authelia

Commit Graph

Author	SHA1	Message	Date
James Elliott	365304a684	[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427 ) * Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same. * use strings.EqualFold to compare case insensitively * add docs * add unit tests * invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie) * add example PAM script * go mod tidy * go mod bump to 1.15	2020-12-02 10:03:44 +11:00
James Elliott	ffc87c1006	[DOCS] Fix Docs Links (#674 ) - Fixed a few broken links	2020-03-01 16:58:26 +11:00
Clément Michaud	adf7bbaf5b	[DOCS] Bootstrap new documentation website based on just-the-docs (#659 )	2020-02-29 01:43:59 +01:00

Author

SHA1

Message

Date

James Elliott

365304a684

[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427 )

* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15

2020-12-02 10:03:44 +11:00

James Elliott

ffc87c1006

[DOCS] Fix Docs Links (#674 )

- Fixed a few broken links

2020-03-01 16:58:26 +11:00

Clément Michaud

adf7bbaf5b

[DOCS] Bootstrap new documentation website based on just-the-docs (#659 )

2020-02-29 01:43:59 +01:00

3 Commits (f188bfb1dcd4af277715a0bd4cf25287da17e67a)