Commit Graph

91 Commits (da5892faad574f732ff26563f24a480a385e7046)

Author SHA1 Message Date
James Elliott 2763aefe81
[BUGFIX] Static Session Expiration Key (#1564)
* [BUGFIX] Static Session Expiration Key

* keys for session expiration are random for each instance of Authelia
* this is caused by upstream setting it to a random value
* using a temporary bugfix fork of github.com/fasthttp/session to resolve locally
* add some misc doc additions
2020-12-29 12:44:47 +11:00
James Elliott 365304a684
[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427)
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15
2020-12-02 10:03:44 +11:00
dependabot-preview[bot] f1968343c3
[MISC] (deps): Bump github.com/spf13/viper from 1.7.0 to 1.7.1 (#1251)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.7.0...v1.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 09:07:38 +10:00
dependabot-preview[bot] b9eb94f658
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.8.0 to 4.8.1 (#1244)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.8.0...v4.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-31 12:10:51 +10:00
dependabot-preview[bot] 07c4e96927
[MISC] (deps): Bump github.com/golang/mock from 1.4.3 to 1.4.4 (#1242)
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.3...v1.4.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-30 09:44:38 +02:00
dependabot-preview[bot] e0774d1524
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.3 to 1.2.4 (#1223)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.3...v1.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 11:29:01 +02:00
dependabot-preview[bot] fd0de434c4
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.2 to 4.8.0 (#1221)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.2...v4.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 00:26:03 +02:00
dependabot-preview[bot] ebd391d67a
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.2.0 to 2.2.1 (#1219)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.2.0...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-24 23:43:11 +02:00
dependabot-preview[bot] 3ae95e6bf0
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.1 to 2.2.0 (#1217)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.1...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 12:11:12 +10:00
dependabot-preview[bot] 9134b0aa8e
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.2 to 1.2.3 (#1216)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.2...v1.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 11:37:22 +10:00
dependabot-preview[bot] 0b18d08f01
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.2 to 3.2.3 (#1213)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.2...v3.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-20 12:05:19 +10:00
dependabot-preview[bot] eb638ec579
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.1 to 4.7.2 (#1207)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.1...v4.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-17 09:29:24 +10:00
James Elliott ea1fae6491
[MISC] Storage Schema Versioning Model (#1057)
* [MISC] Storage Schema Versioning Model 

* fixup go.sum
* remove pq
* fix int to text issue
* fix incorrect SQL text
* use key_name vs key
* use transactions for all queries during upgrades
* fix missing parenthesis
* move upgrades to their own file
* add provider name for future usage in upgrades
* fix missing create config table values
* fix using the const instead of the provider SQL
* import logging once and reuse
* update docs
* remove db at suite teardown
* apply suggestions from code review
* fix mysql
* make errors more uniform
* style changes
* remove commented code sections
* remove commented code sections
* add schema version type
* add sql mock unit tests
* go mod tidy
* test blank row situations
2020-07-16 15:56:08 +10:00
dependabot-preview[bot] e5d02d4b06
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.14.0 to 1.15.1 (#1200)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.14.0 to 1.15.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.14.0...v1.15.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 23:32:54 +02:00
dependabot-preview[bot] c5c41c6111
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.1 to 3.2.2 (#1199)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 11:01:35 +10:00
dependabot-preview[bot] 24ea88156b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.0 to 3.2.1 (#1152)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.0...v3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 10:21:14 +10:00
dependabot-preview[bot] 0e206660ef
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.11 to 3.2.0 (#1128)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.11 to 3.2.0.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.11...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:57:16 +10:00
dependabot-preview[bot] 53ea5a067a
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.1 to 1.2.2 (#1116)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 22:27:45 +02:00
dependabot-preview[bot] 9ae68999e8
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.10 to 3.1.11 (#1115)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.10 to 3.1.11.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.10...v3.1.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-15 10:56:29 +10:00
dependabot-preview[bot] 532ccb8fdf
[MISC] (deps): Bump github.com/lib/pq from 1.6.0 to 1.7.0 (#1106)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-11 10:24:18 +10:00
dependabot-preview[bot] 1a82d3192b
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.7 to 1.2.1 (#1102)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.7 to 1.2.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.7...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-09 23:14:15 +02:00
dependabot-preview[bot] a08856a7dd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7 (#1099)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.6...v1.1.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Update go.sum

* Update go.sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 11:08:49 +10:00
dependabot-preview[bot] cd38e9aa3f
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.0 to 2.1.1 (#1098)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.0...v2.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 09:27:17 +10:00
dependabot-preview[bot] ef0c0fe8bf
[MISC] (deps): Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 (#1095)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 08:35:03 +10:00
Amir Zarrinkafsh 33e5677f87
[MISC] Update and clean go.mod/go.sum (#1076) 2020-06-04 13:34:25 +10:00
dependabot-preview[bot] 94a5386aff
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.5 to 1.1.6 (#1079)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.5...v1.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 21:12:15 +02:00
dependabot-preview[bot] 431d059c2e
[MISC] (deps): Bump github.com/lib/pq from 1.5.2 to 1.6.0 (#1067)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 09:52:45 +10:00
dependabot-preview[bot] 844a4c58d1
[MISC] (deps): Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 (#1066)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 08:52:59 +10:00
dependabot-preview[bot] 5d3f010a1f
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.4 to 1.1.5 (#1058)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:53:52 +02:00
dependabot-preview[bot] 54fe2a9abd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.3 to 1.1.4 (#1054)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.3...v1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-26 21:32:37 +02:00
dependabot-preview[bot] 9eda7fb612
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.0.2 to 2.1.0 (#1055)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.0.2...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:20 +02:00
dependabot-preview[bot] 2b8a8a24a1
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.12.0 to 1.13.1 (#1056)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.12.0 to 1.13.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.12.0...v1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:10 +02:00
dependabot-preview[bot] 00fa11020e
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3 (#1048)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* fix sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-25 08:54:38 +10:00
dependabot-preview[bot] 70e0bba1d1
[MISC] (deps): Bump github.com/otiai10/copy from 1.1.1 to 1.2.0 (#1047)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 21:31:04 +02:00
dependabot-preview[bot] b5f27b7451
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.1 to 1.1.2 (#1041)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 08:04:45 +10:00
Clément Michaud fe5ebfb75a
[FEATURE] Bump to fasthttp/session/v2 to support redis unix socket. (#1001)
* [FEATURE] Bump to fasthttp/session/v2 to support redis unix socket.

* Fix lint issues.

* Remove v1 import and fix double import.

* [DOCS] Document use of redis unix socket.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-18 12:45:47 +10:00
James Elliott 73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00
dependabot-preview[bot] 8339b095c9
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.0 to 1.1.1 (#1016)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-14 08:08:34 +10:00
dependabot-preview[bot] e259e6182e
[MISC] (deps): Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 (#1017)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.8 to 2.3.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.8...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-14 07:19:17 +10:00
dependabot-preview[bot] 7718c48e68
[MISC] (deps): Bump github.com/spf13/viper from 1.6.3 to 1.7.0 (#1005)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.6.3 to 1.7.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.6.3...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-11 09:41:48 +10:00
dependabot-preview[bot] e2785e37c0
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.4 to 1.1.0 (#1004)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.4...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-11 09:16:49 +10:00
dependabot-preview[bot] 3d43e98bcf
[MISC] (deps): Bump github.com/lib/pq from 1.5.1 to 1.5.2 (#995)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.1...v1.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-09 02:24:24 +10:00
dependabot-preview[bot] df1fd31092
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.9 to 3.1.10 (#991)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.9 to 3.1.10.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.9...v3.1.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-08 11:20:46 +10:00
dependabot-preview[bot] 6aa97fa56b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.8 to 3.1.9 (#986)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.8 to 3.1.9.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.8...v3.1.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-06 20:44:35 +02:00
Amir Zarrinkafsh 87053c9312
[CI] Add linters: asciicheck, nolintlint and unconvert (#978) 2020-05-05 14:43:46 +10:00
dependabot-preview[bot] 2da79d6599
[MISC] (deps): Bump github.com/lib/pq from 1.5.0 to 1.5.1 (#972)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.0...v1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 20:54:18 +02:00
dependabot-preview[bot] e6caac7db0
[MISC] (deps): Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 (#968)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-04 07:55:02 +10:00
dependabot-preview[bot] 8d06187a17
[MISC] (deps): Bump github.com/lib/pq from 1.4.0 to 1.5.0 (#969)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.4.0...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 06:57:29 +10:00
Amir Zarrinkafsh f8bd506326
[FEATURE] Embed static assets in Go binary (#916)
* [FEATURE] Embed static assets in Go binary

* Refactor/consolidate code and specify public_html via configuration

* Update docs and config template for assets

* Update AUR package pre-requisites and systemd unit

* Include static assets as Buildkite and GitHub artifacts

* Remove references to PUBLIC_DIR

* Only serve assets via embedded filesystem and remove configuration references

* Update authelia-scripts helper to build the embedded filesystem

* Mock the embedded filesystem for unit tests
Add to gitignore to ensure this isn't overwritten.

* Move go:generate to satisfy linter
2020-04-29 00:07:20 +10:00
dependabot-preview[bot] 5d2b7a1398
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.3 to 1.0.4 (#923)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.3...v1.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-26 20:43:59 +02:00