Commit Graph

33 Commits (c2dd244c9f5158fac5d41e4ad12ed1a2b4d0b425)

Author SHA1 Message Date
Clement Michaud b842792a16 Implement session inactivity timeout
This timeout will prevent an attacker from using a session that has been
inactive for too long.
This inactivity timeout combined with the timeout before expiration makes a
good combination of security mechanisms to prevent session theft.

If no activity timeout is provided, then the feature is disabled and only
session expiration remains as a protection.
2017-10-17 23:48:56 +02:00
Clement Michaud 9e275441c9 Refactor endpoints to get server variables as input parameters
This refactoring aims to ease testability and clean up a lot of soft touchy
typings in test code.

This is the first step of this refactoring introducing the concept and
implementing missing interfaces and stubs. At the end of the day,
ServerVariablesHandler should completely disappear and every variable should
be injected in the endpoint handler builder itself.
2017-10-17 23:04:28 +02:00
Clément Michaud 15615b2741 Merge branch 'develop' into publish-develop-to-docker 2017-10-15 22:49:58 +02:00
Clement Michaud e8e8c8f7da Publish 'develop' tag to dockerhub 2017-10-15 22:48:56 +02:00
Clement Michaud e8a1e7c52c Remove configuration schema from source since it is generated 2017-10-15 22:17:36 +02:00
Clement Michaud 8cf58d7b31 Add tests on headers forwarded to backend
Ensure Remote-User and Remote-Groups can be forwarded to the backend app.
2017-10-14 22:11:56 +02:00
Clement Michaud 09b4bcadd4 Deploy latest along with release tag
Prior to this fix, every master commits was released to Dockerhub under latest
tag and tagged commit was released with a version tag in Dockerhub.
'Latest' tag in dockerhub should reference the latest released version and not
the head of master branch.

Thus, after this fix, 'latest' tag references the latest released version of
Authelia and 'master' tag references the head of master git branch.
2017-10-08 18:56:18 +02:00
Clement Michaud bf56e378e0 Fail docker publication when login to docker fails 2017-10-08 16:11:05 +02:00
Clement Michaud d8ff186303 Split client and server
Client and server now have their own tsconfig so that the transpilation is only
done on the part that is being modified.

It also allows faster transpilation since tests are now excluded from tsconfig.
They are compiled by ts-node during unit tests execution.
2017-10-07 00:49:42 +02:00
Clement Michaud 4cd78f3f83 Add SMTP notifier as an available option in configuration
One can now plug its own SMTP server to send notifications
for identity validation and password reset requests.

Filesystem has been removed from the template configuration file
since even tests now use mail catcher (the fake webmail) to
retrieve the email and the confirmation link.
2017-09-24 23:20:45 +02:00
Clement Michaud 7128970a53 Add redirection URL as a query parameter during authentication
Before this fix, the redirection URL was stored in the user session,
but this has a big drawback since user could open several pages in
browser and thus override the redirection URL leading the user to
be incorrectly redirected.
2017-09-22 17:53:18 +02:00
FrozenDragoon 489dbf9e30 Merge branch 'master' into feature-dockercompose 2017-09-11 13:28:39 -05:00
Clement Michaud f4926ac138 Fix npm package missing dist directory 2017-09-09 00:43:19 +02:00
FrozenDragoon e644fe7b7b Split example scripts, allow running example using pre-built docker container (example-dockerhub) or build build from source, as it is now (example-commit). 2017-09-05 06:32:50 -05:00
Clement Michaud 20536abf8b Introduce LDAP filters to search users and groups for more flexibility. 2017-09-02 22:38:26 +02:00
Clement Michaud c12a085f8e Replace mocha integration tests by cucumber tests 2017-07-31 22:20:33 +02:00
Clement Michaud e45ac39c8f Add Mongo as scalable and resilient storage backend 2017-07-31 00:29:00 +02:00
Clement Michaud a64dbe08f8 Fix dev environment deployment when watching with Gruntfile 2017-07-17 22:37:34 +02:00
Clement Michaud c648a482d7 Tests deployment commands provided to users in README 2017-07-16 16:20:59 +02:00
Clement Michaud 7fd0f8e144 Fix example deployment script 2017-07-16 16:20:26 +02:00
Clement Michaud 74cbfc637b Add system tests to test the example from end user point of view 2017-07-16 14:55:01 +02:00
Clement Michaud 8f152d2328 Fix example environment 2017-07-14 19:05:42 +02:00
Clement Michaud d87b21fec0 Fix service checking in travis after adding redis service 2017-07-14 00:53:26 +02:00
Clement Michaud f516aaf243 Adding one integration test for redis 2017-07-14 00:25:11 +02:00
Clement Michaud e56c2492ed Fix integration test and package Travis scripts 2017-06-29 13:09:08 +02:00
Clement Michaud 1a6f3137eb npm install breaks because it does not find entrypoint file 2017-06-19 10:14:08 +02:00
Clement Michaud a84efdb8be Test npm deployment in CI 2017-06-16 21:11:54 +02:00
Clement Michaud 0d58d5bf23 Choose deployment based on tag or master branch depending on Travis env vars 2017-06-01 22:46:42 +02:00
Clement Michaud bf266648e1 Add more logs to the docker deployment script 2017-06-01 22:35:37 +02:00
Clement Michaud 3b619bf034 Add logs to the docker deployment script 2017-06-01 22:32:35 +02:00
Clement Michaud 96811c093b Tag docker image before pushing it to dockerhub 2017-06-01 22:22:48 +02:00
Clement Michaud 2dd64de2ed Adding docker-publish script to set of deployment scripts 2017-06-01 22:16:19 +02:00
Clement Michaud 8d662c1591 Install libgif-dev in travisci environment 2017-01-28 22:54:27 +01:00