Commit Graph

367 Commits (5748725d383a82c1333033d2e81b6c58e61c75ad)

Author SHA1 Message Date
James Elliott e041143f87
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider

* refactor(session): use int for ports as per go standards

* refactor(configuration): adjust tests and validation

* refactor(configuration): add err format consts

* refactor(configuration): explicitly map redis structs

* refactor(session): merge redis/redis sentinel providers

* refactor(session): add additional checks to redis providers

* feat(session): add redis cluster provider

* fix: update config for new values

* fix: provide nil certpool to affected tests/mocks

* test: add additional tests to cover uncovered code

* docs: expand explanation of host and nodes relation for redis

* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum

* fix(session): sentinel password

* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config

* test: make entrypoint.sh executable, fix entrypoint.sh if/elif

* test: add redis failover tests

* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging

* test: add sentinel integration test

* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep

* feat: use sentinel failover cluster

* fix: renamed addrs to sentineladdrs upstream

* test(session): sentinel failover

* test: add redis standard back into testing

* test: move redis standalone test to traefik2

* fix/docs: apply suggestions from code review
2021-03-10 10:03:05 +11:00
renovate[bot] 5cf98de225
build(deps): update module github.com/fasthttp/router to v1.3.9 (#1775)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 22:03:47 +11:00
renovate[bot] e2f08f568a
build(deps): update module github.com/valyala/fasthttp to v1.22.0 (#1772)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 11:27:03 +11:00
renovate[bot] abe8e438a2
build(deps): update module github.com/fasthttp/router to v1.3.8 (#1771)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 08:58:28 +11:00
Amir Zarrinkafsh 4f099b76d7
build(deps): downgrade module github.com/mattn/go-sqlite3 to v1.14.6 (#1758) 2021-02-23 14:51:31 +11:00
renovate[bot] d000e5dbeb
build(deps): update module github.com/otiai10/copy to v1.5.0 (#1753)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-23 05:41:51 +11:00
renovate[bot] 30d45dd3fc
build(deps): update module github.com/sirupsen/logrus to v1.8.0 (#1747)
* build(deps): update module github.com/sirupsen/logrus to v1.8.0

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-22 21:52:08 +11:00
renovate[bot] b10adf6cf4
build(deps): update module github.com/golang/mock to v1.5.0 (#1746)
* build(deps): update module github.com/golang/mock to v1.5.0

* build(deps): go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-02-22 20:33:17 +11:00
renovate[bot] 68af1fdfca
build(deps): update module github.com/authelia/session/v2 to v2.4.1 (#1745)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 17:48:10 +11:00
James Elliott 0f7891a823
build(deps): update module github.com/valyala/fasthttp to v1.21.0 (#1755) 2021-02-22 16:37:40 +11:00
renovate[bot] e77ef2d1dc
build(deps): update module github.com/spf13/cobra to v1.1.3 (#1741)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 15:47:07 +11:00
Amir Zarrinkafsh 74721a9f41
feat: go:embed static assets (#1733)
* feat: go:embed static assets

Go 1.16 introduced the ability to embed files within a generated binary directly with the go tool chain. This simplifies our dependencies and the significantly improves the development workflow for future developers.

Key points to note:

Due to the inability to embed files that do not reside within the local package we need to duplicate our `config.template.yml` within `internal/configuration`.

To avoid issues with the development workflow empty mock files have been included within `internal/server/public_html`. These are substituted with the respective generated files during the CI/CD and build workflows.

* fix(suites): increase ldap suite test timeout

* fix(server): fix swagger asset CSP
2021-02-22 10:07:06 +11:00
renovate[bot] f1664fea00
build(deps): update module spf13/cobra to v1 (#1676)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 20:27:06 +11:00
renovate[bot] d2c1e6afa5
build(deps): update module yaml to v2.4.0 (#1671)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 14:18:46 +11:00
renovate[bot] 895b69d871
build(deps): update module sirupsen/logrus to v1.7.0 (#1667)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 14:00:57 +11:00
renovate[bot] cfb1ee020e
build(deps): update module pquerna/otp to v1.3.0 (#1665)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:44:15 +11:00
renovate[bot] 6a0ed57196
build(deps): update module otiai10/copy to v1.4.2 (#1664)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:30:22 +11:00
renovate[bot] c53e590585
build(deps): update module jackc/pgx/v4 to v4.10.1 (#1663)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:12:26 +11:00
renovate[bot] 0baf8b808a
build(deps): update module fasthttp/router to v1.3.5 (#1662)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:57:08 +11:00
renovate[bot] 158c70a24c
build(deps): update module data-dog/go-sqlmock to v1.5.0 (#1661)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:43:08 +11:00
renovate[bot] 6b1d9d14e7
build(deps): update module golang.org/x/text to v0.3.5 (#1654)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 10:27:33 +11:00
renovate[bot] ccb7e7e955
build(deps): update module go-ldap/ldap/v3 to v3.2.4 (#1653) 2021-01-31 09:50:01 +11:00
renovate[bot] a089c03fa3
build(deps): update module valyala/fasthttp to v1.19.0 (#1670)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 21:02:31 +11:00
renovate[bot] bce802621b
build(deps): update module stretchr/testify to v1.7.0 (#1669)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 20:44:07 +11:00
renovate[bot] a35d9de242
build(deps): update github.com/duosecurity/duo_api_golang commit hash to 0e07e9f (#1646)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 19:49:12 +11:00
renovate[bot] 1448908e40
build(deps): update github.com/asaskevich/govalidator commit hash to 7a23bdc (#1645)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 18:06:58 +11:00
James Elliott 2763aefe81
[BUGFIX] Static Session Expiration Key (#1564)
* [BUGFIX] Static Session Expiration Key

* keys for session expiration are random for each instance of Authelia
* this is caused by upstream setting it to a random value
* using a temporary bugfix fork of github.com/fasthttp/session to resolve locally
* add some misc doc additions
2020-12-29 12:44:47 +11:00
James Elliott 365304a684
[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427)
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15
2020-12-02 10:03:44 +11:00
dependabot-preview[bot] f1968343c3
[MISC] (deps): Bump github.com/spf13/viper from 1.7.0 to 1.7.1 (#1251)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.7.0...v1.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 09:07:38 +10:00
dependabot-preview[bot] b9eb94f658
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.8.0 to 4.8.1 (#1244)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.8.0...v4.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-31 12:10:51 +10:00
dependabot-preview[bot] 07c4e96927
[MISC] (deps): Bump github.com/golang/mock from 1.4.3 to 1.4.4 (#1242)
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.3...v1.4.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-30 09:44:38 +02:00
dependabot-preview[bot] e0774d1524
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.3 to 1.2.4 (#1223)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.3...v1.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 11:29:01 +02:00
dependabot-preview[bot] fd0de434c4
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.2 to 4.8.0 (#1221)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.2...v4.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 00:26:03 +02:00
dependabot-preview[bot] ebd391d67a
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.2.0 to 2.2.1 (#1219)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.2.0...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-24 23:43:11 +02:00
dependabot-preview[bot] 3ae95e6bf0
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.1 to 2.2.0 (#1217)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.1...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 12:11:12 +10:00
dependabot-preview[bot] 9134b0aa8e
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.2 to 1.2.3 (#1216)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.2...v1.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 11:37:22 +10:00
dependabot-preview[bot] 0b18d08f01
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.2 to 3.2.3 (#1213)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.2...v3.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-20 12:05:19 +10:00
dependabot-preview[bot] eb638ec579
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.1 to 4.7.2 (#1207)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.1...v4.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-17 09:29:24 +10:00
James Elliott ea1fae6491
[MISC] Storage Schema Versioning Model (#1057)
* [MISC] Storage Schema Versioning Model 

* fixup go.sum
* remove pq
* fix int to text issue
* fix incorrect SQL text
* use key_name vs key
* use transactions for all queries during upgrades
* fix missing parenthesis
* move upgrades to their own file
* add provider name for future usage in upgrades
* fix missing create config table values
* fix using the const instead of the provider SQL
* import logging once and reuse
* update docs
* remove db at suite teardown
* apply suggestions from code review
* fix mysql
* make errors more uniform
* style changes
* remove commented code sections
* remove commented code sections
* add schema version type
* add sql mock unit tests
* go mod tidy
* test blank row situations
2020-07-16 15:56:08 +10:00
dependabot-preview[bot] e5d02d4b06
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.14.0 to 1.15.1 (#1200)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.14.0 to 1.15.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.14.0...v1.15.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 23:32:54 +02:00
dependabot-preview[bot] c5c41c6111
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.1 to 3.2.2 (#1199)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 11:01:35 +10:00
dependabot-preview[bot] 24ea88156b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.0 to 3.2.1 (#1152)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.0...v3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 10:21:14 +10:00
dependabot-preview[bot] 0e206660ef
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.11 to 3.2.0 (#1128)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.11 to 3.2.0.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.11...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:57:16 +10:00
dependabot-preview[bot] 53ea5a067a
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.1 to 1.2.2 (#1116)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 22:27:45 +02:00
dependabot-preview[bot] 9ae68999e8
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.10 to 3.1.11 (#1115)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.10 to 3.1.11.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.10...v3.1.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-15 10:56:29 +10:00
dependabot-preview[bot] 532ccb8fdf
[MISC] (deps): Bump github.com/lib/pq from 1.6.0 to 1.7.0 (#1106)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-11 10:24:18 +10:00
dependabot-preview[bot] 1a82d3192b
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.7 to 1.2.1 (#1102)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.7 to 1.2.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.7...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-09 23:14:15 +02:00
dependabot-preview[bot] a08856a7dd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7 (#1099)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.6...v1.1.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Update go.sum

* Update go.sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 11:08:49 +10:00
dependabot-preview[bot] cd38e9aa3f
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.0 to 2.1.1 (#1098)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.0...v2.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 09:27:17 +10:00
dependabot-preview[bot] ef0c0fe8bf
[MISC] (deps): Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 (#1095)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 08:35:03 +10:00
Amir Zarrinkafsh 33e5677f87
[MISC] Update and clean go.mod/go.sum (#1076) 2020-06-04 13:34:25 +10:00
dependabot-preview[bot] 94a5386aff
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.5 to 1.1.6 (#1079)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.5...v1.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 21:12:15 +02:00
dependabot-preview[bot] 431d059c2e
[MISC] (deps): Bump github.com/lib/pq from 1.5.2 to 1.6.0 (#1067)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 09:52:45 +10:00
dependabot-preview[bot] 844a4c58d1
[MISC] (deps): Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 (#1066)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 08:52:59 +10:00
dependabot-preview[bot] 5d3f010a1f
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.4 to 1.1.5 (#1058)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:53:52 +02:00
dependabot-preview[bot] 54fe2a9abd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.3 to 1.1.4 (#1054)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.3...v1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-26 21:32:37 +02:00
dependabot-preview[bot] 9eda7fb612
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.0.2 to 2.1.0 (#1055)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.0.2...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:20 +02:00
dependabot-preview[bot] 2b8a8a24a1
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.12.0 to 1.13.1 (#1056)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.12.0 to 1.13.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.12.0...v1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:10 +02:00
dependabot-preview[bot] 00fa11020e
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3 (#1048)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* fix sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-25 08:54:38 +10:00
dependabot-preview[bot] 70e0bba1d1
[MISC] (deps): Bump github.com/otiai10/copy from 1.1.1 to 1.2.0 (#1047)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 21:31:04 +02:00
dependabot-preview[bot] b5f27b7451
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.1 to 1.1.2 (#1041)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 08:04:45 +10:00
Clément Michaud fe5ebfb75a
[FEATURE] Bump to fasthttp/session/v2 to support redis unix socket. (#1001)
* [FEATURE] Bump to fasthttp/session/v2 to support redis unix socket.

* Fix lint issues.

* Remove v1 import and fix double import.

* [DOCS] Document use of redis unix socket.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-18 12:45:47 +10:00
James Elliott 73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00
dependabot-preview[bot] 8339b095c9
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.0 to 1.1.1 (#1016)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-14 08:08:34 +10:00
dependabot-preview[bot] e259e6182e
[MISC] (deps): Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 (#1017)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.8 to 2.3.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.8...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-14 07:19:17 +10:00
dependabot-preview[bot] 7718c48e68
[MISC] (deps): Bump github.com/spf13/viper from 1.6.3 to 1.7.0 (#1005)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.6.3 to 1.7.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.6.3...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-11 09:41:48 +10:00
dependabot-preview[bot] e2785e37c0
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.4 to 1.1.0 (#1004)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.4...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-11 09:16:49 +10:00
dependabot-preview[bot] 3d43e98bcf
[MISC] (deps): Bump github.com/lib/pq from 1.5.1 to 1.5.2 (#995)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.1...v1.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-09 02:24:24 +10:00
dependabot-preview[bot] df1fd31092
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.9 to 3.1.10 (#991)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.9 to 3.1.10.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.9...v3.1.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-08 11:20:46 +10:00
dependabot-preview[bot] 6aa97fa56b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.8 to 3.1.9 (#986)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.8 to 3.1.9.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.8...v3.1.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-06 20:44:35 +02:00
Amir Zarrinkafsh 87053c9312
[CI] Add linters: asciicheck, nolintlint and unconvert (#978) 2020-05-05 14:43:46 +10:00
dependabot-preview[bot] 2da79d6599
[MISC] (deps): Bump github.com/lib/pq from 1.5.0 to 1.5.1 (#972)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.0...v1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 20:54:18 +02:00
dependabot-preview[bot] e6caac7db0
[MISC] (deps): Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 (#968)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-04 07:55:02 +10:00
dependabot-preview[bot] 8d06187a17
[MISC] (deps): Bump github.com/lib/pq from 1.4.0 to 1.5.0 (#969)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.4.0...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 06:57:29 +10:00
Amir Zarrinkafsh f8bd506326
[FEATURE] Embed static assets in Go binary (#916)
* [FEATURE] Embed static assets in Go binary

* Refactor/consolidate code and specify public_html via configuration

* Update docs and config template for assets

* Update AUR package pre-requisites and systemd unit

* Include static assets as Buildkite and GitHub artifacts

* Remove references to PUBLIC_DIR

* Only serve assets via embedded filesystem and remove configuration references

* Update authelia-scripts helper to build the embedded filesystem

* Mock the embedded filesystem for unit tests
Add to gitignore to ensure this isn't overwritten.

* Move go:generate to satisfy linter
2020-04-29 00:07:20 +10:00
dependabot-preview[bot] 5d2b7a1398
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.3 to 1.0.4 (#923)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.3...v1.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-26 20:43:59 +02:00
dependabot-preview[bot] d6f240dca5
[MISC] (deps): Bump github.com/lib/pq from 1.3.0 to 1.4.0 (#898)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.3.0...v1.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-22 15:18:30 +10:00
dependabot-preview[bot] 799945ba4b
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.11.0 to 1.12.0 (#897)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.11.0...v1.12.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-22 14:37:32 +10:00
Amir Zarrinkafsh 2e784084c7
[MISC] Implement golint recommendations (#885)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-20 23:03:38 +02:00
dependabot-preview[bot] fcfe8c4da8
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.2 to 1.0.3 (#884)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.2...v1.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-19 21:48:45 +02:00
dependabot-preview[bot] f139de97de
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.9.0 to 1.10.0 (#875)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.9.0...v1.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-17 09:10:27 +10:00
dependabot-preview[bot] 4d1c2f38be
[MISC] (deps): Bump github.com/fasthttp/session from 1.1.7 to 1.1.8 (#867)
Bumps [github.com/fasthttp/session](https://github.com/fasthttp/session) from 1.1.7 to 1.1.8.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v1.1.7...v1.1.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-15 09:59:33 +10:00
dependabot-preview[bot] 49630664e7
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.1 to 1.0.2 (#860)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.1...v1.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-13 12:47:27 +10:00
dependabot-preview[bot] 94d985b465
[MISC] (deps): Bump github.com/spf13/viper from 1.6.2 to 1.6.3 (#859)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.6.2...v1.6.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-13 11:46:04 +10:00
James Elliott 92084bc5b2
[MISC] Add http debug routes (#848)
* [MISC] Add debug endpoints to Authelia

* enabled only with trace logging
* allows go tool pprof usage when enabled
* enables both the expvarhandler and pprofhandler from fasthttp
* simplify tls/non-tls listen and serve
* make it easy to define custom settings of the fasthttp server in the future
* make name param optional
* add note about the trace setting in the documentation
2020-04-11 14:59:58 +10:00
dependabot-preview[bot] f05bce66f0
[MISC] (deps): Bump go.mongodb.org/mongo-driver from 1.3.1 to 1.3.2 (#836)
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.3.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-08 22:56:01 +02:00
Amir Zarrinkafsh 580152b40b
[FEATURE] Include darwin based binaries for OSX (#814)
Build and publish binary artifacts for Authelia which can be run directly from OSX.
2020-04-03 16:13:24 +11:00
dependabot-preview[bot] 8405b4fee1
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.7 to 3.1.8 (#812)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.7 to 3.1.8.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.7...v3.1.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 22:06:25 +02:00
dependabot-preview[bot] 376333affe
[MISC] (deps): Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 (#795)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.6 to 0.0.7.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v0.0.6...0.0.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-30 10:36:39 +11:00
James Elliott 40fb13ba3c
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773)
* Add period TOPT config key to define the time in seconds each OTP is rotated
* Add skew TOTP config to define how many keys either side of the current one should be considered valid
* Add tests and set minimum values
* Update config template
* Use unix epoch for position calculation and Fix QR gen
  * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute
* Generate QR based on period
* Fix OTP timer graphic
2020-03-25 12:48:20 +11:00
dependabot-preview[bot] 7cf39cb3a1
[MISC] (deps): Bump github.com/sirupsen/logrus from 1.4.2 to 1.5.0 (#774)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.4.2 to 1.5.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.4.2...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-24 10:42:32 +11:00
dependabot-preview[bot] 42d09da6ca
[MISC] (deps): Bump github.com/fasthttp/router from 0.6.1 to 0.7.0 (#737)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 0.6.1 to 0.7.0.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v0.6.1...v0.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 23:28:29 +11:00
dependabot-preview[bot] 89a81b7a05
[DEPS] Bump go.mongodb.org/mongo-driver from 1.1.3 to 1.3.1 (#731)
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.1.3 to 1.3.1.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.1.3...v1.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-19 20:32:50 +11:00
dependabot-preview[bot] 57cb342d0a
[DEPS] Bump github.com/lib/pq from 1.2.0 to 1.3.0 (#732)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.2.0...v1.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 20:09:10 +11:00
dependabot-preview[bot] ebd13cad46
[DEPS] Bump github.com/mattn/go-sqlite3 from 1.11.0 to 1.13.0 (#729)
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.11.0 to 1.13.0.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.11.0...v1.13.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 19:46:49 +11:00
dependabot-preview[bot] e174853564
[DEPS] Bump github.com/fasthttp/session from 1.1.3 to 1.1.7 (#730)
Bumps [github.com/fasthttp/session](https://github.com/fasthttp/session) from 1.1.3 to 1.1.7.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v1.1.3...v1.1.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-19 19:28:17 +11:00
dependabot-preview[bot] 309695fa7f
[DEPS] Bump github.com/spf13/cobra from 0.0.5 to 0.0.6 (#733)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.5 to 0.0.6.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/0.0.5...v0.0.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-19 17:40:58 +11:00
dependabot-preview[bot] de2bf6e5bc
[DEPS] Bump github.com/golang/mock from 1.3.1 to 1.4.3 (#728)
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.3.1 to 1.4.3.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/1.3.1...v1.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 17:16:59 +11:00
dependabot-preview[bot] 29b78508ea
[DEPS] Bump github.com/stretchr/testify from 1.4.0 to 1.5.1 (#727)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.5.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 16:51:22 +11:00
Amir Zarrinkafsh 298d56dea3
[DEPS] Fix gopkg.in/ldap.v3 import for dependabot (#726) 2020-03-19 15:22:46 +11:00
dependabot-preview[bot] 3666343be8
[DEPS] Bump github.com/otiai10/copy from 1.0.2 to 1.1.1 (#720)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.0.2 to 1.1.1.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.0.2...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 14:11:28 +11:00
dependabot-preview[bot] 18c7f06655
[DEPS] Bump github.com/fasthttp/router from 0.5.2 to 0.6.1 (#719)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 0.5.2 to 0.6.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v0.5.2...v0.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 13:51:32 +11:00
dependabot-preview[bot] ca0b3388bc
[DEPS] Bump gopkg.in/yaml.v2 from 2.2.4 to 2.2.8 (#718)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.4 to 2.2.8.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.4...v2.2.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 13:04:29 +11:00
dependabot-preview[bot] 4a9997b959
[DEPS] Bump github.com/Workiva/go-datastructures from 1.0.50 to 1.0.52 (#717)
Bumps [github.com/Workiva/go-datastructures](https://github.com/Workiva/go-datastructures) from 1.0.50 to 1.0.52.
- [Release notes](https://github.com/Workiva/go-datastructures/releases)
- [Commits](https://github.com/Workiva/go-datastructures/compare/v1.0.50...v1.0.52)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 12:33:00 +11:00
dependabot-preview[bot] 7e7148c804
[DEPS] Bump github.com/go-sql-driver/mysql from 1.4.1 to 1.5.0 (#716)
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases)
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.4.1...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 12:11:38 +11:00
James Elliott 26369fff3d
[FEATURE] Support Argon2id password hasing and improved entropy (#679)
* [FEATURE] Support Argon2id Passwords

- Updated go module github.com/simia-tech/crypt
- Added Argon2id support for file based authentication backend
- Made it the default method
- Made it so backwards compatibility with SHA512 exists
- Force seeding of the random string generator used for salts to ensure they are all different
- Added command params to the authelia hash-password command
- Automatically remove {CRYPT} from hashes as they are updated
- Automatically change hashes when they are updated to the configured algorithm
- Made the hashing algorithm parameters completely configurable
- Added reasonably comprehensive test suites
- Updated docs
- Updated config template

* Adjust error output

* Fix unit test

* Add unit tests and argon2 version check

* Fix new unit tests

* Update docs, added tests

* Implement configurable values and more comprehensive testing

* Added cmd params to hash_password, updated docs, misc fixes

* More detailed error for cmd, fixed a typo

* Fixed cmd flag error, minor refactoring

* Requested Changes and Minor refactoring

* Increase entropy

* Update docs for entropy changes

* Refactor to reduce nesting and easier code maintenance

* Cleanup Errors (uniformity for the function call)

* Check salt length, fix docs

* Add Base64 string validation for argon2id

* Cleanup and Finalization
- Moved RandomString function from ./internal/authentication/password_hash.go to ./internal/utils/strings.go
- Added SplitStringToArrayOfStrings func that splits strings into an array with a fixed max string len
- Fixed an error in validator that would allow a zero salt length
- Added a test to verify the upstream crypt module supports our defined random salt chars
- Updated docs
- Removed unused "HashingAlgorithm" string type

* Update crypt go mod, support argon2id key length and major refactor

* Config Template Update, Final Tests

* Use schema defaults for hash-password cmd

* Iterations check

* Docs requested changes

* Test Coverage, suggested edits

* Wording edit

* Doc changes

* Default sanity changes

* Default sanity changes - docs

* CI Sanity changes

* Memory in MB
2020-03-06 12:38:02 +11:00
Clement Michaud e92d3ced3a Introduce viper in order to read secrets from env variables. 2020-01-22 10:15:25 +11:00
Amir Zarrinkafsh fabb76754e
Rename org from clems4ever to authelia
Also fix references from config.yml to configuration.yml
2019-12-24 13:14:52 +11:00
Clement Michaud b89f63e9c1 Fix and parallelize integration tests. 2019-12-05 11:05:24 +01:00
Clement Michaud a06b69dd45 Provide commands to migrate database from v3 to v4. 2019-11-17 16:30:33 +01:00
Clement Michaud 6303485fd2 Add support for PostgreSQL. 2019-11-16 23:39:26 +01:00
Clement Michaud e20112f209 Remove retry mechanism from mysql provider.
The retry logic is implemented in the reflex service script instead.
2019-11-16 23:39:26 +01:00
Clement Michaud bd19ee48fd Deprecate mongo and add mariadb as storage backend option. 2019-11-16 23:39:26 +01:00
Clement Michaud a991379a74 Declare suites as Go structs and bootstrap e2e test framework in Go.
Some tests are not fully rewritten in Go, a typescript wrapper is called
instead until we remove the remaining TS tests and dependencies.

Also, dockerize every components (mainly Authelia backend, frontend and kind)
so that the project does not interfere with user host anymore (open ports for instance).
The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts.
It will soon be avoided using authelia.com domain that I own.
2019-11-15 20:23:06 +01:00
Clement Michaud 5bd9e831eb Use pure implementation of crypt to generate and check password hashes.
This allows to remove the dependency to libc.
2019-11-01 23:06:31 +01:00
Clement Michaud 9d7224b7ad Replace typescript version of authelia-scripts by Go version. 2019-11-01 19:03:22 +01:00
Clement Michaud 931887a0a7 Use Golang modules to freeze dependencies. 2019-10-29 00:40:45 +01:00