RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/handlers/handler_firstfactor.go

113 lines
3.8 KiB
Go
Raw Normal View History

Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
package handlers
import (
"fmt"
"time"
Rename org from clems4ever to authelia Also fix references from config.yml to configuration.yml
2019-12-24 02:14:52 +00:00
"github.com/authelia/authelia/internal/authentication"
"github.com/authelia/authelia/internal/middlewares"
"github.com/authelia/authelia/internal/regulation"
"github.com/authelia/authelia/internal/session"
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
)
// FirstFactorPost is the handler performing the first factory.
func FirstFactorPost(ctx *middlewares.AutheliaCtx) {
bodyJSON := firstFactorRequestBody{}
err := ctx.ParseBody(&bodyJSON)
if err != nil {
ctx.Error(err, authenticationFailedMessage)
return
}
bannedUntil, err := ctx.Providers.Regulator.Regulate(bodyJSON.Username)
Fix and parallelize integration tests.
2019-11-30 16:49:52 +00:00
if err != nil {
if err == regulation.ErrUserIsBanned {
ctx.Error(fmt.Errorf("User %s is banned until %s", bodyJSON.Username, bannedUntil), userBannedMessage)
return
}
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
ctx.Error(fmt.Errorf("Unable to regulate authentication: %s", err), authenticationFailedMessage)
return
}
userPasswordOk, err := ctx.Providers.UserProvider.CheckUserPassword(bodyJSON.Username, bodyJSON.Password)
if err != nil {
Rewrite and fix remaining suites in Go.
2019-11-24 20:27:59 +00:00
ctx.Logger.Debugf("Mark authentication attempt made by user %s", bodyJSON.Username)
ctx.Providers.Regulator.Mark(bodyJSON.Username, false)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
ctx.Error(fmt.Errorf("Error while checking password for user %s: %s", bodyJSON.Username, err.Error()), authenticationFailedMessage)
return
}
if !userPasswordOk {
Fix and parallelize integration tests.
2019-11-30 16:49:52 +00:00
ctx.Logger.Debugf("Mark authentication attempt made by user %s", bodyJSON.Username)
ctx.Providers.Regulator.Mark(bodyJSON.Username, false)
Add support for PostgreSQL.
2019-11-16 19:50:58 +00:00
ctx.ReplyError(fmt.Errorf("Credentials are wrong for user %s", bodyJSON.Username), authenticationFailedMessage)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
return
}
ctx.Logger.Debugf("Credentials validation of user %s is ok", bodyJSON.Username)
Fix unit tests.
2019-11-30 14:33:45 +00:00
ctx.Logger.Debugf("Mark authentication attempt made by user %s", bodyJSON.Username)
err = ctx.Providers.Regulator.Mark(bodyJSON.Username, true)
if err != nil {
ctx.Error(fmt.Errorf("Unable to mark authentication: %s", err), authenticationFailedMessage)
return
}
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
// Reset all values from previous session before regenerating the cookie.
err = ctx.SaveSession(session.NewDefaultUserSession())
if err != nil {
ctx.Error(fmt.Errorf("Unable to reset the session for user %s: %s", bodyJSON.Username, err), authenticationFailedMessage)
return
}
err = ctx.Providers.SessionProvider.RegenerateSession(ctx.RequestCtx)
if err != nil {
ctx.Error(fmt.Errorf("Unable to regenerate session for user %s: %s", bodyJSON.Username, err), authenticationFailedMessage)
return
}
Fixes Remember Me functionality - Adjust the remember me duration to 1 year - Fixes #552
2020-01-17 02:36:18 +00:00
// set the cookie to expire in 1 year if "Remember me" was ticked.
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
if *bodyJSON.KeepMeLoggedIn {
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-02-01 12:54:50 +00:00
err = ctx.Providers.SessionProvider.UpdateExpiration(ctx.RequestCtx, time.Duration(31556952*time.Second))
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
if err != nil {
ctx.Error(fmt.Errorf("Unable to update expiration timer for user %s: %s", bodyJSON.Username, err), authenticationFailedMessage)
return
}
}
// Get the details of the given user from the user provider.
userDetails, err := ctx.Providers.UserProvider.GetDetails(bodyJSON.Username)
if err != nil {
ctx.Error(fmt.Errorf("Error while retrieving details from user %s: %s", bodyJSON.Username, err.Error()), authenticationFailedMessage)
return
}
Add support for PostgreSQL.
2019-11-16 19:50:58 +00:00
ctx.Logger.Tracef("Details for user %s => groups: %s, emails %s", bodyJSON.Username, userDetails.Groups, userDetails.Emails)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
// And set those information in the new session.
userSession := ctx.GetSession()
userSession.Username = bodyJSON.Username
userSession.Groups = userDetails.Groups
userSession.Emails = userDetails.Emails
userSession.AuthenticationLevel = authentication.OneFactor
userSession.LastActivity = time.Now().Unix()
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled.
2020-01-17 22:48:48 +00:00
userSession.KeepMeLoggedIn = *bodyJSON.KeepMeLoggedIn
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
err = ctx.SaveSession(userSession)
if err != nil {
ctx.Error(fmt.Errorf("Unable to save session of user %s", bodyJSON.Username), authenticationFailedMessage)
return
}
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure
2020-02-04 21:18:02 +00:00
Handle1FAResponse(ctx, bodyJSON.TargetURL, userSession.Username, userSession.Groups)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
}