José Lorenzo Rodríguez
9c4775a220
Merge pull request #1393 from markstory/constant-time-login
...
Hash passwords even when users don't exist.
2013-07-03 13:49:03 -07:00
mark_story
c597855fe4
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Test/Case/Network/CakeRequestTest.php
2013-07-03 14:21:09 -04:00
mark_story
17e4eee73d
Hash passwords even when users don't exist.
...
Not hashing passwords when users don't exist means there is an
opportunity for timing attacks when people use blowfish or other
expensive hashing algorithms.
2013-07-01 21:52:15 -04:00
Marc Würth
e84bf65016
Typo in FormAuthenticate.php
2013-07-01 00:03:03 +02:00
ADmad
f3c69c9f40
docblock updates
2013-06-03 01:04:00 +05:30
ADmad
3303a2cda1
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/Console/Templates/skel/Config/Schema/db_acl.php
lib/Cake/Console/Templates/skel/Config/Schema/i18n.php
lib/Cake/Console/Templates/skel/Config/Schema/sessions.php
lib/Cake/Console/Templates/skel/Config/acl.ini.php
lib/Cake/Console/Templates/skel/Config/acl.php
lib/Cake/Console/Templates/skel/Config/bootstrap.php
lib/Cake/Console/Templates/skel/Config/core.php
lib/Cake/Console/Templates/skel/Config/database.php.default
lib/Cake/Console/Templates/skel/Config/email.php.default
lib/Cake/Console/Templates/skel/Config/routes.php
lib/Cake/Console/Templates/skel/Console/Command/AppShell.php
lib/Cake/Console/Templates/skel/Console/cake.bat
lib/Cake/Console/Templates/skel/Console/cake.php
lib/Cake/Console/Templates/skel/Controller/AppController.php
lib/Cake/Console/Templates/skel/Controller/PagesController.php
lib/Cake/Console/Templates/skel/Model/AppModel.php
lib/Cake/Console/Templates/skel/View/Errors/error400.ctp
lib/Cake/Console/Templates/skel/View/Errors/error500.ctp
lib/Cake/Console/Templates/skel/View/Helper/AppHelper.php
lib/Cake/Console/Templates/skel/View/Layouts/Emails/html/default.ctp
lib/Cake/Console/Templates/skel/View/Layouts/ajax.ctp
lib/Cake/Console/Templates/skel/View/Layouts/default.ctp
lib/Cake/Console/Templates/skel/View/Layouts/error.ctp
lib/Cake/Console/Templates/skel/View/Layouts/flash.ctp
lib/Cake/Console/Templates/skel/View/Pages/home.ctp
lib/Cake/Console/Templates/skel/index.php
lib/Cake/Console/Templates/skel/webroot/index.php
lib/Cake/Console/Templates/skel/webroot/test.php
2013-06-02 18:03:59 +05:30
Marc Würth
4c9f0414cb
Improved the DocBlocks and other code cleanup
...
Fixed @license tag, url comes first
Whitespace and other minor code cleanup
Added some docblocks
2013-05-31 00:11:19 +02:00
ADmad
56fa0dccda
Remove unnecessary overriding of '_findUser()' in 'DigestAuthenticate'.
2013-05-26 12:31:40 +05:30
ADmad
dd2892ad8d
Added password hasher
2013-05-26 11:29:06 +05:30
ADmad
19f8274a95
Merge branch 'master' into 2.4
...
Conflicts:
lib/Cake/VERSION.txt
2013-04-25 03:06:04 +05:30
Jose Lorenzo Rodriguez
db6dd18f86
Fixing case where it was possible to pass array data to FormAuthenticate
...
fields
2013-04-24 22:33:24 +02:00
Ceeram
89ecd95e55
fix failing tests
2013-03-18 18:47:05 +01:00
Ceeram
b28ea65b24
stop execution when unauthenticated, to prevent the page to show when canceling auth popup
2013-03-18 15:41:34 +01:00
ADmad
b7834a2b16
Implemented stateless login for Auth
2013-03-10 00:11:35 +05:30
Adam Taylor
433dd09ec4
Fix typos
2013-03-05 00:05:14 -07:00
euromark
111366d5c8
== to === and != to !== where applicable
2013-02-12 03:38:08 +01:00
ADmad
a9bbfd80c7
Added type hinting
2013-02-09 18:09:11 +05:30
Graham Weldon
66d856d883
Added extra line for referencing license file for copyright
2013-02-08 21:22:51 +09:00
Graham Weldon
7b860debe4
This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years.
...
I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0.
2013-02-08 20:59:49 +09:00
Ceeram
3f4d24bfc0
remove unused local variables and a few improvements
2012-12-23 13:53:13 +01:00
euromark
b811afbc44
double spaces to single ones
2012-12-22 23:48:15 +01:00
ADmad
72d6ca636f
Docblock fixes
2012-11-29 04:36:29 +05:30
Heath Nail
895fcac0cd
Improve Blowfish Docblocks
2012-11-12 14:36:43 -05:00
mark_story
e0aab77dab
Merge branch 'master' into 2.3
...
Conflicts:
app/Config/Schema/i18n.php
lib/Cake/I18n/Multibyte.php
lib/Cake/Test/Case/Log/CakeLogTest.php
lib/Cake/Test/Case/Routing/DispatcherTest.php
2012-11-10 21:33:26 -05:00
mark_story
3de72baeb1
Remove int cast from authentication adapters.
...
Forcing an int cast makes using the contain option difficult as you are
also required to manually set the recursive option. Omitting the
cast allows recursive to be set to null.
Fixes #3347
2012-11-06 20:27:28 -05:00
Adam Taylor
4090c2e932
Remove trailing whitespace from comments
...
See http://groups.google.com/d/topic/cakephp-core/fuHTYMKVJno/discussion
2012-10-15 18:19:37 -06:00
mark_story
6a95b5746a
Remove un-necessary parameter.
2012-08-30 14:48:13 +01:00
mark_story
19c2a58185
Fix strict errors.
2012-08-30 14:46:29 +01:00
Heath Nail
d24bbcb255
Add BlowfishAuthenticate adapter.
2012-08-23 11:23:51 -04:00
euromark
3945c0e6a8
rtim files
2012-07-18 03:55:29 +02:00
Jelle Henkens
f7ce5262b7
Updating mixed @param documentation to seperate list of accepted types
2012-05-21 21:55:10 +01:00
Mark Story
37d235fa16
Merge pull request #594 from tigrang/auth-ext
...
Added `contain` option to AuthComponent's Authentication objects
2012-05-09 17:48:44 -07:00
Tigran Gabrielyan
3c4087da4f
Fixing default value of contain
2012-04-04 19:06:54 -07:00
Tigran Gabrielyan
bf628c493c
Added ability for Auth login to use contain
2012-04-04 18:09:38 -07:00
mark_story
19e0d8d946
Switch usage to Hash where possible.
2012-03-26 22:32:53 -04:00
Juan Basso
c754fb2dcb
Updated copyright to 2012.
2012-03-12 22:46:46 -04:00
Thomas Ploch
79cab67be7
Adding missing 'recursive' option to DigestAuthenticate object.
...
Used integer casting in _findUser() method for 'recursive' option.
2012-03-05 11:06:46 +01:00
mark_story
61aba0f0f8
Fix most coding standard issues in Controller.
2012-03-03 19:27:46 -05:00
euromark
22452f61f8
type hinting controllers and views
2012-02-25 19:46:06 -05:00
mark_story
2afb05b590
Merge branch '2.0' into 2.1
...
Conflicts:
app/View/Pages/home.ctp
lib/Cake/Config/config.php
lib/Cake/Core/App.php
lib/Cake/VERSION.txt
lib/Cake/View/Helper/NumberHelper.php
2012-02-12 10:06:13 -05:00
mark_story
6f914174a6
Fix issues with double / & leading/trailing /
...
Authorize classes should remove // and leading trailing /
Without this incorrect paths that fail to match nodes can be
generated. This also allows settings[actionPath] to be
permissive in what it accepts.
Fixes #2563
2012-02-11 10:29:18 -05:00
Mark Story
b76f8f8832
Merge pull request #260 from tPl0ch/2.1-authenticate
...
Added 'recursive' settings option to BaseAuthenticate and BasicAuthenticate
2012-01-12 18:53:19 -08:00
Kyle Robinson Young
1e1c7a036d
Code consistency formatting tweaks
2011-12-06 12:52:48 -08:00
Kyle Robinson Young
8197f87dbc
Spelling and grammar fixes
2011-12-01 21:58:09 -08:00
Gun.io Whitespace Robot
4742168253
Remove whitespace [Gun.io WhitespaceBot]
2011-10-28 18:25:08 -04:00
Thomas Ploch
521dff8468
Added 'recursive' settings option to BaseAuthenticate and BasicAuthenticate to have a bit more fine grained control in custom Authenticate objects.
2011-10-19 17:54:08 +02:00
mark_story
9e080951b1
Adding additional documentation for CrudAuthorize.
...
Fixes #2034
2011-09-28 23:25:14 -04:00
mark_story
a5fe702624
Updating CrudAuthorize to work like ActionsAuthorize.
...
Updating tests.
Fixes #1749
2011-09-26 20:38:38 -04:00
mark_story
7cabb4e4d5
Extracting password hashing into as separate method.
...
This makes is much easier for a subclass to only change how passwords
are hashed.
2011-09-21 07:38:22 -04:00
Juan Basso
0575e92833
Added visibility in some methods and attributes.
2011-08-18 22:30:28 -04:00
Juan Basso
16ef234180
Removing trailing spaces.
2011-08-15 23:55:08 -04:00
Juan Basso
fedadc091c
Included @throws in API that was missing.
2011-07-31 16:55:52 -04:00
Juan Basso
fbbfbaf870
Fixed some API doc in controller.
2011-07-29 00:06:43 -04:00
Jose Lorenzo Rodriguez
cfd2d9e00b
Updating all @package annotations in doc blocks
2011-07-26 01:46:14 -04:30
mark_story
71933f5cf5
Adding a logout callback to authenticate objects.
...
Adding tests for the callback.
Adding doc blocks for the new callback.
Fixes #1758
2011-07-03 12:53:21 -04:00
mark_story
cbc7e82bd2
Fixing issue where Aro nodes would be incorrectly formatted for use
...
with the AclComponent. Fixes #1749
2011-06-02 21:53:56 -04:00
Juan Basso
192812ee7f
Updating the copyright to 2011.
2011-05-30 22:32:43 -04:00
Renan Gonçalves
438050dcaa
Adding 'public' visibility to all public methods.
2011-05-30 22:02:32 +02:00
AD7six
32df3156a7
consolidate cake_error and cake_developer to simply "cake_dev"
...
it's a lot easier for adding new translations to think:
is it for the end user?
use 'cake' as the domain
is it for the developer
use 'cake_dev' as the domain
is it for the console
use 'cake_console' as the domain
also neatly avoids the "this message is an error, and it's in
cake_developer, why?" - question (because cake_error was intended for
anything which is used in trigger_error/exceptions, not a variable named
$error
2011-03-20 16:38:31 +01:00
AD7six
f95340b361
use the domain cake_error for error message intended for the developer
2011-03-19 18:07:05 +01:00
AD7six
cb7f0f087e
translation changes in the controller ditranslation changes in the
...
controller dirr
2011-03-12 19:59:40 +01:00
Jose Lorenzo Rodriguez
0696dd9200
Fixing BasicAuthenticate test
2011-03-05 19:37:56 -04:30
Jose Lorenzo Rodriguez
ec8577a562
Fixing CrudAuthorize test
2011-03-05 19:30:05 -04:30
Jose Lorenzo Rodriguez
f1e2f5e949
Starting to migrate AuthComponent to the new class loader
2011-03-05 17:40:42 -04:30
Jose Lorenzo Rodriguez
3ee49c0c5c
Moving BaseAuthenticate class
2011-03-05 17:37:09 -04:30
Jose Lorenzo Rodriguez
82834f2ec0
Moving Auth related classes to the new structure
2011-03-01 23:38:39 -04:30