diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 520a60791..1781e8651 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -13,5 +13,6 @@ jobs: - uses: actions/setup-python@v4 with: python-version: 3.x - - run: pip install mkdocs-material + - run: pip3 install mkdocs-material + - run: pip3 install mkdocs-git-revision-date-localized-plugin - run: mkdocs gh-deploy --force diff --git a/docs/addons/jwt.md b/docs/addons/jwt.md index c2af69ad4..09f0ac1c6 100644 --- a/docs/addons/jwt.md +++ b/docs/addons/jwt.md @@ -1,7 +1,8 @@ # JWT Authentication -> **Note** -> Shield now supports only JWS (Singed JWT). JWE (Encrypted JWT) is not supported. +!!! note + + Shield now supports only JWS (Singed JWT). JWE (Encrypted JWT) is not supported. ## What is JWT? @@ -87,9 +88,10 @@ Configure **app/Config/AuthJWT.php** for your needs. ### Set the Default Claims -> **Note** -> A payload contains the actual data being transmitted, such as user ID, role, -> or expiration time. Items in a payload is called *claims*. +!!! note + + A payload contains the actual data being transmitted, such as user ID, role, + or expiration time. Items in a payload is called *claims*. Set the default payload items to the property `$defaultClaims`. @@ -121,8 +123,9 @@ with the following command: php -r 'echo base64_encode(random_bytes(32));' ``` -> **Note** -> The secret key is used for signing and validating tokens. +!!! note + + The secret key is used for signing and validating tokens. ## Issuing JWTs @@ -231,7 +234,7 @@ class LoginController extends BaseController You could send a request with the existing user's credentials by curl like this: -```console +```curl curl --location 'http://localhost:8080/auth/jwt' \ --header 'Content-Type: application/json' \ --data-raw '{"email" : "admin@example.jp" , "password" : "passw0rd!"}' @@ -242,7 +245,7 @@ the `Authorization` header as a `Bearer` token. You could send a request with the `Authorization` header by curl like this: -```console +```curl curl --location --request GET 'http://localhost:8080/api/users' \ --header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJTaGllbGQgVGVzdCBBcHAiLCJzdWIiOiIxIiwiaWF0IjoxNjgxODA1OTMwLCJleHAiOjE2ODE4MDk1MzB9.DGpOmRPOBe45whVtEOSt53qJTw_CpH0V8oMoI_gm2XI' ``` diff --git a/docs/assets/css/dark_mode.css b/docs/assets/css/dark_mode.css index 108ef5263..8bc72d6a8 100644 --- a/docs/assets/css/dark_mode.css +++ b/docs/assets/css/dark_mode.css @@ -42,4 +42,33 @@ .hljs-subst { color: #ddba52 } + + .md-typeset .note > .admonition-title, + .md-typeset .note > summary { + background-color: #0000001a; + } + + .md-typeset .admonition.note, + .md-typeset details.note { + border-color: #675647; + } + + .md-typeset .note > .admonition-title:before, + .md-typeset .note > summary:before { + background-color: #65686d; + -webkit-mask-image: var(--md-admonition-icon--note); + mask-image: var(--md-admonition-icon--note); + } + + .md-typeset .admonition.warning, + .md-typeset details.warning { + border-color: #776144; + } + + .md-typeset .warning > .admonition-title:before, + .md-typeset .warning > summary:before { + background-color: #d9913bc2; + -webkit-mask-image: var(--md-admonition-icon--warning); + mask-image: var(--md-admonition-icon--warning); + } } diff --git a/docs/assets/js/curl.min.js b/docs/assets/js/curl.min.js new file mode 100644 index 000000000..924af722a --- /dev/null +++ b/docs/assets/js/curl.min.js @@ -0,0 +1,14 @@ +/*! `curl` grammar compiled for Highlight.js 11.3.1 */ +(()=>{var e=(()=>{"use strict";return e=>{const n={className:"string",begin:/"/, +end:/"/,contains:[e.BACKSLASH_ESCAPE,{className:"variable",begin:/\$\(/, +end:/\)/,contains:[e.BACKSLASH_ESCAPE]}],relevance:0},a={className:"number", +variants:[{begin:e.C_NUMBER_RE}],relevance:0};return{name:"curl", +aliases:["curl"],keywords:"curl",case_insensitive:!0,contains:[{ +className:"literal",begin:/(--request|-X)\s/,contains:[{className:"symbol", +begin:/(get|post|delete|options|head|put|patch|trace|connect)/,end:/\s/, +returnEnd:!0}],returnEnd:!0,relevance:10},{className:"literal",begin:/--/, +end:/[\s"]/,returnEnd:!0,relevance:0},{className:"literal",begin:/-\w/, +end:/[\s"]/,returnEnd:!0,relevance:0},n,{className:"string",begin:/\\"/, +relevance:0},{className:"string",begin:/'/,end:/'/,relevance:0 +},e.APOS_STRING_MODE,e.QUOTE_STRING_MODE,a,{match:/(\/[a-z._-]+)+/}]}}})() +;hljs.registerLanguage("curl",e)})(); \ No newline at end of file diff --git a/docs/customization/login_identifier.md b/docs/customization/login_identifier.md index 2239d3ad8..aa51d4b4d 100644 --- a/docs/customization/login_identifier.md +++ b/docs/customization/login_identifier.md @@ -21,8 +21,9 @@ This only works with the Session authenticator. 'employee_id' ]; ``` - > **Warning** - > It is very important for security that if you add a new column for identifier, you must write a new **Validation Rules** and then set it using the [Customizing Validation Rules](./validation_rules.md) description. + !!! warning + + It is very important for security that if you add a new column for identifier, you must write a new **Validation Rules** and then set it using the [Customizing Validation Rules](./validation_rules.md) description. 3. Edit the login form to change the name of the default `email` input to the new field name. diff --git a/docs/customization/table_names.md b/docs/customization/table_names.md index 03eca1c98..daad7d7f8 100644 --- a/docs/customization/table_names.md +++ b/docs/customization/table_names.md @@ -17,5 +17,6 @@ public array $tables = [ Set the table names that you want in the array values. -> **Note** -> You must change the table names before running database migrations. +!!! note + + You must change the table names before running database migrations. diff --git a/docs/customization/validation_rules.md b/docs/customization/validation_rules.md index 1eec89fe7..7e9a7afdc 100644 --- a/docs/customization/validation_rules.md +++ b/docs/customization/validation_rules.md @@ -39,83 +39,82 @@ Shield has the following rules for registration by default: ]; ``` -> **Note** -> If you customize the table names, the table names -> (`users` and `auth_identities`) in the above rules will be automatically -> changed. The rules are implemented in -> `RegisterController::getValidationRules()`. +!!! note + + If you customize the table names, the table names(`users` and `auth_identities`) in the above rules will be automatically changed. + The rules are implemented in `RegisterController::getValidationRules()`. If you need a different set of rules for registration, you can specify them in your `Validation` configuration (**app/Config/Validation.php**) like: ```php - //-------------------------------------------------------------------- - // Rules For Registration - //-------------------------------------------------------------------- - public $registration = [ - 'username' => [ - 'label' => 'Auth.username', - 'rules' => [ - 'required', - 'max_length[30]', - 'min_length[3]', - 'regex_match[/\A[a-zA-Z0-9\.]+\z/]', - 'is_unique[users.username]', - ], - ], - 'email' => [ - 'label' => 'Auth.email', - 'rules' => [ - 'required', - 'max_length[254]', - 'valid_email', - 'is_unique[auth_identities.secret]', - ], - ], - 'password' => [ - 'label' => 'Auth.password', - 'rules' => 'required|max_byte[72]|strong_password[]', - 'errors' => [ - 'max_byte' => 'Auth.errorPasswordTooLongBytes' - ] +//-------------------------------------------------------------------- +// Rules For Registration +//-------------------------------------------------------------------- +public $registration = [ + 'username' => [ + 'label' => 'Auth.username', + 'rules' => [ + 'required', + 'max_length[30]', + 'min_length[3]', + 'regex_match[/\A[a-zA-Z0-9\.]+\z/]', + 'is_unique[users.username]', ], - 'password_confirm' => [ - 'label' => 'Auth.passwordConfirm', - 'rules' => 'required|matches[password]', + ], + 'email' => [ + 'label' => 'Auth.email', + 'rules' => [ + 'required', + 'max_length[254]', + 'valid_email', + 'is_unique[auth_identities.secret]', ], - ]; + ], + 'password' => [ + 'label' => 'Auth.password', + 'rules' => 'required|max_byte[72]|strong_password[]', + 'errors' => [ + 'max_byte' => 'Auth.errorPasswordTooLongBytes' + ] + ], + 'password_confirm' => [ + 'label' => 'Auth.passwordConfirm', + 'rules' => 'required|matches[password]', + ], +]; ``` -> **Note** -> If you customize the table names, set the correct table names in the -> rules. +!!! note + + If you customize the table names, set the correct table names in the rules. ## Login Similar to the process for validation rules in the **Registration** section, you can add rules for the login form to **app/Config/Validation.php** and change the rules. ```php - //-------------------------------------------------------------------- - // Rules For Login - //-------------------------------------------------------------------- - public $login = [ - // 'username' => [ - // 'label' => 'Auth.username', - // 'rules' => 'required|max_length[30]|min_length[3]|regex_match[/\A[a-zA-Z0-9\.]+\z/]', - // ], - 'email' => [ - 'label' => 'Auth.email', - 'rules' => [ - 'required', - 'max_length[254]', - 'valid_email' - ], - ], - 'password' => [ - 'label' => 'Auth.password', - 'rules' => 'required|max_byte[72]', - 'errors' => [ - 'max_byte' => 'Auth.errorPasswordTooLongBytes', - ] +//-------------------------------------------------------------------- +// Rules For Login +//-------------------------------------------------------------------- +public $login = [ + // 'username' => [ + // 'label' => 'Auth.username', + // 'rules' => 'required|max_length[30]|min_length[3]|regex_match[/\A[a-zA-Z0-9\.]+\z/]', + // ], + 'email' => [ + 'label' => 'Auth.email', + 'rules' => [ + 'required', + 'max_length[254]', + 'valid_email' ], - ]; + ], + 'password' => [ + 'label' => 'Auth.password', + 'rules' => 'required|max_byte[72]', + 'errors' => [ + 'max_byte' => 'Auth.errorPasswordTooLongBytes', + ] + ], +]; ``` diff --git a/docs/getting_started/concepts.md b/docs/getting_started/concepts.md index 58d4641c9..04ad6db9f 100644 --- a/docs/getting_started/concepts.md +++ b/docs/getting_started/concepts.md @@ -80,14 +80,13 @@ public $passwordValidators = [ You use `strong_password` rule for password validation explained above. -> **Note** -> The `strong_password` rule only supports use cases to check the user's own password. -> It fetches the authenticated user's data for **NothingPersonalValidator** -> if the visitor is authenticated. -> -> If you want to have use cases that set and check another user's password, -> you can't use `strong_password`. You need to use `service('passwords')` directly -> to check the password. -> -> But remember, it is not good practice to set passwords for other users. -> This is because the password should be known only by that user. +!!! note + + The `strong_password` rule only supports use cases to check the user's own password. + It fetches the authenticated user's data for **NothingPersonalValidator** + if the visitor is authenticated. + If you want to have use cases that set and check another user's password, + you can't use `strong_password`. You need to use `service('passwords')` directly + to check the password. + But remember, it is not good practice to set passwords for other users. + This is because the password should be known only by that user. diff --git a/docs/getting_started/install.md b/docs/getting_started/install.md index 8a23656b0..cc37f52fb 100644 --- a/docs/getting_started/install.md +++ b/docs/getting_started/install.md @@ -62,10 +62,10 @@ Require it with an explicit version constraint allowing its desired stability. php spark shield:setup ``` - > **Note** - > If you want to customize table names, you must change the table names - > before running database migrations. - > See [Customizing Table Names](../customization/table_names.md). + !!! note + + If you want to customize table names, you must change the table names before running database migrations. + See [Customizing Table Names](../customization/table_names.md). 2. Configure **app/Config/Email.php** to allow Shield to send emails with the [Email Class](https://codeigniter.com/user_guide/libraries/email.html). @@ -140,10 +140,10 @@ your project. 5. **Migration** Run the migrations. - > **Note** - > If you want to customize table names, you must change the table names - > before running database migrations. - > See [Customizing Table Names](../customization/table_names.md). + !!! note + + If you want to customize table names, you must change the table names before running database migrations. + See [Customizing Table Names](../customization/table_names.md). ```console php spark migrate --all diff --git a/docs/guides/api_hmac_keys.md b/docs/guides/api_hmac_keys.md index d324378e7..f64825d0b 100644 --- a/docs/guides/api_hmac_keys.md +++ b/docs/guides/api_hmac_keys.md @@ -1,16 +1,18 @@ # Protecting an API with HMAC Keys -> **Note** -> For the purpose of this documentation and to maintain a level of consistency with the Authorization Tokens, +!!! note + + For the purpose of this documentation and to maintain a level of consistency with the Authorization Tokens, the term "Token" will be used to represent a set of API Keys (key and secretKey). HMAC Keys can be used to authenticate users for your own site, or when allowing third-party developers to access your API. When making requests using HMAC keys, the token should be included in the `Authorization` header as an `HMAC-SHA256` token. -> **Note** -> By default, `$authenticatorHeader['hmac']` is set to `Authorization`. You can change this value by -> setting the `$authenticatorHeader['hmac']` value in the **app/Config/AuthToken.php** config file. +!!! note + + By default, `$authenticatorHeader['hmac']` is set to `Authorization`. You can change this value by + setting the `$authenticatorHeader['hmac']` value in the **app/Config/AuthToken.php** config file. Tokens are issued with the `generateHmacToken()` method on the user. This returns a `CodeIgniter\Shield\Entities\AccessToken` instance. These shared keys are saved to the database in plain text. The @@ -63,9 +65,10 @@ $token = $user->generateHmacToken('token-name', ['users-read']); return json_encode(['key' => $token->secret, 'secretKey' => $token->secret2]); ``` -> **Note** -> At this time, scope names should avoid using a colon (`:`) as this causes issues with the route filters being -> correctly recognized. +!!! note + + At this time, scope names should avoid using a colon (`:`) as this causes issues with the route filters being + correctly recognized. When handling incoming requests you can check if the token has been granted access to the scope with the `hmacTokenCan()` method. @@ -111,5 +114,6 @@ parses the raw token and looks it up the `key` portion in the database. Once fou to validate the remainder of the Authorization raw token. If it passes the signature test it can determine the correct user, which will then be available through an `auth()->user()` call. -> **Note** -> Currently only a single scope can be used on a route filter. If multiple scopes are passed in, only the first one is checked. +!!! note + + Currently only a single scope can be used on a route filter. If multiple scopes are passed in, only the first one is checked. diff --git a/docs/guides/api_tokens.md b/docs/guides/api_tokens.md index c3d6cc0f8..64dbd48c3 100644 --- a/docs/guides/api_tokens.md +++ b/docs/guides/api_tokens.md @@ -2,8 +2,9 @@ Access Tokens can be used to authenticate users for your own site, or when allowing third-party developers to access your API. When making requests using access tokens, the token should be included in the `Authorization` header as a `Bearer` token. -> **Note** -> By default, `$authenticatorHeader['tokens']` is set to `Authorization`. You can change this value by setting the `$authenticatorHeader['tokens']` value in the **app/Config/AuthToken.php** config file. +!!! note + + By default, `$authenticatorHeader['tokens']` is set to `Authorization`. You can change this value by setting the `$authenticatorHeader['tokens']` value in the **app/Config/AuthToken.php** config file. Tokens are issued with the `generateAccessToken()` method on the user. This returns a `CodeIgniter\Shield\Entities\AccessToken` instance. Tokens are hashed using a SHA-256 algorithm before being saved to the database. The access token returned when you generate it will include a `raw_token` field that contains the plain-text, un-hashed, token. You should display this to your user at once so they have a chance to copy it somewhere safe, as this is the only time this will be available. After this request, there is no way to get the raw token. @@ -34,8 +35,9 @@ Access tokens can be given `scopes`, which are basically permission strings, for return $user->generateAccessToken('token-name', ['users-read'])->raw_token; ``` -> **Note** -> At this time, scope names should avoid using a colon (`:`) as this causes issues with the route filters being correctly recognized. +!!! note + + At this time, scope names should avoid using a colon (`:`) as this causes issues with the route filters being correctly recognized. When handling incoming requests you can check if the token has been granted access to the scope with the `tokenCan()` method. @@ -77,5 +79,6 @@ $routes->get('users', 'UserController::list', ['filter' => 'tokens:users-read']) When the filter runs, it checks the `Authorization` header for a `Bearer` value that has the raw token. It then hashes the raw token and looks it up in the database. Once found, it can determine the correct user, which will then be available through an `auth()->user()` call. -> **Note** -> Currently only a single scope can be used on a route filter. If multiple scopes are passed in, only the first one is checked. +!!! note + + Currently only a single scope can be used on a route filter. If multiple scopes are passed in, only the first one is checked. diff --git a/docs/guides/mobile_apps.md b/docs/guides/mobile_apps.md index 6698527f5..c974bf496 100644 --- a/docs/guides/mobile_apps.md +++ b/docs/guides/mobile_apps.md @@ -68,8 +68,7 @@ class LoginController extends BaseController When making all future requests to the API, the mobile client should return the raw token in the `Authorization` header as a `Bearer` token. -> **Note** -> -> By default, `$authenticatorHeader['tokens']` is set to `Authorization`. You can change the header name by setting the `$authenticatorHeader['tokens']` value in the **app/Config/AuthToken.php** config file. -> -> e.g. if `$authenticatorHeader['tokens']` is set to `PersonalAccessCodes` then the mobile client should return the raw token in the `PersonalAccessCodes` header as a `Bearer` token. +!!! note + + By default, `$authenticatorHeader['tokens']` is set to `Authorization`. You can change the header name by setting the `$authenticatorHeader['tokens']` value in the **app/Config/AuthToken.php** config file. + e.g. if `$authenticatorHeader['tokens']` is set to `PersonalAccessCodes` then the mobile client should return the raw token in the `PersonalAccessCodes` header as a `Bearer` token. diff --git a/docs/guides/strengthen_password.md b/docs/guides/strengthen_password.md index 6fad8ea5c..fbf6dc9a0 100644 --- a/docs/guides/strengthen_password.md +++ b/docs/guides/strengthen_password.md @@ -15,13 +15,12 @@ It is the recommended minimum value by NIST. However, some organizations recomme The longer the password, the stronger it is. Consider increasing the value. -> **Note** -> -> This checking works when you validate passwords with the `strong_password[]` -> validation rule. -> -> If you disable `CompositionValidator` (enabled by default) in `$passwordValidators`, -> this checking will not work. +!!! note + + This checking works when you validate passwords with the `strong_password[]` + validation rule. + If you disable `CompositionValidator` (enabled by default) in `$passwordValidators`, + this checking will not work. ## Password Hashing Algorithm @@ -117,6 +116,6 @@ setting for using passwords stored in older versions of Shield that were [vulner This setting is deprecated. If you have this setting set to `true`, you should change it to `false` as soon as possible, and remove old hashed password in your database. -> **Note** -> -> This setting will be removed in v1.0.0 official release. +!!! note + + This setting will be removed in v1.0.0 official release. diff --git a/docs/quick_start_guide/using_authorization.md b/docs/quick_start_guide/using_authorization.md index c4d6d9f3a..36bd918e0 100644 --- a/docs/quick_start_guide/using_authorization.md +++ b/docs/quick_start_guide/using_authorization.md @@ -79,8 +79,9 @@ if (! auth()->user()->can('users.create')) { } ``` -> **Note** -> The example above can also be done through a [controller filter](https://codeigniter.com/user_guide/incoming/filters.html) if you want to apply it to multiple pages of your site. +!!! note + + The example above can also be done through a [controller filter](https://codeigniter.com/user_guide/incoming/filters.html) if you want to apply it to multiple pages of your site. ## Adding a Group To a User diff --git a/docs/quick_start_guide/using_session_auth.md b/docs/quick_start_guide/using_session_auth.md index 76086a855..645d2a1b2 100644 --- a/docs/quick_start_guide/using_session_auth.md +++ b/docs/quick_start_guide/using_session_auth.md @@ -4,8 +4,9 @@ Learning any new authentication system can be difficult, especially as they get more flexible and sophisticated. This guide is intended to provide short examples for common actions you'll take when working with Shield. It is not intended to be the exhaustive documentation for each section. That's better handled through the area-specific doc files. -> **Note** -> The examples assume that you have run the setup script and that you have copies of the `Auth` and `AuthGroups` config files in your application's **app/Config** folder. +!!! note + + The examples assume that you have run the setup script and that you have copies of the `Auth` and `AuthGroups` config files in your application's **app/Config** folder. ## Configuration @@ -24,8 +25,9 @@ public array $redirects = [ ]; ``` -> **Note** -> This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. +!!! note + + This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. ### Configure Remember-me Functionality @@ -42,8 +44,9 @@ public array $sessionConfig = [ ### Enable Account Activation via Email -> **Note** -> You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](../getting_started/install.md#initial-setup). +!!! note + + You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](../getting_started/install.md#initial-setup). By default, once a user registers they have an active account that can be used. You can enable Shield's built-in, email-based activation flow within the `Auth` config file. @@ -56,8 +59,9 @@ public array $actions = [ ### Enable Two-Factor Authentication -> **Note** -> You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](../getting_started/install.md#initial-setup). +!!! note + + You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](../getting_started/install.md#initial-setup). Turned off by default, Shield's Email-based 2FA can be enabled by specifying the class to use in the `Auth` config file. diff --git a/docs/references/authentication/authentication.md b/docs/references/authentication/authentication.md index 69174d75c..1ade0ffed 100644 --- a/docs/references/authentication/authentication.md +++ b/docs/references/authentication/authentication.md @@ -46,9 +46,10 @@ user_id(); auth()->getProvider(); ``` -> **Note** -> The `auth_helper` is autoloaded by Composer. If you want to *override* the functions, -> you need to define them in **app/Common.php**. +!!! note + + The `auth_helper` is autoloaded by Composer. If you want to *override* the functions, + you need to define them in **app/Common.php**. ## Authenticator Responses diff --git a/docs/references/authentication/hmac.md b/docs/references/authentication/hmac.md index b581e0a1c..c8c504453 100644 --- a/docs/references/authentication/hmac.md +++ b/docs/references/authentication/hmac.md @@ -10,9 +10,10 @@ with their email/password. The application would create a new access token for t name, like John's iPhone 12, and return it to the mobile application, where it is stored and used in all future requests. -> **Note** -> For the purpose of this documentation, and to maintain a level of consistency with the Authorization Tokens, -> the term "Token" will be used to represent a set of API Keys (key and secretKey). +!!! note + + For the purpose of this documentation, and to maintain a level of consistency with the Authorization Tokens, + the term "Token" will be used to represent a set of API Keys (key and secretKey). ## Usage diff --git a/docs/references/authorization.md b/docs/references/authorization.md index e43d89146..81c1e6a14 100644 --- a/docs/references/authorization.md +++ b/docs/references/authorization.md @@ -56,8 +56,9 @@ public array $permissions = [ In order to grant any permissions to a group, they must have the permission assigned to the group, within the `AuthGroups` config file, under the `$matrix` property. -> **Note** -> This defines **group-level permissons**. +!!! note + + This defines **group-level permissons**. The matrix is an associative array with the group name as the key, and an array of permissions that should be applied to that group. @@ -121,10 +122,11 @@ if (! $user->hasPermission('users.create')) { } ``` -> **Note** -> This method checks only **user-level permissions**, and does not check -> group-level permissions. If you want to check if the user can do something, -> use the `$user->can()` method instead. +!!! note + + This method checks only **user-level permissions**, and does not check + group-level permissions. If you want to check if the user can do something, + use the `$user->can()` method instead. #### Authorizing via Routes @@ -151,9 +153,10 @@ $routes->group('admin', ['filter' => 'group:admin,superadmin'], static function Note that the options (`filter`) passed to the outer `group()` are not merged with the inner `group()` options. -> **Note** -> If you set more than one filter to a route, you need to enable -> [Multiple Filters](https://codeigniter.com/user_guide/incoming/routing.html#multiple-filters). +!!! note + + If you set more than one filter to a route, you need to enable + [Multiple Filters](https://codeigniter.com/user_guide/incoming/routing.html#multiple-filters). ## Managing User Permissions @@ -195,8 +198,9 @@ Returns all **user-level** permissions this user has assigned directly to them. $user->getPermissions(); ``` -> **Note** -> This method does not return **group-level permissions**. +!!! note + + This method does not return **group-level permissions**. ## Managing User Groups @@ -249,8 +253,9 @@ if ($user->isActivated()) { } ``` -> **Note** -> If no activator is specified in the `Auth` config file, `actions['register']` property, then this will always return `true`. +!!! note + + If no activator is specified in the `Auth` config file, `actions['register']` property, then this will always return `true`. You can check if a user has not been activated yet via the `isNotActivated()` method. diff --git a/docs/references/controller_filters.md b/docs/references/controller_filters.md index e10adc888..88dfe4c1a 100644 --- a/docs/references/controller_filters.md +++ b/docs/references/controller_filters.md @@ -2,8 +2,9 @@ ## Provided Filters -> **Note** -> These filters are already loaded for you by the [registrar](https://codeigniter.com/user_guide/general/configuration.html#registrars) class located at **src/Config/Registrar.php**. +!!! note + + These filters are already loaded for you by the [registrar](https://codeigniter.com/user_guide/general/configuration.html#registrars) class located at **src/Config/Registrar.php**. The [Controller Filters](https://codeigniter.com/user_guide/incoming/filters.html) you can use to protect your routes Shield provides are: @@ -83,8 +84,9 @@ public $globals = [ ``` In the example above, it is assumed that the page you have created for users to change their password after successful login is **change-password**. -> **Note** -> If you have grouped or changed the default format of the routes, ensure that your code matches the new format(s) in the **app/Config/Filter.php** file. +!!! note + + If you have grouped or changed the default format of the routes, ensure that your code matches the new format(s) in the **app/Config/Filter.php** file. For example, if you configured your routes like so: diff --git a/docs/references/magic_link_login.md b/docs/references/magic_link_login.md index 361c7aa38..942f08aa8 100644 --- a/docs/references/magic_link_login.md +++ b/docs/references/magic_link_login.md @@ -25,8 +25,9 @@ public int $magicLinkLifetime = HOUR; ## Responding to Magic Link Logins -> **Note** -> You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](../getting_started/install.md#initial-setup). +!!! note + + You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](../getting_started/install.md#initial-setup). Magic Link logins allow a user that has forgotten their password to have an email sent with a unique, one-time login link. Once they've logged in you can decide how to respond. In some cases, you might want to redirect them to a special page where they must choose a new password. In other cases, you might simply want to display a one-time message prompting them to go to their account page and choose a new password. diff --git a/docs/user_management/managing_users.md b/docs/user_management/managing_users.md index 57f67c32d..834670ac4 100644 --- a/docs/user_management/managing_users.md +++ b/docs/user_management/managing_users.md @@ -39,8 +39,9 @@ $users = auth()->getProvider(); $users->delete($user->id, true); ``` -> **Note** -> The User rows use [soft deletes](https://codeigniter.com/user_guide/models/model.html#usesoftdeletes) so they are not actually deleted from the database unless the second parameter is `true`, like above. +!!! note + + The User rows use [soft deletes](https://codeigniter.com/user_guide/models/model.html#usesoftdeletes) so they are not actually deleted from the database unless the second parameter is `true`, like above. ### Editing a User diff --git a/mkdocs.yml b/mkdocs.yml index 98e3cc197..ed02dc125 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -64,15 +64,22 @@ markdown_extensions: - pymdownx.superfences - pymdownx.highlight: use_pygments: false + - admonition + - pymdownx.details extra_css: - - https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.6.0/build/styles/github.min.css + - https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.8.0/build/styles/default.min.css - assets/css/dark_mode.css extra_javascript: - - https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.6.0/build/highlight.min.js + - https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.8.0/build/highlight.min.js - assets/js/hljs.js + - assets/js/curl.min.js +plugins: + - search + - git-revision-date-localized: + enable_creation_date: true nav: - Home: index.md - Getting Started: