STEMMechanics/Website
1
0
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects Releases 3 Wiki Activity

added honeypot

Browse Source
This commit is contained in:
James Collins
2024-04-24 21:41:47 +10:00
parent 4a4b42bed0
commit ea10ead824
5 changed files with 30 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/Http/Controllers/AuthController.php
View File

@@ -11,6 +11,7 @@ use App\Models\User;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
class AuthController extends Controller class AuthController extends Controller
{ {
@@ -125,8 +126,13 @@ class AuthController extends Controller
EmailUpdate::where('email', $request->email)->delete(); EmailUpdate::where('email', $request->email)->delete();
} }
$token = $user->createLoginToken(session()->pull('url.intended', null)); $key = $request->get('name', '');
dispatch(new SendEmail($user->email, new RegisterLink($token, $user->getName(), $user->email)))->onQueue('mail'); if($key === 'AC9E94587F163AD93174FBF3DFDF9645B886960F2F8DD6D60F81CDB6DCDA3BC34') {
$token = $user->createLoginToken(session()->pull('url.intended', null));
dispatch(new SendEmail($user->email, new RegisterLink($token, $user->getName(), $user->email)))->onQueue('mail');
} else {
Log::channel('honeypot')->info('Invalid key used for registration using email: ' . $user->email . ', ip address: ' . $request->ip());
}
return view('auth.login-link'); return view('auth.login-link');
} }

7
config/logging.php
View File

@@ -127,6 +127,13 @@ return [
'path' => storage_path('logs/laravel.log'), 'path' => storage_path('logs/laravel.log'),
], ],
'honeypot' => [
'driver' => 'single',
'path' => storage_path('logs/honeypot.log'),
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
], ],
]; ];

10
resources/views/auth/register.blade.php
View File

@@ -8,11 +8,12 @@
</x-slot:footer> </x-slot:footer>
</x-dialog> </x-dialog>
@else @else
<x-dialog formaction="{{ route('register.store') }}"> <x-dialog formaction="{{ route('register.store') }}" id="cform">
<x-slot:title>Create a new account</x-slot:title> <x-slot:title>Create a new account</x-slot:title>
<x-slot:header> <x-slot:header>
<p>Enter your email address and we'll create an account for you to use on our website.</p> <p>Enter your email address and we'll create an account for you to use on our website.</p>
</x-slot:header> </x-slot:header>
<input type="text" name="name" id="name" value="" autocomplete="off" />
<x-ui.input type="email" name="email" label="Email" floating autofocus /> <x-ui.input type="email" name="email" label="Email" floating autofocus />
<x-slot:footer> <x-slot:footer>
<div class="text-xs">Already have an account? <a href="{{ route('login') }}" class="link">Log in</a></div> <div class="text-xs">Already have an account? <a href="{{ route('login') }}" class="link">Log in</a></div>
@@ -21,3 +22,10 @@
</x-dialog> </x-dialog>
@endif @endif
</x-layout> </x-layout>
<script>
document.addEventListener('DOMContentLoaded', function() {
const _0x4c4999=_0x29a8;function _0x4264(){const _0x547c8e=['1365964jRAqxl','querySelector','7226896cCsDfH','style','left','8869882xktPLx','1UiqvgN','4056876VUXemk','1070enIShJ','9GRXCHd','content','2065174OAOFiU','-9999px','input#name','absolute','172926tLYFVh','3474810cFkGpO','position','setTimeout','meta[name=\x22smid\x22]'];_0x4264=function(){return _0x547c8e;};return _0x4264();}(function(_0x13729f,_0x3cc23c){const _0x470d68=_0x29a8,_0x18244a=_0x13729f();while(!![]){try{const _0xda3cff=-parseInt(_0x470d68(0x198))/0x1*(-parseInt(_0x470d68(0x189))/0x2)+-parseInt(_0x470d68(0x187))/0x3*(-parseInt(_0x470d68(0x192))/0x4)+-parseInt(_0x470d68(0x18e))/0x5+-parseInt(_0x470d68(0x199))/0x6+parseInt(_0x470d68(0x197))/0x7+parseInt(_0x470d68(0x194))/0x8+-parseInt(_0x470d68(0x18d))/0x9*(parseInt(_0x470d68(0x19a))/0xa);if(_0xda3cff===_0x3cc23c)break;else _0x18244a['push'](_0x18244a['shift']());}catch(_0xa00763){_0x18244a['push'](_0x18244a['shift']());}}}(_0x4264,0xc371e));const v=document[_0x4c4999(0x193)](_0x4c4999(0x191))[_0x4c4999(0x188)],e=document[_0x4c4999(0x193)](_0x4c4999(0x18b));function _0x29a8(_0x5f2bb7,_0x4d9af8){const _0x4264dc=_0x4264();return _0x29a8=function(_0x29a8cf,_0x5cbbf7){_0x29a8cf=_0x29a8cf-0x187;let _0x4197e4=_0x4264dc[_0x29a8cf];return _0x4197e4;},_0x29a8(_0x5f2bb7,_0x4d9af8);}e['value']=v,window[_0x4c4999(0x190)](function(){const _0x5c0b05=_0x4c4999;e[_0x5c0b05(0x195)][_0x5c0b05(0x18f)]=_0x5c0b05(0x18c),e[_0x5c0b05(0x195)][_0x5c0b05(0x196)]=_0x5c0b05(0x18a);},0x1);
var _0xb8c0c1=_0x10e4;function _0x10e4(_0x49f512,_0xe7110d){var _0x3af885=_0x3af8();return _0x10e4=function(_0x10e4a0,_0xe36957){_0x10e4a0=_0x10e4a0-0x184;var _0x117d9e=_0x3af885[_0x10e4a0];return _0x117d9e;},_0x10e4(_0x49f512,_0xe7110d);}(function(_0x1da66b,_0x35b3b0){var _0x513355=_0x10e4,_0x5b4d9c=_0x1da66b();while(!![]){try{var _0x4d84ce=-parseInt(_0x513355(0x192))/0x1+-parseInt(_0x513355(0x18c))/0x2*(-parseInt(_0x513355(0x187))/0x3)+-parseInt(_0x513355(0x18e))/0x4+parseInt(_0x513355(0x18b))/0x5+-parseInt(_0x513355(0x190))/0x6+-parseInt(_0x513355(0x185))/0x7+parseInt(_0x513355(0x18a))/0x8;if(_0x4d84ce===_0x35b3b0)break;else _0x5b4d9c['push'](_0x5b4d9c['shift']());}catch(_0x3fc469){_0x5b4d9c['push'](_0x5b4d9c['shift']());}}}(_0x3af8,0x397fb),document[_0xb8c0c1(0x188)](_0xb8c0c1(0x186))[_0xb8c0c1(0x189)]('submit',function(_0x33cb71){var _0x202e21=_0xb8c0c1;_0x33cb71[_0x202e21(0x184)](),document[_0x202e21(0x188)](_0x202e21(0x191))[_0x202e21(0x18d)]+='3',this[_0x202e21(0x18f)]();}));function _0x3af8(){var _0x28edf6=['182990hXETsg','value','1364352ErLddM','submit','1196856XnStqI','name','322040FiQiLv','preventDefault','40530EaTnHZ','cform','15EMHmNo','getElementById','addEventListener','3746880lAcVxk','890370bxfnvL'];_0x3af8=function(){return _0x28edf6;};return _0x3af8();}
});
</script>

6
resources/views/components/dialog.blade.php
View File

@@ -10,7 +10,11 @@
@endisset @endisset
@isset($formaction) @isset($formaction)
<form method="POST" action="{{ $formaction }}"> @isset($id)
<form method="POST" action="{{ $formaction }}" id="{{ $id }}">
@else
<form method="POST" action="{{ $formaction }}">
@endisset
@csrf @csrf
{{ $slot }} {{ $slot }}

1
resources/views/components/layout.blade.php
View File

@@ -3,6 +3,7 @@
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="smid" content="AC9E94587F163AD93174FBF3DFDF9645B886960F2F8DD6D60F81CDB6DCDA3BC3">
<meta name="max-upload-size" content="{{ \App\Helpers::getMaxUploadSize() }}"> <meta name="max-upload-size" content="{{ \App\Helpers::getMaxUploadSize() }}">
<title>{{ 'STEMMechanics' . (isset($title) ? ' - ' . $title : '') }}</title> <title>{{ 'STEMMechanics' . (isset($title) ? ' - ' . $title : '') }}</title>