搜索move-elevator / me-backend-security
TYPO3后端的高级安全
Requires
- php: ^8.0
- typo3/cms-core: ^11.5
Requires (Dev)
- friendsofphp/php-cs-fixer: ^3.2
- mockery/mockery: ^1.0
- phpstan/phpstan: ^1.0
- phpunit/phpunit: ^8.0
- typo3/minimal: ^11.5
README
一个扩展,用于指定安全密码规则并强制后端用户在密码超过定义的限制后更改密码。
在扩展设置中,您可以定义
- 最小大写字母数量
- 最小小写字母数量
- 最小数字数量
- 最小特殊字符数量
- 密码最小长度
- 密码必须更改前的最大天数
如果后端用户登录且需要更改密码,用户将被注销并重定向到舒适的密码更改表单。更改密码后,用户将自动登录并可以在后端开始工作。
当用户尝试在后端用户设置中更改密码时,也将检查密码规则。
从扩展 ig_ldap_sso_auth 导入的用户将被忽略。
安装和用法
- 通过composer进行基本安装
composer req "move-elevator/me-backend-security":"^3.0"
- 在TYPO3后端修改扩展设置
- 更安全 :)
检查
在项目根目录中运行每个命令。
执行PHPUnit测试
composer phpunit
执行PHPCS检查
composer phpcs
修复PHPCS问题
composer phpcs:fix
执行PHPSTAN检查
composer phpstan
执行所有质量检查
composer php:validate
联系方式
更新日志
2023-07-31 - Ronny Hauptvogel rh@move-elevator.de
Release 3.0.3
---
Bugfix: Fix backend user generation handling via TYPO3 backend
2023-06-04 - Ronny Hauptvogel rh@move-elevator.de
Release 3.0.2
---
Bugfix: Fix extension dependency constraints
Bugfix: Fix MFA authentication loop
Feature: Update password reset login form template
2022-06-22 - Ronny Hauptvogel rh@move-elevator.de
Release 3.0.1
---
Bugfix: Fix FrontendBackendUserAuthentication issue which will break third-party extension ext_localconf.php files
2022-05-19 - Ronny Hauptvogel rh@move-elevator.de
Release 3.0.0
---
Feature: Add TYPO3 11 compatibility
Feature: PHP 8.0/ 8.1 compatibility
Feature: Drop TYPO3 9 and 10 support
2021-12-30 - Ronny Hauptvogel rh@move-elevator.de
Release 2.0.7
---
Feature: Add password validation rules to password reset form
2021-07-19 - Ronny Hauptvogel rh@move-elevator.de
Release 2.0.6
---
Bugfix: Fix broken language keys
2021-04-23 - Ronny Hauptvogel rh@move-elevator.de
Release 2.0.5
---
Feature: Add .gitattributes file
Feature: Add composer extension key
Bugfix: Add proper type casting for hooks
2020-12-17 - Ronny Hauptvogel rh@move-elevator.de
Release 2.0.4
---
Feature: Add typo3/cms-rsaauth as conflict
2020-12-09 - Ronny Hauptvogel rh@move-elevator.de
Release 2.0.3
---
Bugfix: Update PHP version constraint to include newer PHP7 versions
2020-11-06 - Ronny Hauptvogel rh@move-elevator.de
Release 2.0.2
---
Feature: TYPO3 10 compatibility
Feature: Allow new special characters to validator
Bugfix: Invalid password length with german umlauts
2019-05-03 - Philipp Heckelt phe@move-elevator.de
Release 2.0.1
---
Bugfix: PHP7 typehints for hooks
2019-04-08 - Philipp Heckelt phe@move-elevator.de
Release 2.0.0
---
Feature: TYPO3v9 compatibility
2018-08-06 - Philipp Heckelt phe@move-elevator.de
Release 1.1.4
---
Bugfix: Fix detection of existing accounts
2018-02-01 - Philipp Heckelt phe@move-elevator.de
Release 1.1.3
---
Bugfix: Validate that the old and new password are not the same in the user settings
Bugfix: Existing accounts no longer must change their password immediately after activating the extension
Feature: Allow new special characters to validator
2018-01-18 - Philipp Heckelt phe@move-elevator.de
Release 1.1.2
---
Bugfix: Fix redirect on non-ssl websites if password change is required
2018-01-10 - Philipp Heckelt phe@move-elevator.de
Release 1.1.1
---
Bugfix: Fix hook exception in frontend mode on active backend user login
2017-12-22 - Philipp Heckelt phe@move-elevator.de
Release 1.1.0
---
Feature: Optimized validator error messages
Feature: Validator for same passwords
Feature: Different Message for first password change
2017-12-04 - Philipp Heckelt phe@move-elevator.de
Release 1.0.4
---
Feature: Use internal database connection for TYPOv8 compatibility, remove database connection factory
2017-12-08 - Philipp Heckelt phe@move-elevator.de
Release 1.0.3
---
Bugfix: Optional port in database configuration
2017-12-08 - Philipp Heckelt phe@move-elevator.de
Release 1.0.2
---
Bugfix: Language service
2017-12-08 - Philipp Heckelt phe@move-elevator.de
Release 1.0.1
---
Bugfix: Extension configuration
2017-12-04 - Philipp Heckelt phe@move-elevator.de
Release 1.0.0
路线图
- 类似“admin”的用户名黑名单