Commit Graph

139 Commits (92eb897a03caf9d8279b7fed81f8a2cd7cb0a67a)

Author SHA1 Message Date
Clement Michaud 40574bc8ec Fix the bypass strategy.
Before this fix an anonymous user was not able to access a resource
that were configured with a bypass policy. This was due to a useless
check of the userid in the auth session. Moreover, in the case of an
anonymous user, we should not check the inactivity period since there
is no session.

Also refactor /verify endpoint for better testability and add tests
in a new suite.
2019-03-22 23:51:36 +01:00
Clement Michaud 76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud 06aa9803bf Update the documentation to include info about suites and authelia-scripts. 2019-03-03 11:40:32 +01:00
Clement Michaud 82848b448b Fix some npm commands. 2019-03-03 11:39:40 +01:00
Clement Michaud 716ae9d378 Bump mocha to use forbidOnly and forbidPending options. 2019-03-03 11:39:40 +01:00
Clement Michaud a1c9bb6302 Improve authelia-scripts to add suites with Docker-based Authelia server. 2019-03-03 11:39:40 +01:00
Clement Michaud 4c138c1f27 Use authelia-scripts in travis. 2019-03-03 11:39:40 +01:00
Clement Michaud 5614bea827 Fix unit tests. 2019-03-03 11:39:40 +01:00
Clement Michaud c487ed0a37 Migrate more tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud efceb66ffa Migrate some tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud c5af4498ab Introduce the concept of suite in authelia-scripts. 2019-03-03 11:39:40 +01:00
Clement Michaud d2a547eca6 Fix e2e tests for complete configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud c5eb86e0fd Fix e2e test with minimal configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud eccf08b6b0 Authelia can be run locally while communicating with docker environment. 2019-03-03 11:39:40 +01:00
Clement Michaud 1bc0029651 Introduce authelia-cli to ease development cycle. 2019-03-03 11:39:40 +01:00
Clement Michaud 9d7155a969 Almost full authentication workflow with U2F and TOTP. 2019-03-03 11:39:40 +01:00
Clement Michaud fe14bde29b Backend and frontend are reloaded on code change. 2019-03-03 11:39:40 +01:00
Clement Michaud bc8897c35b 3.12.0 2019-03-03 11:35:53 +01:00
Clement Michaud b118ac5516 3.11.0 2019-02-09 23:42:59 +01:00
BankaiNoJutsu 3d1448d3cc fix permissions 2018-12-18 16:34:56 +01:00
BankaiNoJutsu 48c204fc68 added all themes, clean and backup of dist, --theme value check 2018-12-18 16:30:23 +01:00
BankaiNoJutsu 6bd9d04eb9 Added cleaning of dist folder before build, by adding grunt-clean, fixed css concat 2018-12-17 23:27:58 +01:00
Clement Michaud 8871ccd65e 3.10.0 2018-11-17 15:06:08 +01:00
Clement Michaud 43102d9fae Bump nyc dependency. 2018-11-15 22:24:57 +01:00
Clement Michaud 7c80515b34 Fix U2F authentication by upgrading libraries. 2018-11-06 15:45:01 +01:00
Clement Michaud 798b001986 Bump grunt and grunt-contrib-watch. 2018-11-03 16:19:05 +01:00
Clement Michaud e8c3205e0a Make Authelia compatible with Firefox.
Use the polyfill version of u2f API provided by Google.

https://github.com/mastahyeti/u2f-api

This polyfill is at least compatible with Chrome and
Firefox after enabling the U2F support.

[HOWTO] Enable U2F in Firefox >= 57:
Navigate to 'about:config' and search for 'u2f' option.
Double-click on the line to toggle the option.
2018-10-27 18:22:01 +02:00
Clement Michaud a21c15d451 Bump request package. 2018-10-13 19:21:32 +02:00
Clement Michaud 96ecea203f Update bootstrap and randomatic dependencies. 2018-10-13 10:16:18 +02:00
Clement Michaud e7ad831d4d 3.9.5 2018-08-30 11:35:24 +02:00
Clement Michaud e568459c53 3.9.4 2018-08-30 11:29:04 +02:00
Clement Michaud 5fd8150875 3.9.3 2018-08-29 00:01:29 +02:00
Clement Michaud 64f28379ac 3.9.2 2018-08-28 21:05:57 +02:00
Clement Michaud cedcb07ed0 3.9.1 2018-08-27 22:54:25 +02:00
Clement Michaud 920b2c4f6a 3.9.0 2018-08-26 14:27:17 +02:00
Clement Michaud 1f5a18d12a 3.8.3 2018-08-25 19:37:35 +02:00
Clément Michaud 6438a5e48f
Fix ECONNRESET when LDAP queries fail. (#261)
This commit should fix #225.

In order to avoid stalling LDAP connections, Authelia creates new
sessions for each set of queries bound to one authentication, i.e.,
one session for authentication, emails retrieval and groups
retrieval.
Before this commit, a failing query was preventing the session to
be closed (unbind was not called). Now, unbind is always called
whatever the outcome of the query.

I took the opportunity of this commit to refactor LDAP client in
order to prepare the work on users database stored in a file.
(#233)
2018-08-25 19:22:48 +02:00
Clement Michaud e50b798edc 3.8.2 2018-08-24 23:05:30 +02:00
Clément Michaud 0fd285f975
Replace npm api key to solve publication. (#260)
* Replace npm api key.

* 3.8.1
2018-08-24 23:03:54 +02:00
Clement Michaud 596f97fc1d 3.8.0 2018-08-19 16:52:23 +02:00
Clement Michaud 39555179e4 Bump all dependencies 2018-05-07 23:23:29 +02:00
Clement Michaud 4da5402cdf Add helmet dependency and add it as express middleware 2018-04-26 09:07:06 +02:00
Clement Michaud 479d7ddc09 3.7.1 2018-04-24 22:12:27 +02:00
Clement Michaud a64462d3da Update chrome driver to fix integration tests 2018-03-29 23:20:16 +02:00
Clement Michaud 0b2f6ace83 Fix unit and integration tests 2018-03-29 23:09:29 +02:00
Clement Michaud a5592252c7 Bump npm dependencies 2018-03-23 10:13:00 +01:00
Clement Michaud 3f6c375446 3.7.0 2017-11-28 22:40:42 +01:00
Clement Michaud 515a82eb8d Add links and tooltips at second factor stage to better guide the user
A link to U2F explains what is a U2F security key and how they are used.

A tooltip on U2F device registration link is telling the user he needs a
security key to register.
2017-11-28 21:56:50 +01:00
Clement Michaud ca885e4b15 Fix not working u2f when using Firefox
The u2f-api package does not use the official u2f script provided by Yubikey.
Unfortunately, it was blocked by Firefox.  This change reintroduces the
official u2f script.
2017-11-09 00:21:24 +01:00
Clement Michaud e3e1235755 Fix unhandled error exception thrown by Bluebirds in tests 2017-11-01 16:30:51 +01:00