Commit Graph

19 Commits (48c1bb5136af677ad2570934500ab402b8e98c7b)

Author SHA1 Message Date
Clément Michaud 9dab40c2ce
Add support for users database on disk. (#262)
In order to simplify the deployment of Authelia for
testing, LDAP is now optional made optional thanks
to users database stored in a file. One can update
the file manually even while Authelia is running.

With this feature the minimal configuration requires
only two components: Authelia and nginx.

The users database is obviously made for development
environments only as it prevents Authelia to be scaled
to more than one instance.

Note: Configuration has been updated. Key `ldap` has
been nested in `authentication_backend`.
2018-08-26 10:30:43 +02:00
Clement Michaud 87056c14e2 Fix npm package versions with package-lock.json 2017-10-31 07:37:15 +01:00
Clement Michaud dacdce6c50 Implement session inactivity timeout
This timeout will prevent an attacker from using a session that has been
inactive for too long.
This inactivity timeout combined with the timeout before expiration makes a
good combination of security mechanisms to prevent session theft.

If no activity timeout is provided, then the feature is disabled and only
session expiration remains as a protection.
2017-10-31 07:27:23 +01:00
Clement Michaud e8a1e7c52c Remove configuration schema from source since it is generated 2017-10-15 22:17:36 +02:00
Clement Michaud ae720c5230 Fix missing images in notification messages 2017-10-07 21:58:41 +02:00
Clement Michaud d8ff186303 Split client and server
Client and server now have their own tsconfig so that the transpilation is only
done on the part that is being modified.

It also allows faster transpilation since tests are now excluded from tsconfig.
They are compiled by ts-node during unit tests execution.
2017-10-07 00:49:42 +02:00
Clement Michaud 4cd78f3f83 Add SMTP notifier as an available option in configuration
One can now plug its own SMTP server to send notifications
for identity validation and password reset requests.

Filesystem has been removed from the template configuration file
since even tests now use mail catcher (the fake webmail) to
retrieve the email and the confirmation link.
2017-09-24 23:20:45 +02:00
Clement Michaud 64c06fd6b8 Parameterize authentication regulation via configuration file. Both for flexibility and for testing purposes. 2017-09-03 12:48:35 +02:00
Clement Michaud 8f152d2328 Fix example environment 2017-07-14 19:05:42 +02:00
Clement Michaud e56c2492ed Fix integration test and package Travis scripts 2017-06-29 13:09:08 +02:00
Clement Michaud a84efdb8be Test npm deployment in CI 2017-06-16 21:11:54 +02:00
Clement Michaud ddf1e48535 Refactor client to make it responsive and testable 2017-06-16 18:16:38 +02:00
Clement Michaud 4356cfe7c1 First step to typescript transformation 2017-05-20 16:00:47 +02:00
Clement Michaud 32ff6cb387 Remove qrcode dependency as an npm package and replace it with a client side cross-browser library that generates qrcodes 2017-05-14 13:37:05 +02:00
Clement Michaud 8d662c1591 Install libgif-dev in travisci environment 2017-01-28 22:54:27 +01:00
Clement Michaud d3db94105e Registration process sends an email to allow user to register its U2F device 2017-01-22 17:54:45 +01:00
Clement Michaud ccbcb758f0 Reconnect to LDAP when connection is closed (or not open at the beginning) 2016-12-18 01:49:09 +01:00
Clement Michaud e13315eb92 Move files from app to src and tests in root directory + adding more tests 2016-12-17 02:06:40 +01:00
Clement Michaud d7d743bdfa First commit with tests 2016-12-10 01:47:58 +01:00