Version 0.7.0 #1

"dependencies": {
        "@popperjs/core": "^2.9.2",
        "bootstrap": "5.0.2",
        "chartist": "^0.11.4",
        "chartist-plugin-tooltips": "^0.0.17",
        "notyf": "^3.10.0",
        "nouislider": "^15.2.0",
        "onscreen": "^1.4.0",
        "sass": "^1.47.0",
        "simplebar": "^5.3.4",
        "smooth-scroll": "^16.1.3",
        "sweetalert2": "^11.0.18",
        "vanillajs-datepicker": "^1.2.0",
        "waypoints": "^4.0.1"
    },
    "devDependencies": {
        "sass-loader": "^13.3.2",
    }

Added and configured css, js in Vite. 719d4c7f10

Implemented password validation rules in the AppServiceProvider class. Ensured passwords should be at least 8 characters long, contain a mix of uppercase, lowercase, and special characters. These rules apply only for the production environment. 0073dffc28

A new enumeration 'SystemRole' has been created for user roles. For now, it only contains one case 'Admin'. This list is intended to designate system roles that cannot be removed. d0bd480dc1

Added console command to add user with admin role. 6b2aff910b

Made authorization. f481ee765d

Extended rate limiting functionality within the RouteServiceProvider to limit the login requests. Now the application limits the number of requests both per IP address and per email. This will drastically improve security by minimizing automated spam and brute-force attack attempts. 5d61ab425e

The authorization method of the AuthController has been updated to specify a return type. This was done to ensure that the method always returns an instance of a RedirectResponse, thereby enhancing the code's readability and preventing unexpected return types. 00910831a4

Modified the Middleware Kernel to use a new method for request throttling that uses Redis and created a new middleware to ensure that user email is verified. c18e7e54b7

These changes allow for more efficient request throttling by utilizing Redis. The new EnsureUserIsVerified middleware improves security by validating that a user's email has been verified or if the user is active before granting access, returning a 403 error if the user fails these checks.

Introduced a new class ServiceResultSuccess to distinctively handle successful service responses. Changes were made in AuthService and Service base class to replace ServiceResultArray with ServiceResultSuccess for successful operations. This provides a more accurate response type and improves code readability. 91810190b7

A new method 'isError' has been introduced to the ServiceResult interface and its implementation. This change was made to improve readability and logic. Now instead of checking if the result is not successful, we can directly check if it's an error using isError method. This improves the code clarity. 6dd24ac1d3

Refactor error check in AuthController. 92206a028a

Changed the error check in the AuthController from checking if the result is not successful to checking if the result has an error. This change was made to clarify the code and ensure that errors are handled properly.

Added necessary template files and view components for scaffolding of the private area of the application. This includes error and success message components for efficient handling of user feedback messages. Added navigation components and dashboard structure to the private layout. This will streamline the implementation of features in the private area and ensure a consistent user interface. 398f5e2097

Changed the way bootstrap is imported and added Chartist for charting functionality. This update provides wider access to Bootstrap features and integrates Chartist for better data representation. 24098415b5

This commit adds two new components for handling form inputs in the private section of the site. 'Form.php' provides a base class for forms with methods for retrieving request names. 'Input.php' extends this to handle input fields specifically, allowing title, name, type, and value to be specified. An associated Blade view 'input.blade.php' has been added to render these inputs in views. This helps in reusability and maintainability. 55cd927f12

This commit adds update functionality to user profiles. New routes, views, and controller methods have been created to facilitate this along with form requests for validation. Significant changes include new methods in the ProfileController, addition of an UpdateRequest class for validation purposes and the creation of a profile update view. These changes allow users to edit and update their profile information on the application. 00a0624eea

Added a new feature to allow users to update their passwords. 39eae7f196

Changed the data type and default value of 'locale' and 'timezone' fields in the users table. Instead of using strings, we are now using unsigned integers. e5d0cac07d

!!! Since the project has not yet been launched, therefore, I do not create a new migration, but change the current one. !!!

The 'locale' column in the users table migration was renamed to 'lang'. This change was made to improve the clarity and consistency of naming conventions across the database. The term 'lang' is more universally recognized and thus provides better code readability. 524bf569e3

!!! Since the project has not yet been launched, therefore, I do not create a new migration, but change the current one. !!!

Updated the visibility of getTitle, getType, and getValue methods in the Input class from protected to private. This was done to limit and control access to these methods to only within the class, enhancing encapsulation and improving security. 79112680bd

The type for 'timezone' in the 'users' table was previously assigned as an unsigned integer. For flexible usage and to support a larger range of timezones, it has been altered to a string. The maximum length is set to 50 characters. This change ensures a more universal and user-friendly handling of various timezone situations. b1c9dac3cc

!!! Since the project has not yet been launched, therefore, I do not create a new migration, but change the current one. !!!

Added the ability to save user settings. 907bac5586

A new middleware UserLocale.php has been added. This middleware sets the language locale based on each user's preference. It operates by checking if the user's preferred language is set during the request cycle and if so, it changes the app's locale accordingly. This feature facilitates personalization by displaying the app in a user's preferred language. 9319c2d92d

Also, registering the middleware in the `Kernel.php` allows it to be used throughout the application

Adjusted padding in sidebar for large screens. a3fa966643

Renamed the "slug" field in the roles table to "code" to facilitate coding standards and improve readability. This unique identifier will now be referred to as 'code' across the application, creating consistency and reducing potential confusion in the future. 2121af2914

!!! Since the project has not yet been launched, therefore, I do not create a new migration, but change the current one. !!!

Update primary color variable in SCSS. adb20f70a5

The color of the links in the footer was changed from primary (probably blue) to gray-700 (dark gray) to improve readability against the white background. The change affects the link to the author's Github page and the link to the Volt - Bootstrap 5 Dashboard Template product page. d10cc8603e

Add @stack('scripts') to main layout. ec5be8167e

Added click confirmation script. 919f6e1e42

Refactor Role.php for improved code clarity. 1facb19efb

The Role class in app/Models has been refactored to improve readability and maintainability. The 'slug' field was replaced with 'code' for consistency with the rest of the codebase. In addition, the 'isRemove' and 'isAdmin' methods were rewritten using new 'Attribute' Eloquent cast. This refactor enhances the code's clarity, promotes better comprehension, and clears redundant code comments.

Added a new function 'errors' in Private Controller to handle service errors. This function checks if the resulted error code matches HTTP_UNPROCESSABLE_ENTITY and in that case, it redirects back with input and errors. For any other case, it aborts with the resulted error code and message. The main purpose of this change is to centralize error handling in one place and make the controller's actions cleaner. ba7e52f8ac

Added the ability to manage a group of users. 4083e2ec5e

Added @canany(['create', 'update'], $role) to resources/views/private/roles/_from.blade.php. dc6b6b0d42

Added the ability to manage users. 52c6fd88d7

Fixed typo deleting RolePolicy: Role to role. 73d99a0432

Added method getRolesForSelect in the RoleRepository. 9c1ed593b5

Added @can('delete', $role). 941699f473

Removed duplicate "Toggle Navigation" keys in languages. faa706a79a

Fixed warning in analysis PHP Storm. 3e18ca6510

Fixed warning in analysis PHP Storm. 8f143c031f

The refactoring added final readonly to App\Services\Role\BuilderCommand. d2b29e2225

Add captcha tokens management. 742b0feaf0

Add Swagger API documentation and proxy routing. 9bfd3fef1a

Added Swagger as a new service in the docker-compose file for generating the API documentation. The new API documentation is provided via an OpenAPI file located at `public/swagger.json`. Changes in routing were done to handle /api-docs requests and redirect them to the running Swagger UI instance. This will make API easier to understand and debug.

Update swagger.json for accurate API path. d72d6ff614

The "servers" section was deleted and the "/api/v1" part was added to "paths" values for a more refined URL structure. This change makes it more clear that the API version is part of the API route.

Rename parameter names in Swagger API documentation. 61cc272e2f

In our Swagger API documentation, the parameter names 'public_token' and 'private_token' have been renamed to match our established naming conventions. The hyphenated form ('public-token' and 'private-token') is more consistent with other parameters.

Remove commented volumes from docker-compose.yml. d8bf5dd116

The lines setting up volumes for the 'swagger' service were commented out and redundant, leading to potential confusion. This commit removes those lines to clean up and simplify the file.

The return comment of the getCoordinators method has been changed. 56cd409301

Revived API /api/v1/captcha. 27046e6674

Now a new captcha is created to check for a bot.

Add CryptographyContract and its implementation c3e4c68a41

Added a new CryptographyContract interface and CryptographyString class that implements this contract. The CryptographyContract encapsulates the encryption and decryption of strings, enforcing these operations to be standardized across the application. The CryptographyString class uses Laravel's native crypt facades to perform these actions. In the AppServiceProvider, CryptographyContract is now bound to CryptographyString class, allowing the container to automatically resolve the dependencies wherever the interface is type hinted.

Add CaptchaToken to permissions language files 35c734d840

This commit adds 'CaptchaToken' key to both English and Russian versions of the permissions language files. The addition of the 'CaptchaToken' key was necessary to provide translations for tokens used in captcha creation. The lack of these labels was causing readability issues in UI.

Removed unnecessary copying in Docker for development. 17fcc6e976

Increase captcha image dimensions 18899c81f2

The dimensions for both the 'image_head' and 'image_body' captcha images have been increased to provide a clearer and more readable captcha for users. 'Image_head' has been updated from 150x40 to 500x75, and 'image_body' from 300x240 to 500x500.

Revived API POST /api/v1/captcha. 520a3ba068

Captcha validation has been adjusted.

Fixed a bug where two identical symbols appeared in a captcha. 10425db5e0

The commit fixes an issue where wrong variable was passed as second argument to randomSymbols method. Previously it was using an uninitialized variable 'fakes' which was supposed to be populated by 'success' variable. The 'success' variable already has the set of valid symbols which should be used to generate fake symbols for captcha.

Revived API POST /captcha/{captcha_uuid}. 9221e089dd

Receiving captcha information for validation.

Correct typo in swagger.json 2a7aaed0db

Fixed a typo in the 'user_agent' variable of the 'GetCaptchaKeyInfo' object in swagger.json. This was important to rectify in order to achieve accuracy and prevent potential errors during API documentation generation.

Added file LICENSE. fcb8532b9d

Added service-captcha-gui. 630c316aaf

Add captcha code integration instructions to edit page. 63d3c8cc6e

In the captcha tokens edit page, a new section has been added to provide instructions for integrating the captcha code in user's website. This aims to facilitate ease of integration for users, by providing them a readily available code snippet.

Update copyright link in footer. ebc2dfd944

The copyright link in the footer of the private layout app has been updated in this revision. Previously, it was pointing to a Github account, kor-elf. It is now pointing to the actual repository, which now resides on git.kor-elf.net. In addition to this, the full name of the owner, Leonid Nikitin (kor-elf), has been added for better transparency and clarity.

Add demo mode restrictions to user operations. b5db913c24

Added functionalities to restrict certain user operations like update, password change, and deletion in demo mode. This is done to prevent demo users from modifying crucial data. Helper methods are created for standard re-usable checks. Also, Blade directive is added for frontend UI demo checks.

Add license information for captcha backgrounds. a52b148101

Add demo mode restriction to CaptchaToken destroy method. 8ccbd5000d

This commit adds a check to the `destroy` method in the `CaptchaTokenService`. It uses the `Helpers::isDemoModeAndUserDenyUpdate` function to prevent users from deleting tokens while the application is in demo mode. This was added to protect the application's state during presentations or demos.

Add Docker setup for production environment. 6bf2bc793b

Update README with project specifics. e72dc03589

The README file has been updated to provide specific details about the current project.

kor-elf merged commit 5ea5d4d0ba into main

2023-12-08 21:18:23 +06:00

kor-elf referenced this issue from a commit

2023-12-08 21:18:24 +06:00

Merge pull request 'Version 0.7.0' (#1) from develop into main

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: kor-elf/service-captcha#1