Commit Graph

9 Commits (899246c374cd93649013bb299af510af79a2bcaa)

Author SHA1 Message Date
Clement Michaud 7b68a543bf Strengthen password in LDAP using SHA512 crypt algorithm
Uses the crypt() function to do password encryption. This function handles
several schemes such as: MD5, Blowfish, SHA1, SHA2.
SHA-512 is used in Authelia for best security.
The algorithm is fully described in
https://www.akkadia.org/drepper/SHA-crypt.txt

The 'crypt3' npm package has been added as a dependency to use the crypt()
function. The package needs to be compiled in order to call the c function,
that's why python, make and C++ compiler are installed temporarily in the
Docker image.
2017-10-31 07:27:36 +01:00
Clement Michaud 4cd78f3f83 Add SMTP notifier as an available option in configuration
One can now plug its own SMTP server to send notifications
for identity validation and password reset requests.

Filesystem has been removed from the template configuration file
since even tests now use mail catcher (the fake webmail) to
retrieve the email and the confirmation link.
2017-09-24 23:20:45 +02:00
Clement Michaud 64c06fd6b8 Parameterize authentication regulation via configuration file. Both for flexibility and for testing purposes. 2017-09-03 12:48:35 +02:00
Clement Michaud c12a085f8e Replace mocha integration tests by cucumber tests 2017-07-31 22:20:33 +02:00
Clement Michaud e56c2492ed Fix integration test and package Travis scripts 2017-06-29 13:09:08 +02:00
Clement Michaud ddf1e48535 Refactor client to make it responsive and testable 2017-06-16 18:16:38 +02:00
Clement Michaud 2a73b1a431 Add the access_control entry in the config file to allow the user to define per group rules to access the subdomains 2017-03-25 15:17:21 +01:00
Clement Michaud c7e4f76b9c Add an LDAP user search filter in the configuration filte to specify the user attribute to search for in LDAP 2017-03-16 01:25:55 +01:00
Clement Michaud d3db94105e Registration process sends an email to allow user to register its U2F device 2017-01-22 17:54:45 +01:00