Skip to content

mcspe/lara-pass-policy

BranchesTags
 
 

Repository files navigation

Laravel Password Policy

Latest Version on Packagist Total Downloads Donate

Installation

You can install the package via composer:

composer require afiqiqmal/lara-pass-policy

You can publish and run the migrations with:

php artisan vendor:publish --provider="Afiqiqmal\LaraPassPolicy\LaraPassPolicyServiceProvider" --tag="migrations"
php artisan migrate

You can publish the config file with:

php artisan vendor:publish --provider="Afiqiqmal\LaraPassPolicy\LaraPassPolicyServiceProvider" --tag="config"

Out of the box, this package provide a view (Blade and Vue templates) to allow users to change own password. If you want to customize the default page you can publish the views with:

php artisan vendor:publish --provider="Afiqiqmal\LaraPassPolicy\LaraPassPolicyServiceProvider" --tag="views"

and customize as you like in:

  • resources/views/auth/verify-password-change.blade.php, for standard stack (Blade templates)
  • resource/js/Pages/Auth/VerifyPasswordChange.vue, if your stack integrate Inertia

Then, be sure to specify the view name in config/lara-pass-policy.views.password-changed.

NOTE: Currently, only Vue stack are supported out of the box: for React/Svelte stack you must create a new page component in resources/js/Pages/Auth, just like the Vue page provided.

Usage

Add HasPasswordPolicy trait to the authenticable model

Add MustVerifyPasswordPolicy interface to the authenticable model

class User extends Authenticable implements MustVerifyPasswordPolicy
{
     use HasPasswordPolicy;
     ...
     ...
}

Add Middleware

Add EnsurePasswordIsChanged middleware in $routeMiddleware

protected $routeMiddleware = [
    ...
    'password_changed' => EnsurePasswordIsChanged::class,
    ...
];

so you can attach it to your routes:

// routes/web.php

Route::middleware(['auth', 'password_changed'])->group(function () {
    return view('welcome');
});

Translations.

You may translate the package string messages (defined in config lara-pass.messages) adding the translated strings in lang/<locale>.json files.

Environment settings.

If you want to disable Password Policy on specific environment (ex: local) set to false this variable in .env file:

# Set to false to disable password policy.
PASSWORD_POLICY_ENABLED=false

You may also customize the number of days before the passwords expire setting the variable in .env file:

# Set to false to disable password policy.
PASSWORD_LIFETIME=30

Validation rules.

If you need to apply your own default password rules, you should define a defaults callback within the boot method of one of your application's service providers, as described in Laravel docs: this package will validate new passwords against those defaults.

Credits

License

The MIT License (MIT). Please see License File for more information.

About

Laravel Password History Policy

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PHP 77.9%
  • Vue 12.9%
  • Blade 9.2%