From 93aee27cd95bd2e79353d3041238292c80560669 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Mon, 29 Jul 2013 16:22:51 -0500 Subject: [PATCH 1/6] Add expire option to reminder config. --- app/config/auth.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/config/auth.php b/app/config/auth.php index 62ea9c3d..17736ff1 100644 --- a/app/config/auth.php +++ b/app/config/auth.php @@ -56,7 +56,11 @@ return array( 'reminder' => array( - 'email' => 'emails.auth.reminder', 'table' => 'password_reminders', + 'email' => 'emails.auth.reminder', + + 'table' => 'password_reminders', + + 'expire' => 60, ), From 6a2ad475cfb21d12936cbbb544d8a136fc73be97 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Tue, 30 Jul 2013 09:05:55 -0500 Subject: [PATCH 2/6] Added array validation language lines. --- app/lang/en/validation.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/lang/en/validation.php b/app/lang/en/validation.php index 85a62aa5..5a24a40c 100644 --- a/app/lang/en/validation.php +++ b/app/lang/en/validation.php @@ -19,11 +19,13 @@ return array( "alpha" => "The :attribute may only contain letters.", "alpha_dash" => "The :attribute may only contain letters, numbers, and dashes.", "alpha_num" => "The :attribute may only contain letters and numbers.", + "array" => "The :attribute must be an array.", "before" => "The :attribute must be a date before :date.", "between" => array( "numeric" => "The :attribute must be between :min - :max.", "file" => "The :attribute must be between :min - :max kilobytes.", "string" => "The :attribute must be between :min - :max characters.", + "array" => "The :attribute must have between :min - :max items.", ), "confirmed" => "The :attribute confirmation does not match.", "date" => "The :attribute is not a valid date.", @@ -41,12 +43,14 @@ return array( "numeric" => "The :attribute may not be greater than :max.", "file" => "The :attribute may not be greater than :max kilobytes.", "string" => "The :attribute may not be greater than :max characters.", + "array" => "The :attribute may not have more than :max items.", ), "mimes" => "The :attribute must be a file of type: :values.", "min" => array( "numeric" => "The :attribute must be at least :min.", "file" => "The :attribute must be at least :min kilobytes.", "string" => "The :attribute must be at least :min characters.", + "array" => "The :attribute must have at least :min items.", ), "not_in" => "The selected :attribute is invalid.", "numeric" => "The :attribute must be a number.", @@ -60,6 +64,7 @@ return array( "numeric" => "The :attribute must be :size.", "file" => "The :attribute must be :size kilobytes.", "string" => "The :attribute must be :size characters.", + "array" => "The :attribute must contain :size items.", ), "unique" => "The :attribute has already been taken.", "url" => "The :attribute format is invalid.", From 45f2234bd6cb249f961c0dc6a82dd168dd243d4a Mon Sep 17 00:00:00 2001 From: Michael Meyer Date: Mon, 5 Aug 2013 16:30:06 -0500 Subject: [PATCH 3/6] Update comment for clarity --- app/config/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/config/session.php b/app/config/session.php index e11e98cd..f08e339a 100644 --- a/app/config/session.php +++ b/app/config/session.php @@ -24,7 +24,7 @@ return array( |-------------------------------------------------------------------------- | | Here you may specify the number of minutes that you wish the session - | to be allowed to remain idle for it is expired. If you want them + | to be allowed to remain idle before it is expired. If you want them | to immediately expire when the browser closes, set it to zero. | */ From a4e2584985b4678515839297c51cfa11cf3512d6 Mon Sep 17 00:00:00 2001 From: Michael Meyer Date: Wed, 7 Aug 2013 12:53:37 -0500 Subject: [PATCH 4/6] More clarity --- app/config/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/config/session.php b/app/config/session.php index f08e339a..549d3ff3 100644 --- a/app/config/session.php +++ b/app/config/session.php @@ -24,7 +24,7 @@ return array( |-------------------------------------------------------------------------- | | Here you may specify the number of minutes that you wish the session - | to be allowed to remain idle before it is expired. If you want them + | to be allowed to remain idle before it expires. If you want them | to immediately expire when the browser closes, set it to zero. | */ From 505f445f99678b845669c87c678378af7734a089 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Thu, 29 Aug 2013 08:33:24 +0200 Subject: [PATCH 5/6] Add missing license information in composer.json The license information was missing from the composer.json file. This information is quite important as it is displayed on Packagist and used by automated tools (like http://insight.sensiolabs.com/ for instance) to check compatibility of your project dependencies. --- composer.json | 1 + 1 file changed, 1 insertion(+) diff --git a/composer.json b/composer.json index 0162a474..1ead3fc9 100644 --- a/composer.json +++ b/composer.json @@ -2,6 +2,7 @@ "name": "laravel/laravel", "description": "The Laravel Framework.", "keywords": ["framework", "laravel"], + "license": "MIT", "require": { "laravel/framework": "4.0.*" }, From fbd93f6997a64abb1457aa7328a39ff3df8c5a18 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Fri, 6 Sep 2013 23:42:43 -0500 Subject: [PATCH 6/6] added note about expiry time on reminders. --- app/config/auth.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/config/auth.php b/app/config/auth.php index 17736ff1..38eb282b 100644 --- a/app/config/auth.php +++ b/app/config/auth.php @@ -52,6 +52,10 @@ return array( | that should be used as your password reminder e-mail. You will also | be able to set the name of the table that holds the reset tokens. | + | The "expire" time is the number of minutes that the reminder should be + | considered valid. This security feature keeps tokens short-lived so + | they have less time to be guessed. You may change this as needed. + | */ 'reminder' => array(