Commit Graph

25 Commits (32fc420f21a2f56b859d721302083b7e6dab97a0)

Author SHA1 Message Date
Amir Zarrinkafsh 1a866f206a
ci: add eslint rule for sorting imports (#3858)
The [ignoreDeclarationSort](https://eslint.org/docs/latest/rules/sort-imports#ignoredeclarationsort) and [memberSyntaxSortOrder](https://eslint.org/docs/latest/rules/sort-imports#membersyntaxsortorder) options have been turned on and omitted respective to not conflict with the existing import/order rules.
2022-08-18 19:13:10 +10:00
James Elliott 841e495dca
build(deps): update mui monorepo to v5.8.4 (major) (#3215) 2022-06-21 10:35:30 +10:00
Amir Zarrinkafsh bbeab861b7
test(web): fix tests to conform to react18 (#3466)
This change drops the use of ReactDOM which is not supported in React 18. We also fix any test warnings related to i18next.
2022-06-03 10:17:00 +10:00
James Elliott 92aba8eb0b
feat(server): zxcvbn password policy server side (#3151)
This is so the zxcvbn ppolicy is checked on the server.
2022-04-15 19:30:51 +10:00
James Elliott 9d5ac4526e
fix(configuration): remove unused password policy option (#3149)
Removes the min score option from the ZXCVBN policy and adds tests.
2022-04-09 09:21:49 +10:00
James Elliott 90edf11b88
feat(web): add user display name to oidc consent view (#3138)
This adds the current logged in users display name to the consent page as well as some other minor tweaks.

Closes #2595
2022-04-08 12:50:55 +10:00
James Elliott 9e05066097
refactor(handlers): ppolicy (#3103)
Add tests and makes the password policy a provider so the configuration can be loaded to memory on startup.
2022-04-03 21:58:27 +10:00
Manuel Nuñez 8659ba394d
feat(authentication): password policy (#2723)
Implement a password policy with visual feedback in the web portal.

Co-authored-by: Manuel Nuñez <@mind-ar>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-03 08:32:57 +10:00
Amir Zarrinkafsh 1b06e46f71
test(web): drop enzyme in favor of react-testing-library (#2224)
* test(web): drop enzyme in favor of react-testing-library

Enzyme is falling behind in maintenance, it is currently maintained by one primary developer and still does [not support React 17](https://github.com/enzymejs/enzyme/pull/2430) despite it being released in October 2020.

[react-testing-library (RTL)](https://testing-library.com/docs) is [recommended by Facebook](https://reactjs.org/docs/test-utils.html#overview) and encourages writing tests that avoid testing implementation details.

* build(deps): update react monorepo to v17 (major)

* build(deps): remove @types/{enzyme,jest}
2021-08-03 16:25:13 +10:00
renovate[bot] e4a769f69c
build(deps): update dependency @material-ui/core to v4.12.0 (#2157)
* build(deps): update dependency @material-ui/core to v4.12.0

* fix(web): adjust deprecations

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-07-07 09:10:31 +10:00
Amir Zarrinkafsh 3494353641
refactor(web): use absolute imports with aliases (#2100)
* refactor(web): use absolute imports with aliases

Refactors all of the TS/JS frontend to utilise absolute imports along with import aliases.
Each of the paths within `src` are represented with their own alias:

* @assets
* @components
* @constants (new)
* @hooks
* @layouts
* @models
* @services
* @themes
* @utils
* @views

`Routes.ts` and `constant.ts` have been relocated to the constants directory for consistency.
2021-06-19 10:20:43 +02:00
James Elliott ddea31193b
feature(oidc): add support for OpenID Connect
OpenID connect has become a standard when it comes to authentication and
in order to fix a security concern around forwarding authentication and authorization information
it has been decided to add support for it.

This feature is in beta version and only enabled when there is a configuration for it.
Before enabling it in production, please consider that it's in beta with potential bugs and that there
are several production critical features still missing such as all OIDC related data is stored in
configuration or memory. This means you are potentially going to experience issues with HA
deployments, or when restarting a single instance specifically related to OIDC.

We are still working on adding the remaining set of features before making it GA as soon as possible.

Related to #189

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-05 00:15:36 +02:00
Amir Zarrinkafsh 689fd7cb95
[CI] Add linting option for frontend and enforce styling (#1565)
We now extend the default Eslint configuration and enforce styling with prettier for all of our frontend code.
2021-01-02 21:58:24 +11:00
Amir Zarrinkafsh e243fad1ba
[MISC] Disable auto capitalization of username field on mobile (#1435) 2020-11-09 14:04:44 +11:00
dependabot-preview[bot] cc94b1daa3
[MISC] (deps): Bump @types/react from 16.9.43 to 16.9.56 in /web (#1429)
* [MISC] (deps): Bump @types/react from 16.9.43 to 16.9.56 in /web

Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.43 to 16.9.56.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Cast style to React.CSSProperties for LinearProgressBar

Upgrading this typescript library results in the following type issue:

Failed to compile.

/buildkite/builds/authelia/authelia/web/src/components/LinearProgressBar.tsx
TypeScript error in /buildkite/builds/authelia/authelia/web/src/components/LinearProgressBar.tsx(23,13):
Type 'import("/buildkite/builds/authelia/authelia/web/node_modules/@material-ui/styles/withStyles/withStyles").CSSProperties | undefined' is not assignable to type 'React.CSSProperties | undefined'.
  Type 'import("/buildkite/builds/authelia/authelia/web/node_modules/@material-ui/styles/withStyles/withStyles").CSSProperties' is not assignable to type 'React.CSSProperties'.
    Types of property 'appearance' are incompatible.
      Type '"-moz-initial" | "inherit" | "initial" | "revert" | "unset" | "none" | "button-bevel" | "checkbox" | "listbox" | "menulist" | "menulist-button" | "meter" | "progress-bar" | "push-button" | ... 7 more ... | undefined' is not assignable to type '"-moz-initial" | "inherit" | "initial" | "revert" | "unset" | "auto" | "none" | "checkbox" | "listbox" | "menulist" | "menulist-button" | "meter" | "progress-bar" | "push-button" | ... 7 more ... | undefined'.
        Type '"button-bevel"' is not assignable to type '"-moz-initial" | "inherit" | "initial" | "revert" | "unset" | "auto" | "none" | "checkbox" | "listbox" | "menulist" | "menulist-button" | "meter" | "progress-bar" | "push-button" | ... 7 more ... | undefined'.  TS2322

    21 |     return (
    22 |         <LinearProgress
  > 23 |             style={props.style}
       |             ^
    24 |             variant="determinate"
    25 |             classes={{
    26 |                 root: style.progressRoot,

error Command failed with exit code 1.

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-11-09 11:14:50 +11:00
dependabot-preview[bot] e6f4768961
[MISC] (deps): Bump react-scripts from 3.4.4 to 4.0.0 in /web (#1403)
Bumps [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts) from 3.4.4 to 4.0.0.
- [Release notes](https://github.com/facebook/create-react-app/releases)
- [Changelog](https://github.com/facebook/create-react-app/blob/master/CHANGELOG-3.x.md)
- [Commits](https://github.com/facebook/create-react-app/commits/react-scripts@4.0.0/packages/react-scripts)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Address CRA breaking changes

This is related to [breaking changes](https://github.com/facebook/create-react-app/blob/master/CHANGELOG.md#breaking-changes) in CRA specific to ESLint.

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-11-07 13:06:18 +11:00
James Elliott a4cf2e675f
[DEPRECATE] Remove Google Analytics (#1021)
* it doesn't work with our current CSP
* it's probably not used by anyone
* it isn't in harmony with our security purposes
* literally removes all use of it
* suggestions from code review
* remove useless test.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-05-16 09:41:42 +10:00
James Elliott 40fb13ba3c
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773)
* Add period TOPT config key to define the time in seconds each OTP is rotated
* Add skew TOTP config to define how many keys either side of the current one should be considered valid
* Add tests and set minimum values
* Update config template
* Use unix epoch for position calculation and Fix QR gen
  * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute
* Generate QR based on period
* Fix OTP timer graphic
2020-03-25 12:48:20 +11:00
dependabot-preview[bot] e5173da69e
[MISC] (deps): Bump @material-ui/core from 4.8.0 to 4.9.7 in /web (#743)
* [MISC] (deps): Bump @material-ui/core from 4.8.0 to 4.9.7 in /web

Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui) from 4.8.0 to 4.9.7.
- [Release notes](https://github.com/mui-org/material-ui/releases)
- [Changelog](https://github.com/mui-org/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui-org/material-ui/commits/v4.9.7/packages/material-ui)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix compilation.

Signed-off-by: Clement Michaud <clement.michaud34@gmail.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-03-21 13:24:59 +11:00
Clément Michaud d1d02d9eae
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611)
* Redirect to default URL after 1FA when default policy is one_factor.

User is now redirected to the default redirection URL after 1FA if
the default policy is set to one_factor and there is no target URL
or if the target URL is unsafe.

Also, if the default policy is set to one_factor and the user is already
authenticated, if she visits the login portal, the 'already authenticated'
view is displayed with a logout button.

This fixes #581.

* Update users.yml

* Fix permissions issue causing suite test failure
2020-02-05 08:18:02 +11:00
Clement Michaud 3d20142292 Allow administrator to provide a Google Analytics tracking ID.
Providing a GA tracking ID allows administrators to analyze
how the portal is used by their users in large environments,
i.e., with many users.
This will make even more sense when we have users and admins
management interfaces.
2019-12-08 14:31:48 +01:00
Clement Michaud 5f8726fe87 Let the user know device is not enrolled.
A message is now displayed to the user when he first sign in
in Authelia letting him know that a device must be enrolled.

Also introduce a message letting him know when he is already
authenticated.
2019-12-08 14:31:48 +01:00
Clement Michaud c78a732c6a Rewrite and fix remaining suites in Go. 2019-12-05 11:05:24 +01:00
Clement Michaud 373911d199 Add first unit tests to frontend components. 2019-12-05 11:05:24 +01:00
Clement Michaud 9ae2096d2a Rewrite authelia frontend to improve user experience.
This refactoring simplify the code of the frontend and prepare the
portal for receiving a user settings page and an admin page.
2019-12-05 11:05:24 +01:00