Clément Michaud
c0a055175c
Merge pull request #217 from clems4ever/custom-mail-attribute
...
Attribute mail_attribute is not correcty taken into account
2018-04-24 21:50:11 +02:00
Clement Michaud
bf3705b3e9
Attribute mail_attribute is not correcty taken into account
2018-04-24 21:33:31 +02:00
Clément Michaud
bf11bfbcf8
Merge pull request #212 from clems4ever/local-storage-config
...
Fix local storage configuration in config template
2018-03-30 00:08:52 +02:00
Clement Michaud
3883af0ecc
Fix local storage configuration in config template
2018-03-29 23:50:47 +02:00
Clément Michaud
d0954a202a
Merge pull request #215 from clems4ever/update-npm-deps
...
Update NPM dependencies
2018-03-29 23:50:02 +02:00
Clement Michaud
a64462d3da
Update chrome driver to fix integration tests
2018-03-29 23:20:16 +02:00
Clement Michaud
ae84b05645
Add changelog to the project
2018-03-29 23:09:31 +02:00
Clement Michaud
0b2f6ace83
Fix unit and integration tests
2018-03-29 23:09:29 +02:00
Clement Michaud
a5592252c7
Bump npm dependencies
2018-03-23 10:13:00 +01:00
Clément Michaud
8a1f38f2f1
Merge pull request #204 from clems4ever/verify-redirect
...
Support 'redirect' parameter in /api/verify endpoint to support Traefik
2017-12-06 13:46:25 +01:00
Clement Michaud
6586402114
Support 'redirect' in /api/verify endpoint to support Traefik
...
Traefik handles auth forwarding but does not manage redirections like Nginx.
Therefore, Authelia must redirect the user and Traefik will forward this
request.
To support both Nginx and Traefik, /api/verify is now configurable with the
'redirect' get parameter. If the verification fails and 'redirect' is not
provided the response will be a 401 error as before.
If the parameter is provided and set to any URL, the response will be a
redirection (302) to this URL.
2017-12-04 22:52:33 +01:00
Clement Michaud
3f6c375446
3.7.0
2017-11-28 22:40:42 +01:00
Clément Michaud
cbd70d076d
Merge pull request #203 from clems4ever/feature/warn-u2f-requirements
...
Add links and tooltips at second factor stage to better guide the user
2017-11-28 22:36:20 +01:00
Clement Michaud
cea92ba7d0
Upgrade npm version in travis
2017-11-28 21:56:50 +01:00
Clement Michaud
515a82eb8d
Add links and tooltips at second factor stage to better guide the user
...
A link to U2F explains what is a U2F security key and how they are used.
A tooltip on U2F device registration link is telling the user he needs a
security key to register.
2017-11-28 21:56:50 +01:00
Clément Michaud
8f88f45cb2
Merge pull request #202 from clems4ever/feature/reset-password-enum
...
Reset password form sends 200 status when user does not exist
2017-11-18 23:32:47 +01:00
Clement Michaud
f47d3c2b0b
Reset password form sends 200 status when user does not exist
...
Reset password sends 200 status codes to avoid user enumeration.
2017-11-18 21:27:07 +01:00
Clément Michaud
792afbc476
Merge pull request #198 from clems4ever/bugfix/firefox-u2f-api
...
Fix not working u2f when using Firefox
2017-11-09 00:51:21 +01:00
Clement Michaud
ca885e4b15
Fix not working u2f when using Firefox
...
The u2f-api package does not use the official u2f script provided by Yubikey.
Unfortunately, it was blocked by Firefox. This change reintroduces the
official u2f script.
2017-11-09 00:21:24 +01:00
Clément Michaud
899246c374
Merge pull request #197 from clems4ever/feature/split-authelia-backend
...
Create a more real world example with multiple reverse proxies
2017-11-03 00:47:16 +01:00
Clement Michaud
a8974a9d8e
Change domain from test.local to example.com
...
Warning: you will need to update your /etc/hosts to take this change into
account for the example environment to work.
2017-11-03 00:20:10 +01:00
Clement Michaud
bbbffaa3ae
Split nginx service into portal, backend and authelia services
...
This setup is closer to real production infrastructure.
2017-11-03 00:20:10 +01:00
Clement Michaud
b8c8c3bd75
Move docker-compose files to the example directory
2017-11-03 00:20:10 +01:00
Clément Michaud
40a4fd0918
Merge pull request #196 from clems4ever/update-contributors
...
Add contributors to source and documentation to CONTRIBUTORS.md
2017-11-01 22:44:50 +01:00
Clement Michaud
cfaf5d3562
Add contributors to source and documentation to CONTRIBUTORS.md
2017-11-01 22:13:17 +01:00
Clément Michaud
c734effb84
Merge pull request #195 from clems4ever/feature/reduce-title
...
Reduce font size and height of header
2017-11-01 22:04:55 +01:00
Clement Michaud
28f9c52355
Reduce font size and height of the header
2017-11-01 21:42:12 +01:00
Clément Michaud
a5da5d790b
Merge pull request #194 from clems4ever/feature/fix-redirection
...
Fix bad redirection when no default_redirection_url is provided
2017-11-01 21:41:08 +01:00
Clement Michaud
d1f0543ac6
Fix bad redirection when no default_redirection_url is provided
2017-11-01 21:17:43 +01:00
Clément Michaud
b37c0293b8
Merge pull request #193 from clems4ever/feature/support-basic-auth
...
Add support of basic auth for single-factor protected endpoints
2017-11-01 20:33:09 +01:00
Clement Michaud
009e7c2b78
Add basic authorization support for single-factor protected endpoints
...
One can now access a service using the basic authorization mechanism. Note the
service must not be protected by 2 factors.
The Remote-User and Remote-Groups are forwarded from Authelia like any browser
authentication.
2017-11-01 19:38:05 +01:00
Clement Michaud
e3e1235755
Fix unhandled error exception thrown by Bluebirds in tests
2017-11-01 16:30:51 +01:00
Clement Michaud
e93b98c1ec
Remove unused AuthenticationValidator
2017-11-01 15:35:55 +01:00
Clément Michaud
17a5e2ad6e
Merge pull request #187 from clems4ever/feature/fix-endpoints-restrictions
...
Fix endpoints redirection on errors
2017-11-01 15:01:23 +01:00
Clement Michaud
6b78240d39
Fix endpoints redirection on errors
...
From this commit on, api endpoints reply with a 401 error code and non api
endpoints redirect to /error/40X.
This commit also fixes missing restrictions on /loggedin (the "already logged
in page). This was not a security issue, though.
The change also makes error pages automatically redirect the user after few
seconds based on the referrer or the default_redirection_url if provided in the
configuration.
Warning: The old /verify endpoint of the REST API has moved to /api/verify.
You will need to update your nginx configuration to take this change into
account.
2017-11-01 14:46:23 +01:00
Clément Michaud
837884ef0d
Merge pull request #177 from clems4ever/fix-deployment-script
...
Fix deployment commands using npm and provided in README
2017-10-31 22:33:25 +01:00
Clement Michaud
6d11801d56
Change the how-to to build Authelia in the README
2017-10-31 22:11:01 +01:00
Clément Michaud
c1afde83f6
Merge pull request #185 from clems4ever/totp-issuer-and-label
...
Use issuer and label when generating otpauthURL for TOTP
2017-10-31 22:10:04 +01:00
Clement Michaud
54854bacb1
Use issuer and label when generating otpauthURL for TOTP
...
Issuer is customizable in configuration so that a company can set its own name
or website. If not provided, default value is 'authelia.com'.
The username is used as label.
2017-10-31 21:36:47 +01:00
Clement Michaud
87056c14e2
Fix npm package versions with package-lock.json
2017-10-31 07:37:15 +01:00
Clement Michaud
608b20a736
Add shared/ directory in .npmignore
2017-10-31 07:37:15 +01:00
Clement Michaud
73d5253297
Disable notifiers when server uses single factor method only
...
Notifier is not mandatory when authentication method is single_factor for
all sub-domains since there is no registration required.
2017-10-31 07:37:15 +01:00
Clement Michaud
3052c883a0
Improve UX of the second factor page
...
Start the U2F signing request when entering in the second factor page so that
the user only has to touch the token without any other clicks.
2017-10-31 07:27:36 +01:00
Clement Michaud
1e05c41a0c
Remove useless comment from first factor page
2017-10-31 07:27:36 +01:00
Clement Michaud
42019bf67d
Improve UX of the TOTP registration page
...
Mainly add badges and links to Google Play and Apple Store to get Google
Authenticator.
2017-10-31 07:27:36 +01:00
Clement Michaud
7b68a543bf
Strengthen password in LDAP using SHA512 crypt algorithm
...
Uses the crypt() function to do password encryption. This function handles
several schemes such as: MD5, Blowfish, SHA1, SHA2.
SHA-512 is used in Authelia for best security.
The algorithm is fully described in
https://www.akkadia.org/drepper/SHA-crypt.txt
The 'crypt3' npm package has been added as a dependency to use the crypt()
function. The package needs to be compiled in order to call the c function,
that's why python, make and C++ compiler are installed temporarily in the
Docker image.
2017-10-31 07:27:36 +01:00
Clement Michaud
22d56b1faa
Change basicauth.test.local into single_factor.test.local
2017-10-31 07:27:36 +01:00
Clement Michaud
969561f4ad
Add Content-Security-Policy in Authelia web pages
2017-10-31 07:27:36 +01:00
Clement Michaud
a3560ef8d3
Add possible security measures in README
2017-10-31 07:27:36 +01:00
Clement Michaud
869d55dfd1
Add a meta tag to avoid search engine indexing
2017-10-31 07:27:36 +01:00