RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,424 Commits
27 Branches
187 Tags
61 MiB
Commit Graph

3 Commits (e28674135713103a375977a39851fa74bb513778)

Author SHA1 Message Date
James Elliott c01759715c
fix(models): potential panic generating jti (#2669) 
This ensures that at the time the JWT is generated for identity verification requests that a panic can't occur and instead an error will be returned.
 2021-12-04 15:48:22 +11:00
James Elliott 255aaeb2ad
feat(storage): encrypt u2f key (#2664) 
Adds encryption to the U2F public keys. While the public keys cannot be used to authenticate, only to validate someone is authenticated, if a rogue operator changed these in the database they may be able to bypass 2FA. This prevents that.
 2021-12-03 11:04:11 +11:00
James Elliott 347bd1be77
feat(storage): encrypted secret values (#2588) 
This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330.

Closes #682
 2021-11-25 12:56:58 +11:00