juliomotol / filament-password-confirmation
Prompt users to re-enter their password before performing sensitive actions.
Fund package maintenance!
juliomotol
Installs: 1 667
Dependents: 0
Suggesters: 0
Security: 0
Stars: 8
Watchers: 1
Forks: 2
Open Issues: 0
Requires
- php: ^8.1
- filament/filament: ^3.0
- spatie/laravel-package-tools: ^1.15.0
Requires (Dev)
- laravel/pint: ^1.0
- nunomaduro/collision: ^7.9
- nunomaduro/larastan: ^2.0.1
- orchestra/testbench: ^8.0
- pestphp/pest: ^2.1
- pestphp/pest-plugin-arch: ^2.0
- pestphp/pest-plugin-laravel: ^2.0
- phpstan/extension-installer: ^1.1
- phpstan/phpstan-deprecation-rules: ^1.0
- phpstan/phpstan-phpunit: ^1.0
README
Simplifies adding a secure password confirmation step to your admin panels.
- Prompts users to re-enter their password before performing sensitive actions.
- Increases security by preventing accidental or unauthorized actions due to long session times.
- Easy to integrate and highly configurable.
Installation
You can install the package via composer:
composer require juliomotol/filament-password-confirmation
Then add the plugin to your panel.
JulioMotol\FilamentPasswordConfirmation\FilamentPasswordConfirmationPlugin; public function panel(Panel $panel): Panel { return $panel ->plugin(FilamentPasswordConfirmationPlugin::make()); }
You can configure the route name, uri, middleware and password timeout duration.
FilamentPasswordConfirmationPlugin::make() ->routeName('confirm') ->routeUri('auth/confirm') ->routeMiddleware(FooMiddleware::class) // Accepts string|array ->passwordTimeout(10800) // Accepts int|null that represents the amount of seconds
Optionally, you can publish the translations and views using.
php artisan vendor:publish --tag="filament-password-confirmation-translations" php artisan vendor:publish --tag="filament-password-confirmation-views"
Usage
Simply use RequiresPasswordConfirmation in your pages/resources.
use JulioMotol\FilamentPasswordConfirmation\RequiresPasswordConfirmation; class AdminResource extends Resource { use RequiresPasswordConfirmation; ... }
You can configure the password confirmation timeout within your page/resource.
use JulioMotol\FilamentPasswordConfirmation\RequiresPasswordConfirmation; class AdminResource extends Resource { use RequiresPasswordConfirmation; protected static ?int $passwordTimeout = 360; // the amount of seconds ... }
NOTE: The password timeout duration is determined in the following order until it encounters a non-null value.
$passwordTimeoutproperty in the page/resourcepasswordTimeout()configured in the plugin during registryauth.password_timeoutconfig assigned inconfig/auth.php
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.