\\": "src/",
"Propaganistas\\LaravelDisposableEmail\\Tests\\": "tests/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Propaganistas",
"email": "Propaganistas@users.noreply.github.com"
}
],
"description": "Disposable email validator",
"keywords": [
"disposable",
"email",
"laravel",
"mail",
"temporary",
"throwaway",
"validator"
],
"support": {
"issues": "https://github.com/Propaganistas/Laravel-Disposable-Email/issues",
"source": "https://github.com/Propaganistas/Laravel-Disposable-Email/tree/2.2.4"
},
"funding": [
{
"url": "https://github.com/Propaganistas",
"type": "github"
}
],
"time": "2023-02-04T16:25:15+00:00"
},
{
"name": "psr/cache",
"version": "3.0.0",
+74
View File
@@ -0,0 +1,74 @@
<?php
declare(strict_types=1);
use Propaganistas\LaravelDisposableEmail\Fetcher\DefaultFetcher;
return [
/*
|--------------------------------------------------------------------------
| JSON Source URL
|--------------------------------------------------------------------------
|
| The source URL yielding a list of disposable email domains. Change this
| to whatever source you like. Just make sure it returns a JSON array.
|
| A sensible default is provided using jsDelivr's services. jsDelivr is
| a free service, so there are no uptime or support guarantees.
|
*/
'source' => 'https://cdn.jsdelivr.net/gh/disposable/disposable-email-domains@master/domains.json',
/*
|--------------------------------------------------------------------------
| Fetch class
|--------------------------------------------------------------------------
|
| The class responsible for fetching the contents of the source url.
| The default implementation makes use of file_get_contents and
| json_decode and will probably suffice for most applications.
|
| If your application has different needs (e.g. behind a proxy) then you
| can define a custom fetch class here that carries out the fetching.
| Your custom class should implement the Fetcher contract.
|
*/
'fetcher' => DefaultFetcher::class,
/*
|--------------------------------------------------------------------------
| Storage Path
|--------------------------------------------------------------------------
|
| The location where the retrieved domains list should be stored locally.
| The path should be accessible and writable by the web server. A good
| place for storing the list is in the framework's own storage path.
|
*/
'storage' => storage_path('framework/disposable_domains.json'),
/*
|--------------------------------------------------------------------------
| Cache Configuration
|--------------------------------------------------------------------------
|
| Here you may define whether the disposable domains list should be cached.
| If you disable caching or when the cache is empty, the list will be
| fetched from local storage instead.
|
| You can optionally specify an alternate cache connection or modify the
| cache key as desired.
|
*/
'cache' => [
'enabled' => true,
'store' => 'default',
'key' => 'disposable_email:domains',
],
];
+1
View File
@@ -75,6 +75,7 @@ return [
'image' => 'The :attribute must be an image.',
'in' => 'The selected :attribute is invalid.',
'in_array' => 'The :attribute field does not exist in :other.',
'indisposable' => 'Disposable email addresses are not allowed.',
'integer' => 'The :attribute must be an integer.',
'ip' => 'The :attribute must be a valid IP address.',
'ipv4' => 'The :attribute must be a valid IPv4 address.',
+2 -2
View File
@@ -1,7 +1,7 @@
{
"/app.js": "/app.js?id=fc87559387788aba14201a8d24757d03",
"/app.js": "/app.js?id=04e348094a54ac4cf95cdaa45acb8f58",
"/manifest.js": "/manifest.js?id=d75058ce2144a4049857d3ff9e02de1e",
"/app.css": "/app.css?id=c50093a39cdeeb8d1fb37e4b14e73bc7",
"/app.css": "/app.css?id=30653583355cfd55b0fd95f328ff4706",
"/vendor.js": "/vendor.js?id=de86bde8857e857b607852d11627d8e4",
"/fonts/snunitosansv11pe01mimslybiv1o4x1m8cce4g1pty10iurt9w6fk2a.woff2": "/fonts/snunitosansv11pe01mimslybiv1o4x1m8cce4g1pty10iurt9w6fk2a.woff2?id=c8390e146be0a3c8a5498355dec892ae",
"/fonts/snunitosansv11pe01mimslybiv1o4x1m8cce4g1pty14iurt9w6fk2a.woff2": "/fonts/snunitosansv11pe01mimslybiv1o4x1m8cce4g1pty14iurt9w6fk2a.woff2?id=b0735c7dd6126471acbaf9d6e9f5e41a",
+1
View File
@@ -6,3 +6,4 @@ services.json
events.scanned.php
routes.scanned.php
down
disposable_domains.json