From f5636adc162eac858f44b38e2867c7265729f20f Mon Sep 17 00:00:00 2001 From: smokephil Date: Sun, 9 Jun 2024 22:35:15 +0200 Subject: [PATCH] (Grav GitSync) Automatic Commit from smokephil --- pages/01.home/04._programm/text.md | 6 +++--- plugins/admin/CHANGELOG.md | 6 ++++++ plugins/admin/blueprints.yaml | 4 ++-- .../plugin/Controllers/Login/LoginController.php | 10 +++++++++- plugins/login/CHANGELOG.md | 6 ++++++ plugins/login/blueprints.yaml | 2 +- plugins/login/login.yaml | 1 + 7 files changed, 28 insertions(+), 7 deletions(-) diff --git a/pages/01.home/04._programm/text.md b/pages/01.home/04._programm/text.md index b1d60ce..ecc3288 100644 --- a/pages/01.home/04._programm/text.md +++ b/pages/01.home/04._programm/text.md @@ -24,7 +24,7 @@ publish_date: '01-06-2024 00:00'

11.00 Uhr

-

Begrüßung und Organisatorisches

+

Singen und Begrüßen

12.00 Uhr

@@ -36,7 +36,7 @@ publish_date: '01-06-2024 00:00'

Nachmittagsprogramm

16.30 Uhr

-

Gruppenaktion

+

Lasst Euch überraschen

18.00 Uhr

diff --git a/plugins/admin/CHANGELOG.md b/plugins/admin/CHANGELOG.md index 9eee9ce..aa512b8 100644 --- a/plugins/admin/CHANGELOG.md +++ b/plugins/admin/CHANGELOG.md @@ -1,3 +1,9 @@ +# v1.10.46 +## 05/15/2024 + +1. [](#improved) + * Used Login's new `site_host` security setting for Admin password reset. Requires Login version `3.7.8+` + # v1.10.45 ## 03/18/2024 diff --git a/plugins/admin/blueprints.yaml b/plugins/admin/blueprints.yaml index 6550b78..e47bbf1 100644 --- a/plugins/admin/blueprints.yaml +++ b/plugins/admin/blueprints.yaml @@ -1,7 +1,7 @@ name: Admin Panel slug: admin type: plugin -version: 1.10.45 +version: 1.10.46 description: Adds an advanced administration panel to manage your site icon: empire author: @@ -17,7 +17,7 @@ license: MIT dependencies: - { name: grav, version: '>=1.7.42' } - { name: form, version: '>=6.0.1' } - - { name: login, version: '>=3.7.0' } + - { name: login, version: '>=3.7.8' } - { name: email, version: '>=3.1.6' } - { name: flex-objects, version: '>=1.2.0' } diff --git a/plugins/admin/classes/plugin/Controllers/Login/LoginController.php b/plugins/admin/classes/plugin/Controllers/Login/LoginController.php index fceaec0..871162f 100644 --- a/plugins/admin/classes/plugin/Controllers/Login/LoginController.php +++ b/plugins/admin/classes/plugin/Controllers/Login/LoginController.php @@ -469,7 +469,15 @@ class LoginController extends AdminController $fullname = $user->fullname ?: $username; $author = $config->get('site.author.name', ''); $sitename = $config->get('site.title', 'Website'); - $reset_link = $this->getAbsoluteAdminUrl("/reset/u/{$username}/{$token}"); + $reset_route = "/reset/u/{$username}/{$token}"; + + $site_host = $config->get('plugins.login.site_host'); + if (!empty($site_host)) { + $admin = $this->getAdmin(); + $reset_link = rtrim($site_host, '/') . '/' . trim($admin->base, '/') . '/' . ltrim($reset_route, '/'); + } else { + $reset_link = $this->getAbsoluteAdminUrl($reset_route); + } // For testing only! //Admin::DEBUG && Admin::addDebugMessage(sprintf('Reset link: %s', $reset_link)); diff --git a/plugins/login/CHANGELOG.md b/plugins/login/CHANGELOG.md index b027b92..ceb523a 100644 --- a/plugins/login/CHANGELOG.md +++ b/plugins/login/CHANGELOG.md @@ -1,3 +1,9 @@ +# v3.7.9 +## 05/15/2024 + +1. [](#improved) + * Added default `site_host:` entry to `login.yaml` configuration file + # v3.7.8.1 ## 04/19/2024 diff --git a/plugins/login/blueprints.yaml b/plugins/login/blueprints.yaml index 477d6b6..4702e04 100644 --- a/plugins/login/blueprints.yaml +++ b/plugins/login/blueprints.yaml @@ -1,7 +1,7 @@ name: Login slug: login type: plugin -version: 3.7.8.1 +version: 3.7.9 testing: false description: Enables user authentication and login screen. icon: sign-in diff --git a/plugins/login/login.yaml b/plugins/login/login.yaml index 8f546c4..eefd4ce 100644 --- a/plugins/login/login.yaml +++ b/plugins/login/login.yaml @@ -4,6 +4,7 @@ redirect_to_login: false # If you try to access a page you do redirect_after_login: false # Path to redirect to after a successful login redirect_after_logout: true # Path to redirect to after a successful logout session_user_sync: false # Sync session user with changes in stored user file +site_host: # Site host to use for email links. Enhances security by ensuring links are to the correct host (e.g. https://foo.com) route: '/login' # Specific route for Login page (default is '/login') route_after_login: '/' # Route to go to after login if enabled