BankaiNoJutsu
17cc93425a
fix config.minimal.yml user db path
2018-12-18 19:12:09 +01:00
BankaiNoJutsu
7d4a9c566b
fix +x permissions on all scripts in folder
2018-12-18 18:02:20 +01:00
BankaiNoJutsu
5a11641ff3
fixed all scripts permissions +x
2018-12-18 17:55:37 +01:00
BankaiNoJutsu
bace1159f5
fixed perm on travis.sh
2018-12-18 17:48:48 +01:00
BankaiNoJutsu
55c06b975e
Add readme in themes folder, and remove uneccessary check in gruntfile
2018-12-18 17:36:01 +01:00
BankaiNoJutsu
3d1448d3cc
fix permissions
2018-12-18 16:34:56 +01:00
BankaiNoJutsu
48c204fc68
added all themes, clean and backup of dist, --theme value check
2018-12-18 16:30:23 +01:00
BankaiNoJutsu
1e71815b00
added squares and triangles themes
2018-12-18 08:32:04 +01:00
BankaiNoJutsu
dedd712039
added black theme and fixed main css matrix.js (not needed)
2018-12-18 07:47:07 +01:00
BankaiNoJutsu
6bd9d04eb9
Added cleaning of dist folder before build, by adding grunt-clean, fixed css concat
2018-12-17 23:27:58 +01:00
BankaiNoJutsu
08544858de
Added Theming functionality and theme folder
2018-12-17 22:49:01 +01:00
Clément Michaud
6c4d06b2a8
Merge pull request #289 from clems4ever/remove-auth-methods
...
Introduce "bypass", "one_factor", "two_factor" and "deny" ACL rules
2018-11-17 18:44:36 +01:00
Clement Michaud
b53d16d8a1
Introduce Subject and Object in authorization module.
2018-11-17 18:29:10 +01:00
Clement Michaud
97bfafb6eb
[BREAKING] Flatten the ACL rules to enable some use cases.
...
With previous configuration format rules were not ordered between groups and
thus not predictable. Also in some cases `any` must have been a higher
precedence than `groups`. Flattening the rules let the user apply whatever
policy he can think of.
When several rules match the (subject, domain, resource), the first one is
applied.
NOTE: This commit changed the format for declaring ACLs. Be sure to update
your configuration file before upgrading.
2018-11-17 18:08:29 +01:00
Clement Michaud
2bc650fd97
Create a docker-compose.dev.yml to reproduce integration test cases.
2018-11-17 18:08:29 +01:00
Clement Michaud
9fc55543fd
Integrate more policy options in ACL rules.
...
The possible values for ACL policies are now: bypass, one_factor, two_factor,
deny.
This change also deprecate auth_methods because the method is now associated
directly to a resource in the ACLs instead of a domain.
2018-11-17 18:08:29 +01:00
Clément Michaud
d898fa2c0c
Merge pull request #293 from clems4ever/closed-redirection
...
Fix open redirection vulnerability.
2018-11-17 18:04:33 +01:00
Clement Michaud
42581dfe93
Fix open redirection vulnerability.
...
In order to redirect the user after authentication, Authelia uses
rd query parameter provided by the proxy. However an attacker could
use phishing to make the user be redirected to a bad domain. In order
to avoid the user to be redirected to a bad location, Authelia now
verifies the redirection URL is under the protected domain.
2018-11-17 17:48:20 +01:00
Clement Michaud
8871ccd65e
3.10.0
2018-11-17 15:06:08 +01:00
Clement Michaud
eaa3cc34f8
Update changelog before publication of next minor release.
2018-11-17 15:06:07 +01:00
Clément Michaud
5f8e33d6ac
Merge pull request #301 from clems4ever/fix-u2f-2
...
Fix U2F sign request after U2F library upgrade.
2018-11-17 14:28:11 +01:00
Clement Michaud
baa1899536
Fix U2F sign request after u2f library upgrade.
2018-11-17 13:58:48 +01:00
Clément Michaud
76326d5ff7
Merge pull request #302 from clems4ever/improve-doc
...
Add details on how to deploy Authelia in a dev environment.
2018-11-17 12:21:13 +01:00
Clément Michaud
f725f04361
Fix deployment dev documentation.
2018-11-17 12:20:39 +01:00
Clement Michaud
de15dc52dd
Add details on how to deploy Authelia in a dev environment.
...
Also improve some part of the documentation.
2018-11-16 15:30:26 +01:00
Clement Michaud
82e51e1a71
Improve CONTRIBUTE section of the README.
2018-11-15 22:47:27 +01:00
Clement Michaud
9a0e5290d1
Use mailcatcher for minimal config setup.
2018-11-15 22:28:29 +01:00
Clement Michaud
43102d9fae
Bump nyc dependency.
2018-11-15 22:24:57 +01:00
Clement Michaud
0dd3f18bd5
Bump lodash dependency.
2018-11-15 21:32:51 +01:00
Clement Michaud
e7bb729a63
Bump cached-path-relative
2018-11-15 18:24:15 +01:00
Clement Michaud
e9d8f604c6
Bump fill-range package.
2018-11-15 18:22:13 +01:00
Clément Michaud
1d6dd9323b
Merge pull request #300 from clems4ever/fix-u2f
...
Fix U2F authentication by upgrading U2F libraries.
2018-11-06 16:55:13 +01:00
Clement Michaud
7c80515b34
Fix U2F authentication by upgrading libraries.
2018-11-06 15:45:01 +01:00
Clément Michaud
72b3e22987
Merge pull request #298 from clems4ever/fix-npm-audit
...
Bump grunt and grunt-contrib-watch.
2018-11-03 16:52:02 +01:00
Clement Michaud
798b001986
Bump grunt and grunt-contrib-watch.
2018-11-03 16:19:05 +01:00
Clement Michaud
fac17671ee
Fix broken link to getting-started in README.md
2018-11-03 13:29:06 +01:00
Clément Michaud
0c238ea9a6
Merge pull request #292 from clems4ever/u2f-polyfill
...
Make Authelia compatible with Firefox.
2018-10-27 18:47:37 +02:00
Clement Michaud
e8c3205e0a
Make Authelia compatible with Firefox.
...
Use the polyfill version of u2f API provided by Google.
https://github.com/mastahyeti/u2f-api
This polyfill is at least compatible with Chrome and
Firefox after enabling the U2F support.
[HOWTO] Enable U2F in Firefox >= 57:
Navigate to 'about:config' and search for 'u2f' option.
Double-click on the line to toggle the option.
2018-10-27 18:22:01 +02:00
Clément Michaud
bfaaf6214f
Merge pull request #287 from clems4ever/keep-logged-in
...
Add a "keep me logged in" checkbox.
2018-10-23 21:02:24 +02:00
Clement Michaud
05c423c6f8
Add integration test for keep me logged in feature.
2018-10-23 20:41:02 +02:00
Clement Michaud
4c3b5cfbb3
Implement Keep me logged in feature.
2018-10-21 16:11:31 +02:00
Clement Michaud
059c5936f5
Add 'keep me logged in' checkbox in first factor page.
2018-10-21 15:25:28 +02:00
Clement Michaud
ad6b064063
Fix typing issue when using Dockerfile.dev.
2018-10-21 15:25:09 +02:00
Clement Michaud
a8460d3c7b
Add a Dockerfile.dev for manual testing during development.
...
In some cases mounting node_modules in the container leads to
shared library linking issues (libcrypt.so) for instance.
2018-10-21 15:23:25 +02:00
Clément Michaud
d923ae334a
Merge pull request #284 from clems4ever/bump-request
...
Bump request package.
2018-10-13 23:25:18 +02:00
Clement Michaud
a21c15d451
Bump request package.
2018-10-13 19:21:32 +02:00
Clément Michaud
e70f0914f3
Merge pull request #283 from clems4ever/fix-docs
...
Fix broken links in documentation.
2018-10-13 19:20:17 +02:00
Clement Michaud
b59371941e
Fix broken links in documentation.
2018-10-13 11:47:28 +02:00
Clément Michaud
269f74cd7b
Merge pull request #282 from clems4ever/update-deps
...
Update bootstrap and randomatic dependencies.
2018-10-13 11:46:40 +02:00
Clément Michaud
6c6eea02a1
Merge branch 'master' into update-deps
2018-10-13 10:52:57 +02:00