Download the PHP package inventas/laravel-password-compliance without Composer
On this page you can find all versions of the php package inventas/laravel-password-compliance. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download inventas/laravel-password-compliance
More information about inventas/laravel-password-compliance
Files in inventas/laravel-password-compliance
Package laravel-password-compliance
Short Description Enforce password change for next login in a Laravel app.
License MIT
Homepage https://github.com/inventas/laravel-password-compliance
Informations about the package laravel-password-compliance
Laravel Password Compliance
Enforce forced password resets in your Laravel application.
This package lets you mark users as requiring a password change and redirect them to a dedicated change-password page using a middleware. It provides a small programmatic API, a convenient trait for your Authenticatable model, and a middleware alias you can attach to routes.
Installation
You can install the package via composer:
You can publish and run the migrations with:
You can publish the config file with:
This is the contents of the published config file:
Optionally, you can publish the views using
Overview
- Programmatic API to require a user to change their password.
- Middleware alias
password.compliancewhich redirects users that must change their password to a configured route or URL. - A trait
RequiresPasswordChangeyou can add to your Authenticatable model for convenience methods and relationship access.
Configuration
The published config file is config/password-compliance.php and contains a few options:
redirect_route— optional route name to redirect users to (recommended)redirect_url— fallback URL whenredirect_routeis not setexempt_routes— an array of route names which should be exempt from the middleware (useful for the change-password route itself)guard— optional guard name to check for the authenticated user
Example (config/password-compliance.php):
Usage
Trait
Add the trait to your User model:
This trait provides these convenience methods:
$user->requirePasswordChange($until = null, $reason = null)— mark the user as required to change their password until an optional time (passnullfor indefinite).$user->clearPasswordRequirement()— clear the requirement for the user.$user->isPasswordChangeRequired()— check whether the user currently must change their password.$user->passwordCompliance()— amorphOnerelation to the underlying database record.
Programmatic API / Facade
The package exposes a small service and a facade. Use the facade if you prefer a static-looking interface:
Middleware
The middleware alias password.compliance is registered by the package. Attach it to routes or route groups to ensure users who are required to change their password are redirected:
The middleware will:
- skip unauthenticated requests
- skip API/JSON requests by default (so APIs won't receive HTML redirects)
- skip routes listed in
exempt_routesin the config - redirect to the named route in
redirect_routeor toredirect_urlif the route is not set
Testing
The package includes Pest tests. Run them with:
Contributing
Contributions are very welcome. Please open issues or PRs. If you add functionality, include tests (Pest) and keep backwards compatibility where possible.
License
The package is open-sourced software licensed under the MIT license.
All versions of laravel-password-compliance with dependencies
spatie/laravel-package-tools Version ^1.16
illuminate/contracts Version ^11.0||^12.0||^13.0