Commit Graph

185 Commits (30e8746686b03174d06bc2d6b7f748a0e574f818)

Author SHA1 Message Date
allcontributors[bot] a6ebf4ad4c
docs: add lavih as a contributor (#1913)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-04-14 20:08:53 +10:00
James Elliott 08e674b62f
docs: refactor several areas of documentation (#1726)
Updated all links to use https://www.authelia.com/docs/.
Removed all comment sections from documented configuration on the documentation site and replaced them with their own sections.
Made all documentation inside config.template.yml double hashes, and made all commented configuration sections single quoted.
Added .yamllint.yaml to express our desired YAML styles.
Added a style guide.
Refactored many documentation areas to be 120 char widths where possible. It's by no means exhaustive but is a large start.
Added a statelessness guide for the pending Kubernetes chart introduction.
Added labels to configuration documentation and made many areas uniform.
2021-04-11 21:25:03 +10:00
allcontributors[bot] 2a74e8cdcf
docs: add wuhanstudio as a contributor (#1903)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-04-11 07:13:00 +10:00
allcontributors[bot] d43d477265
docs: add craSH as a contributor (#1820)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-13 09:39:40 +11:00
allcontributors[bot] ac329c53e3
docs: add mardom1 as a contributor (#1804)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-03-11 12:15:31 +11:00
allcontributors[bot] 8191ca2330
docs: add dchidell as a contributor (#1803)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-03-11 12:13:22 +11:00
allcontributors[bot] 28922c762b
docs: add except as a contributor (#1802)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-11 12:11:09 +11:00
James Elliott c310049faa
refactor(authentication): use crypto constant time compare (#1800)
* refactor(authentication): use crypto constant time compare

Improve security with usage of the crypto/subtle ConstantTimeCompare() method for hash comparison.

Fixes #1799

* docs: add explicit labels for chat types
2021-03-11 12:08:49 +11:00
allcontributors[bot] 2f4724e7f9
docs: add ThinkChaos as a contributor (#1761)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-02-24 10:39:37 +11:00
Amir Zarrinkafsh 8c79e6beca
ci(buildkite): utilise conventional-changelog for release notes (#1714)
Instead of generating our changelog based on crude modifications utilising git log we now utilise conventional-changelog.

conventional-changelog utilises the angular commit structure to categorise and display the changelog for 3 types (fix,feat,perf) and each of the change scopes are identified in the changelog too.

An example of the output for v4.26.0 can be found below:

# [4.26.0](https://github.com/authelia/authelia/compare/v4.25.2...v4.26.0) (2021-02-02)

### Bug Fixes

* **handlers:** refresh user details on all domains ([#1642](https://github.com/authelia/authelia/issues/1642)) ([60ff16b](60ff16b518))

### Docker Container
* `docker pull authelia/authelia:4.26.0`
2021-02-12 14:00:36 +11:00
allcontributors[bot] 1733762f68
docs: add knnnrd as a contributor (#1703)
* docs: update README.md [skip ci]
* docs: update .all-contributorsrc [skip ci]

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-05 14:41:39 +11:00
allcontributors[bot] b963e3c9a0
docs: add laurivosandi as a contributor (#1702)
* docs: update README.md [skip ci]
* docs: update .all-contributorsrc [skip ci]

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-05 14:37:34 +11:00
allcontributors[bot] eec6a626af
docs: add TheCatLady as a contributor (#1701)
* docs: update README.md [skip ci]
* docs: update .all-contributorsrc [skip ci]
* fix skipCi option

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-05 14:30:44 +11:00
Amir Zarrinkafsh e091032279
docs: update contribution guidelines (#1666)
* docs: update contribution guidelines

* add release commit message type

* update none/empty scope definition

* add go mod tidy post update option
2021-01-30 19:29:07 +11:00
Amir Zarrinkafsh 87af0d3112
[DOCS] Update contributors (#1623)
This change also modifies the contributors to introduce [All Contributors](https://allcontributors.org/).
2021-01-22 14:24:25 +11:00
Andrew Kliskey 6b719ea226
[DOCS] Specify docker tag for readme badges (#1593)
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-01-13 12:48:57 +11:00
Amir Zarrinkafsh e5504fa918
[MISC] Add Buildkite logo to badge (#1554) 2020-12-22 12:29:50 +11:00
Amir Zarrinkafsh 52e6435896
[DOCS] Add Discord badge to README.md (#1542)
* [DOCS] Add Discord badge to README.md

* add to contact section

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-16 12:08:51 +11:00
Clément Michaud ea879dc83d
[DOCS] Add a section explaining why Authelia is open source (#1134)
* [DOCS] Add a section explaining why Authelia is open source.

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>

* Move the Why Open Source? section.
2020-06-21 00:37:47 +10:00
Clément Michaud 6f96e4b119
[DOCS] Add FreeBSD Port as deployment option in README (#1133)
* [DOCS] Add FreeBSD Port as deployment option in README.

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-21 00:22:15 +10:00
fossabot fdb7edb054
[MISC] Add license scan report and status (#1064)
* Add license scan report and status

Signed off by: fossabot <badges@fossa.com>

* Update README.md

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-02 10:09:31 +10:00
Clément Michaud d6bea97a93
[DOCS] Add a roadmap section to the documentation. (#1062)
* [DOCS] Add a roadmap section to the documentation.

Adding the roadmap will likely help people figure out what are the next big
topics that might be missing for them to take the leap and use Authelia.
Maybe some users are also waiting for a feature to unlock some use cases.

* Apply suggestions from code review

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-06-01 16:55:58 +10:00
James Elliott 3f374534ab
[FEATURE] Automatic Profile Refresh - LDAP (#912)
* [FIX] LDAP Not Checking for Updated Groups

* refactor handlers verifyFromSessionCookie
* refactor authorizer selectMatchingObjectRules
* refactor authorizer isDomainMatching
* add authorizer URLHasGroupSubjects method
* add user provider ProviderType method
* update tests
* check for new LDAP groups and update session when:
  * user provider type is LDAP
  * authorization is forbidden
  * URL has rule with group subjects

* Implement Refresh Interval

* add default values for LDAP user provider
* add default for refresh interval
* add schema validator for refresh interval
* add various tests
* rename hasUserBeenInactiveLongEnough to hasUserBeenInactiveTooLong
* use Authelia ctx clock
* add check to determine if user is deleted, if so destroy the
* make ldap user not found error a const
* implement GetRefreshSettings in mock

* Use user not found const with FileProvider
* comment exports

* use ctx.Clock instead of time pkg

* add debug logging

* use ptr to reference userSession so we don't have to retrieve it again

* add documenation
* add check for 0 refresh interval to reduce CPU cost
* remove badly copied debug msg

* add group change delta message

* add SliceStringDelta
* refactor ldap refresh to use the new func

* improve delta add/remove log message

* fix incorrect logic in SliceStringDelta
* add tests to SliceStringDelta

* add always config option
* add tests for always config option
* update docs

* apply suggestions from code review

Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>

* complete mocks and fix an old one
* show warning when LDAP details failed to update for an unknown reason

* golint fix

* actually fix existing mocks

* use mocks for LDAP refresh testing

* use mocks for LDAP refresh testing for both added and removed groups

* use test mock to verify disabled refresh behaviour
* add information to threat model
* add time const for default Unix() value

* misc adjustments to mocks

* Suggestions from code review

* requested changes
* update emails
* docs updates
* test updates
* misc

* golint fix

* set debug for dev testing

* misc docs and logging updates

* misc grammar/spelling

* use built function for VerifyGet

* fix reviewdog suggestions

* requested changes

* Apply suggestions from code review

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-04 21:39:25 +02:00
James Elliott e95c6a294d
[HOTFIX] Prevent Username Enumeration (#950)
* [HOTFIX] Prevent Username Enumeration

* thanks to TheHllm for identifying the bug: https://github.com/TheHllm
* temporarily prevents username enumeration with file auth
* proper calculated and very slightly random fix to come

* closely replicate behaviour

* allow error to bubble up

* Synchronize security documentation.

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-02 00:32:09 +02:00
Clément Michaud f92480b44b
[DOCS] Add SECURITY.md and update README.md. (#906)
* Add SECURITY.md and update README.md.

* Align README.md and SECURITY.md with the security documentation.
2020-04-24 10:29:30 +10:00
Amir Zarrinkafsh 9eb9d107f1
[DEPRECATE] Remove migration tools from latest version of Authelia (#894)
* [DEPRECATE] Remove migration tools from latest version of Authelia
Also update references to point to container version 4.14.2 for any of the migration examples.

* [DOCS] Remove v4 release statement in README.md
2020-04-22 13:55:30 +10:00
jess aae665eff2
[MISC] Activating Open Collective (#601)
* Added financial contributors to the README

* Update README.md

* Update README.md

* Add logos to README.md

* Update README.md

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-09 00:10:33 +02:00
Amir Zarrinkafsh a71ca1903d
[RELEASE] v4.11.0 (#810) 2020-04-01 10:53:48 +11:00
Amir Zarrinkafsh 5fc3b26cf5
[RELEASE] v4.10.0 (#799) 2020-03-31 12:04:22 +11:00
Amir Zarrinkafsh 6f116202f4
[RELEASE] v4.9.1 (#790) 2020-03-28 19:53:03 +11:00
Amir Zarrinkafsh 85cd75ffdf
[DOCS] Minor tweaks for compose bundles (#786) 2020-03-27 11:51:16 +11:00
Amir Zarrinkafsh e843a52a04
[Docker] Include docker-compose.yml examples to run Authelia (#642)
* [Docker] Create Lite docker-compose.yml example

* [Docker] Update README.md with 3 compose bundles {Local,Lite,Full}

* [DOCS] Update Traefik2 proxy example

* [Docker] Create Local docker-compose.yml example

* [MISC] Update examples to utilise Traefik 2.2
This change enables global http -> https redirection.

* [Docker] Update Local compose to utilise loopback address

* [Docker] Drop compose version to 3.3 to cater for more distros

* [DOCS] Adjust Getting Started

* [Docker] Tweak Local bundle setup for OSX

* [Docker] Optimise setup.sh for Local bundle

* [Docker] Fix read-only mounting of user database

* [DOCS] Implement feedback for compose bundles

* [DOCS] Provide feedback on self-signed certificates

* [DOCS] Implement additional feedback for compose bundles

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-03-27 10:43:10 +11:00
James Elliott c366233152
[RELEASE] v4.9.0 (#780) 2020-03-25 13:24:12 +11:00
Clément Michaud 8dc1f898d8
[RELEASE] v4.8.0 (#765) 2020-03-21 15:22:49 +01:00
Amir Zarrinkafsh 4f95865d56
[RELEASE] v4.7.2 (#714) 2020-03-16 20:32:06 +11:00
Amir Zarrinkafsh 7145ccc228
[RELEASE] v4.7.1 (#712) 2020-03-15 23:41:56 +11:00
Amir Zarrinkafsh c575fda619
[RELEASE] v4.7.0 (#708) 2020-03-15 19:07:02 +11:00
Clément Michaud aea1728afc
[RELEASE] v4.6.0 (#688) 2020-03-06 22:26:25 +01:00
James Elliott c358ccca51
[RELEASE] v4.5.1 (#672) 2020-03-01 12:51:26 +11:00
Clément Michaud b5a9e0f047
[DOCS] Update links in README to reference docs.authelia.com. (#667)
* [DOCS] Update links in README to reference docs.authelia.com.

* Move report section of security to the top level page.

* Fix ordering of sub-pages of 2FA feature.
2020-03-01 00:27:23 +01:00
Amir Zarrinkafsh ac313ac89b
[DOCS] Update from Microbadger to shields.io docker badges (#666) 2020-03-01 00:12:23 +11:00
Clément Michaud 70866825c4
[DOCS] Add pointer to the documentation in README. (#663) 2020-02-29 23:22:43 +11:00
Clément Michaud 7102b258a1
[RELEASE] v4.5.0 (#657) 2020-02-28 01:23:53 +01:00
Amir Zarrinkafsh fc526bc927
[RELEASE] 4.4.0 2020-02-19 10:01:34 +11:00
Amir Zarrinkafsh f1a89de2e7
[MISC] Restructure repo folder layout (#628) 2020-02-09 18:04:27 +01:00
Clément Michaud c2c4d9da79
Add a goreport card badge (#627) 2020-02-07 17:59:12 +01:00
Clement Michaud 9b99420ca0 4.3.0 2020-02-05 09:51:36 +01:00
Clément Michaud 426b29c382
[MISC] Add a CONTRIBUTING.md to the project. (#604) 2020-02-01 22:05:43 +11:00
Amir Zarrinkafsh e646323555 [MISC] Fix AUR badge links in README.md 2020-01-28 10:06:03 +11:00
Amir Zarrinkafsh 107126929b Update README.md with AUR references and remove CHANGELOG.md (#576)
* Update README.md
Provide badges and references to the AUR for Arch Linux Authelia packages.
Closes #571 #572.

* Add systemd unit file
Include the unit in future release artifacts.

* Remove CHANGELOG.md
As of future releases Changelog details will dynamically be generated.

* Update README.md
Add badge for authelia-git package.

* Update Changelog to only publish explicit Docker tag
Do not include Major and Minor versions, as these will change over time.
2020-01-24 10:21:17 +01:00
Amir Zarrinkafsh 1059551133
Optimise deploy artifacts step (#564)
* Optimise deploy artifacts step
authelia-scripts is not required to publish GitHub artifacts as we utilise [Hub](https://hub.github.com/), this should save ~10 seconds in this step.

* Specify release number in pipeline

* Change buildkite and github published artifacts back to gzip

* Update README.md
2020-01-20 10:53:55 +11:00
Clement Michaud aafd8fdbd8 Add a sponsorship badge and section to README. 2020-01-19 22:55:37 +01:00
Clement Michaud 99830d95f6 Add a section on vulnerability reporting under security in README. 2020-01-19 22:55:37 +01:00
Clément Michaud 6054addfcc
Update README.md 2020-01-19 00:31:08 +01:00
Amir Zarrinkafsh 68919a3b4e Update README.md
Remove Gitter badge and add Matrix badge, a Matrix <-> Gitter bridge exists to allow communication across the two channels.
2020-01-19 10:28:29 +11:00
Amir Zarrinkafsh 1f684dbc75 Update README.md 2020-01-18 11:17:25 +11:00
Clément Michaud bb24cf16f7
Update README.md 2020-01-18 00:41:29 +01:00
Amir Zarrinkafsh 9b8be0fef0 Remove Travis and promote Buildkite (#545)
* Remove Travis and promote Buildkite

* Add Docker Size badge to README.md

* Call MicroBadger webhook to update metadata for shields

Add updateMicroBadger function and refactor publishDockerReadme to be called explicitly instead of on every deployManifest call.
2020-01-16 21:57:44 +01:00
Amir Zarrinkafsh 6cd79d0c4b Update README.md for HAProxy references 2020-01-10 11:41:01 +01:00
Amir Zarrinkafsh fabb76754e
Rename org from clems4ever to authelia
Also fix references from config.yml to configuration.yml
2019-12-24 13:14:52 +11:00
Clement Michaud f6d2029e2c Introduce architecture schema in the README. 2019-12-10 12:27:42 +01:00
Clement Michaud d4e236bc66 Update README to announce v4 has been released. 2019-12-09 13:03:12 +01:00
Clément Michaud 778f069013
Update README.md 2019-12-07 14:39:21 +01:00
Clement Michaud 61c1365ba2 Update README and documentation to close refactoring. 2019-12-05 23:20:12 +01:00
Clément Michaud cdb87522f4
Fix typo in Readme 2019-12-05 11:10:02 +01:00
Clément Michaud 31cf6980cb
Remove reference to package.json 2019-12-05 11:07:28 +01:00
Clément Michaud 02971ff52c
Update README.md 2019-11-20 18:49:37 +01:00
Clement Michaud eafd9330dc Update documentation to introduce migration scripts. 2019-11-19 00:11:53 +01:00
Amir Zarrinkafsh 51465f8b77 Sync README.md from GitHub to DockerHub after push-manifest 2019-11-10 11:51:24 +01:00
Clément Michaud 0f248a01e9
Update README.md 2019-11-09 12:43:45 +01:00
Clement Michaud b1d59dcec4 Add documentation on Authelia v4 in README and add a migration document. 2019-10-29 00:40:45 +01:00
Clément Michaud eee8c59562
Remove reference to CONTRIBUTORS.md in readme. 2019-10-19 18:34:14 +02:00
Clément Michaud 8478216e5d
Update README.md 2019-04-25 13:36:14 +02:00
Clement Michaud 5a195f7ebd Update README to mention nginx and Traefik and update images. 2019-04-17 23:06:56 +02:00
Clément Michaud e0dab01442
Update README.md 2019-04-17 00:28:31 +02:00
Clement Michaud 743b84aeaa Change license from MIT to Apache 2.0. 2019-04-16 23:40:15 +02:00
Clement Michaud ab8402314b Add a link to the breaking changes markdown in README. 2019-04-16 22:58:45 +02:00
Clement Michaud 8a76b5118d Add network criteria in ACLs to specify policy based on network subnet. 2019-03-31 20:11:07 +02:00
Clément Michaud c2810101a4
Update README.md 2019-03-25 09:04:58 +01:00
Clement Michaud 4eaafb7115 Update the documentation to include information on Duo. 2019-03-24 18:45:32 +01:00
Clement Michaud 76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud de15dc52dd Add details on how to deploy Authelia in a dev environment.
Also improve some part of the documentation.
2018-11-16 15:30:26 +01:00
Clement Michaud 82e51e1a71 Improve CONTRIBUTE section of the README. 2018-11-15 22:47:27 +01:00
Clement Michaud fac17671ee Fix broken link to getting-started in README.md 2018-11-03 13:29:06 +01:00
Clement Michaud 6efa6241d3 Fix image in README.md 2018-08-30 11:33:55 +02:00
Clement Michaud 03c6a4072b Add snyk badge. 2018-08-30 11:26:13 +02:00
Clément Michaud 878add767f Update and rename CONTRIBUTORS.md to CONTRIBUTING.md.
Update README.md to reference this new file.
2018-08-29 00:28:20 +02:00
Clement Michaud 91032a1d3c Add back gitter link instead of Slack. 2018-08-28 21:04:57 +02:00
Clement Michaud 5e4c401efe Add Paypal donation buttons in README. 2018-08-27 22:51:41 +02:00
Clément Michaud a515ce83c7
Refactor README into several documents unders docs directory. (#265) 2018-08-26 23:46:15 +02:00
Clement Michaud d55a7101f1 Update README to mention kubernetes in the description
Also add a link to the wiki.
2018-05-02 22:12:33 +02:00
Clement Michaud 185419e09e Update README to reference kubernetes deployment documentation 2018-04-25 08:51:43 +02:00
Clement Michaud 6586402114 Support 'redirect' in /api/verify endpoint to support Traefik
Traefik handles auth forwarding but does not manage redirections like Nginx.
Therefore, Authelia must redirect the user and Traefik will forward this
request.

To support both Nginx and Traefik, /api/verify is now configurable with the
'redirect' get parameter. If the verification fails and 'redirect' is not
provided the response will be a 401 error as before.
If the parameter is provided and set to any URL, the response will be a
redirection (302) to this URL.
2017-12-04 22:52:33 +01:00
Clement Michaud a8974a9d8e Change domain from test.local to example.com
Warning: you will need to update your /etc/hosts to take this change into
account for the example environment to work.
2017-11-03 00:20:10 +01:00
Clement Michaud 009e7c2b78 Add basic authorization support for single-factor protected endpoints
One can now access a service using the basic authorization mechanism. Note the
service must not be protected by 2 factors.

The Remote-User and Remote-Groups are forwarded from Authelia like any browser
authentication.
2017-11-01 19:38:05 +01:00
Clement Michaud 6d11801d56 Change the how-to to build Authelia in the README 2017-10-31 22:11:01 +01:00
Clement Michaud 22d56b1faa Change basicauth.test.local into single_factor.test.local 2017-10-31 07:27:36 +01:00
Clement Michaud a3560ef8d3 Add possible security measures in README 2017-10-31 07:27:36 +01:00
Clement Michaud cd0a93f027 Rename authentication method from 'basic_auth' to 'single_factor' 2017-10-31 07:27:36 +01:00
Clement Michaud 0b33982701 Add notes on security measures deployed in Authelia in README 2017-10-16 20:56:26 +02:00