BookStack/app/Config/auth.php

<?php

/**
 * Authentication configuration options.
 *
 * Changes to these config files are not supported by BookStack and may break upon updates.
 * Configuration should be altered via the `.env` file or environment variables.
 * Do not edit this file unless you're happy to maintain any changes yourself.
 */

return [

    // Options: standard, ldap, saml2, oidc
    'method' => env('AUTH_METHOD', 'standard'),

    // Automatically initiate login via external auth system if it's the sole auth method.
    // Works with saml2 or oidc auth methods.
    'auto_initiate' => env('AUTH_AUTO_INITIATE', false),

    // Authentication Defaults
    // This option controls the default authentication "guard" and password
    // reset options for your application.
    'defaults' => [
        'guard'     => env('AUTH_METHOD', 'standard'),
        'passwords' => 'users',
    ],

    // Authentication Guards
    // All authentication drivers have a user provider. This defines how the
    // users are actually retrieved out of your database or other storage
    // mechanisms used by this application to persist your user's data.
    // Supported drivers: "session", "api-token", "ldap-session", "async-external-session"
    'guards' => [
        'standard' => [
            'driver'   => 'session',
            'provider' => 'users',
        ],
        'ldap' => [
            'driver'   => 'ldap-session',
            'provider' => 'external',
        ],
        'saml2' => [
            'driver'   => 'async-external-session',
            'provider' => 'external',
        ],
        'oidc' => [
            'driver'   => 'async-external-session',
            'provider' => 'external',
        ],
        'api' => [
            'driver'   => 'api-token',
        ],
    ],

    // User Providers
    // All authentication drivers have a user provider. This defines how the
    // users are actually retrieved out of your database or other storage
    // mechanisms used by this application to persist your user's data.
    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model'  => \BookStack\Auth\User::class,
        ],

        'external' => [
            'driver' => 'external-users',
            'model'  => \BookStack\Auth\User::class,
        ],

        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    ],

    // Resetting Passwords
    // The expire time is the number of minutes that the reset token should be
    // considered valid. This security feature keeps tokens short-lived so
    // they have less time to be guessed. You may change this as needed.
    'passwords' => [
        'users' => [
            'provider' => 'users',
            'email'    => 'emails.password',
            'table'    => 'password_resets',
            'expire'   => 60,
            'throttle' => 60,
        ],
    ],

    // Password Confirmation Timeout
    // Here you may define the amount of seconds before a password confirmation
    // times out and the user is prompted to re-enter their password via the
    // confirmation screen. By default, the timeout lasts for three hours.
    'password_timeout' => 10800,

];
Initial commit 2015-07-12 15:01:42 -04:00			`<?php`

Updated configuration files Added a notice to the top of each to explain they should not be normally modified. Standardised comment format used for each item. Better aligned some files with laravel 5.5 options. 2018-12-23 11:26:39 -05:00			`/**`
			`* Authentication configuration options.`
			`*`
			`* Changes to these config files are not supported by BookStack and may break upon updates.`
			* Configuration should be altered via the `.env` file or environment variables.
			`* Do not edit this file unless you're happy to maintain any changes yourself.`
			`*/`
Initial commit 2015-07-12 15:01:42 -04:00
Updated configuration files Added a notice to the top of each to explain they should not be normally modified. Standardised comment format used for each item. Better aligned some files with laravel 5.5 options. 2018-12-23 11:26:39 -05:00			`return [`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00
Continued review of #2169 - Removed uneeded custom refresh or logout actions for OIDC. - Restructured how the services and guards are setup for external auth systems. SAML2 and OIDC now directly share a lot more logic. - Renamed any OpenId references to OIDC or OpenIdConnect - Removed non-required CSRF excemption for OIDC Not tested, Come to roadblock due to lack of PHP8 support in upstream dependancies. Certificate was deemed to be non-valid on every test attempt due to changes in PHP8. 2021-10-06 18:05:26 -04:00			`// Options: standard, ldap, saml2, oidc`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'method' => env('AUTH_METHOD', 'standard'),`

Review and update of login auto initiation PR For PR #3406 - Updated naming from 'redirect' to 'initate/initation'. - Updated phpunit.xml and .env.example.complete files with the new option. - Cleaned up controller logic a bit. - Added content and design to the new initation view to not leave user on a blank view for a while. - Added non-JS button to initiation view as fallback option for progression. - Moved new test to it's own Test class and expanded with additional scenario tests for better functionality coverage. 2022-06-21 10:32:18 -04:00			`// Automatically initiate login via external auth system if it's the sole auth method.`
			`// Works with saml2 or oidc auth methods.`
			`'auto_initiate' => env('AUTH_AUTO_INITIATE', false),`
Skip intermediate login page with single provider 2022-05-02 06:35:11 -04:00
Updated configuration files Added a notice to the top of each to explain they should not be normally modified. Standardised comment format used for each item. Better aligned some files with laravel 5.5 options. 2018-12-23 11:26:39 -05:00			`// Authentication Defaults`
			`// This option controls the default authentication "guard" and password`
			`// reset options for your application.`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'defaults' => [`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`'guard' => env('AUTH_METHOD', 'standard'),`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'passwords' => 'users',`
			`],`
Initial commit 2015-07-12 15:01:42 -04:00
Updated configuration files Added a notice to the top of each to explain they should not be normally modified. Standardised comment format used for each item. Better aligned some files with laravel 5.5 options. 2018-12-23 11:26:39 -05:00			`// Authentication Guards`
			`// All authentication drivers have a user provider. This defines how the`
			`// users are actually retrieved out of your database or other storage`
			`// mechanisms used by this application to persist your user's data.`
Continued review of #2169 - Removed uneeded custom refresh or logout actions for OIDC. - Restructured how the services and guards are setup for external auth systems. SAML2 and OIDC now directly share a lot more logic. - Renamed any OpenId references to OIDC or OpenIdConnect - Removed non-required CSRF excemption for OIDC Not tested, Come to roadblock due to lack of PHP8 support in upstream dependancies. Certificate was deemed to be non-valid on every test attempt due to changes in PHP8. 2021-10-06 18:05:26 -04:00			`// Supported drivers: "session", "api-token", "ldap-session", "async-external-session"`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'guards' => [`
Simplified guard names and rolled out guard route checks - Included tests to cover for LDAP and SAML - Updated wording for external auth id option. - Updated 'assertPermissionError' test case to be usable in BrowserKitTests 2020-02-02 08:10:21 -05:00			`'standard' => [`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`'driver' => 'session',`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'provider' => 'users',`
			`],`
Started alignment of auth services - Removed LDAP specific logic from login controller, placed in Guard. - Created safer base user provider for ldap login, to be used for SAML soon. - Moved LDAP auth work from user provider to guard. 2020-02-01 06:42:22 -05:00			`'ldap' => [`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`'driver' => 'ldap-session',`
Added files missed in previous commit 2020-02-02 05:59:03 -05:00			`'provider' => 'external',`
			`],`
			`'saml2' => [`
Continued review of #2169 - Removed uneeded custom refresh or logout actions for OIDC. - Restructured how the services and guards are setup for external auth systems. SAML2 and OIDC now directly share a lot more logic. - Renamed any OpenId references to OIDC or OpenIdConnect - Removed non-required CSRF excemption for OIDC Not tested, Come to roadblock due to lack of PHP8 support in upstream dependancies. Certificate was deemed to be non-valid on every test attempt due to changes in PHP8. 2021-10-06 18:05:26 -04:00			`'driver' => 'async-external-session',`
Added files missed in previous commit 2020-02-02 05:59:03 -05:00			`'provider' => 'external',`
Started alignment of auth services - Removed LDAP specific logic from login controller, placed in Guard. - Created safer base user provider for ldap login, to be used for SAML soon. - Moved LDAP auth work from user provider to guard. 2020-02-01 06:42:22 -05:00			`],`
Continued review of #2169 - Removed uneeded custom refresh or logout actions for OIDC. - Restructured how the services and guards are setup for external auth systems. SAML2 and OIDC now directly share a lot more logic. - Renamed any OpenId references to OIDC or OpenIdConnect - Removed non-required CSRF excemption for OIDC Not tested, Come to roadblock due to lack of PHP8 support in upstream dependancies. Certificate was deemed to be non-valid on every test attempt due to changes in PHP8. 2021-10-06 18:05:26 -04:00			`'oidc' => [`
Applied latest styles changes from style CI 2021-10-16 11:01:59 -04:00			`'driver' => 'async-external-session',`
Added files missed in previous commit 2020-02-02 05:59:03 -05:00			`'provider' => 'external',`
Started alignment of auth services - Removed LDAP specific logic from login controller, placed in Guard. - Created safer base user provider for ldap login, to be used for SAML soon. - Moved LDAP auth work from user provider to guard. 2020-02-01 06:42:22 -05:00			`],`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'api' => [`
Laravel 8 shift squash & merge (#3029) * Temporarily moved back config path * Apply Laravel coding style * Shift exception handler * Shift HTTP kernel and middleware * Shift service providers * Convert options array to fluent methods * Shift to class based routes * Shift console routes * Ignore temporary framework files * Shift to class based factories * Namespace seeders * Shift PSR-4 autoloading * Shift config files * Default config files * Shift Laravel dependencies * Shift return type of base TestCase methods * Shift cleanup * Applied stylci style changes * Reverted config files location * Applied manual changes to Laravel 8 shift Co-authored-by: Shift <shift@laravelshift.com> 2021-10-30 16:29:59 -04:00			`'driver' => 'api-token',`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`],`
			`],`
Initial commit 2015-07-12 15:01:42 -04:00
Updated configuration files Added a notice to the top of each to explain they should not be normally modified. Standardised comment format used for each item. Better aligned some files with laravel 5.5 options. 2018-12-23 11:26:39 -05:00			`// User Providers`
			`// All authentication drivers have a user provider. This defines how the`
			`// users are actually retrieved out of your database or other storage`
			`// mechanisms used by this application to persist your user's data.`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'providers' => [`
			`'users' => [`
Fixed failing tests caused by auth changes 2020-02-02 07:00:41 -05:00			`'driver' => 'eloquent',`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`'model' => \BookStack\Auth\User::class,`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`],`
Laravel 8 shift squash & merge (#3029) * Temporarily moved back config path * Apply Laravel coding style * Shift exception handler * Shift HTTP kernel and middleware * Shift service providers * Convert options array to fluent methods * Shift to class based routes * Shift console routes * Ignore temporary framework files * Shift to class based factories * Namespace seeders * Shift PSR-4 autoloading * Shift config files * Default config files * Shift Laravel dependencies * Shift return type of base TestCase methods * Shift cleanup * Applied stylci style changes * Reverted config files location * Applied manual changes to Laravel 8 shift Co-authored-by: Shift <shift@laravelshift.com> 2021-10-30 16:29:59 -04:00
Started alignment of auth services - Removed LDAP specific logic from login controller, placed in Guard. - Created safer base user provider for ldap login, to be used for SAML soon. - Moved LDAP auth work from user provider to guard. 2020-02-01 06:42:22 -05:00			`'external' => [`
			`'driver' => 'external-users',`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`'model' => \BookStack\Auth\User::class,`
Started alignment of auth services - Removed LDAP specific logic from login controller, placed in Guard. - Created safer base user provider for ldap login, to be used for SAML soon. - Moved LDAP auth work from user provider to guard. 2020-02-01 06:42:22 -05:00			`],`
Laravel 8 shift squash & merge (#3029) * Temporarily moved back config path * Apply Laravel coding style * Shift exception handler * Shift HTTP kernel and middleware * Shift service providers * Convert options array to fluent methods * Shift to class based routes * Shift console routes * Ignore temporary framework files * Shift to class based factories * Namespace seeders * Shift PSR-4 autoloading * Shift config files * Default config files * Shift Laravel dependencies * Shift return type of base TestCase methods * Shift cleanup * Applied stylci style changes * Reverted config files location * Applied manual changes to Laravel 8 shift Co-authored-by: Shift <shift@laravelshift.com> 2021-10-30 16:29:59 -04:00
			`// 'users' => [`
			`// 'driver' => 'database',`
			`// 'table' => 'users',`
			`// ],`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`],`
Initial commit 2015-07-12 15:01:42 -04:00
Updated configuration files Added a notice to the top of each to explain they should not be normally modified. Standardised comment format used for each item. Better aligned some files with laravel 5.5 options. 2018-12-23 11:26:39 -05:00			`// Resetting Passwords`
			`// The expire time is the number of minutes that the reset token should be`
			`// considered valid. This security feature keeps tokens short-lived so`
			`// they have less time to be guessed. You may change this as needed.`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`'passwords' => [`
			`'users' => [`
			`'provider' => 'users',`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`'email' => 'emails.password',`
			`'table' => 'password_resets',`
			`'expire' => 60,`
Added throttling to password reset requests 2021-10-08 18:19:37 -04:00			`'throttle' => 60,`
Updated laravel to 5.2 and started ldap implementation 2016-01-09 14:23:35 -05:00			`],`
Initial commit 2015-07-12 15:01:42 -04:00			`],`

Laravel 8 shift squash & merge (#3029) * Temporarily moved back config path * Apply Laravel coding style * Shift exception handler * Shift HTTP kernel and middleware * Shift service providers * Convert options array to fluent methods * Shift to class based routes * Shift console routes * Ignore temporary framework files * Shift to class based factories * Namespace seeders * Shift PSR-4 autoloading * Shift config files * Default config files * Shift Laravel dependencies * Shift return type of base TestCase methods * Shift cleanup * Applied stylci style changes * Reverted config files location * Applied manual changes to Laravel 8 shift Co-authored-by: Shift <shift@laravelshift.com> 2021-10-30 16:29:59 -04:00			`// Password Confirmation Timeout`
			`// Here you may define the amount of seconds before a password confirmation`
			`// times out and the user is prompted to re-enter their password via the`
			`// confirmation screen. By default, the timeout lasts for three hours.`
			`'password_timeout' => 10800,`

Ran phpcbf and updated helpers typehinting 2019-09-15 13:29:51 -04:00			`];`