288ee1a258
Cleaned up the code a bit, also checks TOTP before attemping to verify user. This addresses the potential for an attacker to try at a password and/or confirm that the password is correct unless they have a valid TOTP code for the request. A failed TOTP response will trigger a throttle count on the login as well.
26 lines
1 KiB
PHP
26 lines
1 KiB
PHP
<?php
|
|
|
|
return [
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Authentication Language Lines
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The following language lines are used during authentication for various
|
|
| messages that we need to display to the user. You are free to modify
|
|
| these language lines according to your application's requirements.
|
|
|
|
|
*/
|
|
|
|
'failed' => 'These credentials do not match our records.',
|
|
'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
|
|
'errorencountered' => 'There was an error encountered while attempting to process this request.',
|
|
'resetpassword' => 'Reset Password',
|
|
'confirmpassword' => 'Confirm Password',
|
|
'sendlink' => 'Send Password Reset Link',
|
|
'emailsent' => 'Your password reset email is on its way.',
|
|
'remeberme' => 'Remeber Me',
|
|
'totp_failed' => 'The TOTP token provided was invalid. Please ensure that the token generated by your device was valid.'
|
|
|
|
];
|