374724a7a3
- pragmarx/google2fa@^9.0 для TOTP RFC 6238.
- AuthController::login изменён: при totp_enabled=true НЕ делает Auth::login,
сохраняет auth.pending_user_id+pending_remember в session, возвращает
requires_2fa=true. /me=401 пока 2FA не пройдена.
- AuthController::verifyTwoFactor: читает pending_user_id, верифицирует TOTP
через Google2FA::verifyKey($secret, $code, window: 1) (окно ±1 = 30s).
Success → Auth::login + regenerate + clear pending + last_login_at.
- VerifyTwoFactorRequest: regex /^\d{6}$/.
- /api/auth/2fa/verify публичный (нет session-auth до verify).
Frontend:
- auth-store::login: при requires_2fa=true user остаётся null (иначе
isAuthenticated=true и guard пустит на /dashboard минуя 2FA).
- auth-store::verifyTwoFactor action.
- api/auth.ts::verifyTwoFactor(code).
- TwoFactorView: onMounted redirect на /login если нет pending state;
submit → verify → /dashboard; на error - clear code + focus first cell.
userEmail из auth.user?.email.
Pest +6 (всего 67/67 за 6.97s, 194 assertions): login для 2FA НЕ создаёт
session + verify success/неверный код/без login/валидация формата +
после verify /me=200.
Vitest +3 (всего 142/142 за 10.75s): login pending vs success state +
verifyTwoFactor success/reject. TwoFactorView spec получил setActivePinia
+ requires2fa=true для bypass onMounted-redirect.
PHPStan baseline +26 Pest TestCall warnings (накопительно).
Регресс: pint+stan passed; vitest 142/142; vite build 908ms;
story:build 21/28 за 31.28s; Pest 67/67 за 6.97s.
CLAUDE.md v1.33->v1.34, реестр Открытых_вопросов v1.42->v1.43.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
102 lines
3.4 KiB
JSON
102 lines
3.4 KiB
JSON
{
|
|
"$schema": "https://getcomposer.org/schema.json",
|
|
"name": "laravel/laravel",
|
|
"type": "project",
|
|
"description": "The skeleton application for the Laravel framework.",
|
|
"keywords": ["laravel", "framework"],
|
|
"license": "MIT",
|
|
"require": {
|
|
"php": "^8.3",
|
|
"laravel/framework": "^13.7",
|
|
"laravel/sanctum": "^4.3",
|
|
"laravel/tinker": "^3.0",
|
|
"pragmarx/google2fa": "^9.0",
|
|
"predis/predis": "^3.4"
|
|
},
|
|
"require-dev": {
|
|
"barryvdh/laravel-ide-helper": "*",
|
|
"fakerphp/faker": "^1.23",
|
|
"larastan/larastan": "*",
|
|
"laravel/boost": "^2.4",
|
|
"laravel/pail": "^1.2.5",
|
|
"laravel/pao": "^1.0.6",
|
|
"laravel/pint": "^1.29",
|
|
"mockery/mockery": "^1.6",
|
|
"nunomaduro/collision": "^8.6",
|
|
"pestphp/pest": "^4.7",
|
|
"pestphp/pest-plugin-laravel": "^4.1",
|
|
"roave/security-advisories": "dev-latest"
|
|
},
|
|
"autoload": {
|
|
"psr-4": {
|
|
"App\\": "app/",
|
|
"Database\\Factories\\": "database/factories/",
|
|
"Database\\Seeders\\": "database/seeders/"
|
|
}
|
|
},
|
|
"autoload-dev": {
|
|
"psr-4": {
|
|
"Tests\\": "tests/"
|
|
}
|
|
},
|
|
"scripts": {
|
|
"setup": [
|
|
"composer install",
|
|
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\"",
|
|
"@php artisan key:generate",
|
|
"@php artisan migrate --force",
|
|
"npm install --ignore-scripts",
|
|
"npm run build"
|
|
],
|
|
"dev": [
|
|
"Composer\\Config::disableProcessTimeout",
|
|
"npx concurrently -c \"#93c5fd,#c4b5fd,#fb7185,#fdba74\" \"php artisan serve\" \"php artisan queue:listen --tries=1 --timeout=0\" \"php artisan pail --timeout=0\" \"npm run dev\" --names=server,queue,logs,vite --kill-others"
|
|
],
|
|
"test": [
|
|
"@php artisan config:clear --ansi @no_additional_args",
|
|
"@php artisan test"
|
|
],
|
|
"pint": "@php vendor/bin/pint",
|
|
"pint:test": "@php vendor/bin/pint --test",
|
|
"stan": "@php vendor/bin/phpstan analyse --memory-limit=512M",
|
|
"ide-helper": [
|
|
"@php artisan ide-helper:generate",
|
|
"@php artisan ide-helper:meta"
|
|
],
|
|
"post-autoload-dump": [
|
|
"Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
|
|
"@php artisan package:discover --ansi"
|
|
],
|
|
"post-update-cmd": [
|
|
"@php artisan vendor:publish --tag=laravel-assets --ansi --force"
|
|
],
|
|
"post-root-package-install": [
|
|
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
|
|
],
|
|
"post-create-project-cmd": [
|
|
"@php artisan key:generate --ansi",
|
|
"@php -r \"file_exists('database/database.sqlite') || touch('database/database.sqlite');\"",
|
|
"@php artisan migrate --graceful --ansi"
|
|
],
|
|
"pre-package-uninstall": [
|
|
"Illuminate\\Foundation\\ComposerScripts::prePackageUninstall"
|
|
]
|
|
},
|
|
"extra": {
|
|
"laravel": {
|
|
"dont-discover": []
|
|
}
|
|
},
|
|
"config": {
|
|
"optimize-autoloader": true,
|
|
"preferred-install": "dist",
|
|
"sort-packages": true,
|
|
"allow-plugins": {
|
|
"pestphp/pest-plugin": true,
|
|
"php-http/discovery": true
|
|
}
|
|
},
|
|
"minimum-stability": "stable",
|
|
"prefer-stable": true
|
|
}
|