Commit Graph

1321 Commits (f1968343c366e6a6e41fb104786f281edffbd833)

Author SHA1 Message Date
Clement Michaud 1bc0029651 Introduce authelia-cli to ease development cycle. 2019-03-03 11:39:40 +01:00
Clement Michaud 317611b099 Replace material-UI by material-components-web. 2019-03-03 11:39:40 +01:00
Clement Michaud 7c6023fee4 Remove themes directory. 2019-03-03 11:39:40 +01:00
Clement Michaud 419c883a8c Replace client by client-react. 2019-03-03 11:39:40 +01:00
Clement Michaud 605002a333 Complete rewrite of the UI. 2019-03-03 11:39:40 +01:00
Clement Michaud 694840790b Redirect to https://login.example.com to avoid errors due to https://localhost 2019-03-03 11:39:40 +01:00
Clement Michaud f61a052bf5 Authentication workflow is complete. 2019-03-03 11:39:40 +01:00
Clement Michaud 9d7155a969 Almost full authentication workflow with U2F and TOTP. 2019-03-03 11:39:40 +01:00
Clement Michaud fe14bde29b Backend and frontend are reloaded on code change. 2019-03-03 11:39:40 +01:00
Clement Michaud be357f8e69 First complete version of the Authelia frontend in React. 2019-03-03 11:38:51 +01:00
Clement Michaud 721ad59545 Add email confirmation page. 2019-03-03 11:38:51 +01:00
Clement Michaud 337f0df12a First design of second factor page. 2019-03-03 11:38:51 +01:00
Clement Michaud f5c653551a First design of first factor page. 2019-03-03 11:38:51 +01:00
Clement Michaud 9fe3d83c26 Move to typescript. 2019-03-03 11:38:51 +01:00
Clement Michaud a22d69d98b Create initial react boilerplate. 2019-03-03 11:38:51 +01:00
Clement Michaud 61742c1ec4 Add changelog for version 3.12.0. 2019-03-03 11:38:22 +01:00
Clement Michaud bc8897c35b 3.12.0 2019-03-03 11:35:53 +01:00
Clement Michaud 65ca1f0499 Add changelog for version 3.11.0. 2019-03-03 11:35:05 +01:00
Clément Michaud 12d0cf465b
Merge pull request #329 from ViViDboarder/ldap-member-uid-search
Add ability to search for groups using {uid}
2019-03-01 21:13:07 +01:00
ViViDboarder 264a94d4e7 Add ability to search for groups using {uid}
On some LDAP servers, the `uid` attribute is more like a guid, while the
username exists instead in a dedicated field, like `username`. This
means the `uid` is not necessarily equal to `username`.

This is allows referencing using the `uid` to search for groups in the same
way as `dn` so that one can explicitly match the `memberuid` to the `uid` for
the user without the assumptions that come with using `{0}`.
2019-02-27 21:34:18 -08:00
Clément Michaud 23e28ee659
Merge pull request #323 from clems4ever/sanitizer-error
Log error in LDAP input sanitizer to help with troubleshooting.
2019-02-12 00:21:23 +01:00
Clement Michaud 9f2d7fe37f Temporarily disable npm packaging tests. 2019-02-11 23:23:40 +01:00
Clement Michaud cc8cb36e04 Log error in LDAP input sanitizer to help with troubleshooting. 2019-02-11 23:01:29 +01:00
Clement Michaud b118ac5516 3.11.0 2019-02-09 23:42:59 +01:00
Clément Michaud ec71f848db
Merge pull request #320 from kevynb/patch-1
Fix dead link in docs/deployment-dev.md
2019-01-30 19:07:04 +01:00
Kevyn Bruyere ac004f266d
Fix dead link in docs/deployment-dev.md 2019-01-30 22:55:05 +08:00
Clément Michaud dc2d4d43ef
Merge pull request #309 from BankaiNoJutsu/master
Adding theming to Authelia. One can now build with any theme.
2019-01-08 23:42:18 +01:00
Clément Michaud 84b1194711
Merge branch 'master' into master 2019-01-08 21:32:28 +01:00
Clément Michaud e83af9b687
Merge pull request #316 from Tedyst/master
Modified regex in file database mode
2019-01-08 21:30:25 +01:00
Tedy Stoica 0bbf4dc299
Added "/" to regex 2019-01-08 12:52:17 +02:00
Tedy Stoica 99bc50f2ff
Modified regex 2019-01-08 12:15:20 +02:00
BankaiNoJutsu 17cc93425a fix config.minimal.yml user db path 2018-12-18 19:12:09 +01:00
BankaiNoJutsu 7d4a9c566b fix +x permissions on all scripts in folder 2018-12-18 18:02:20 +01:00
BankaiNoJutsu 5a11641ff3 fixed all scripts permissions +x 2018-12-18 17:55:37 +01:00
BankaiNoJutsu bace1159f5 fixed perm on travis.sh 2018-12-18 17:48:48 +01:00
BankaiNoJutsu 55c06b975e Add readme in themes folder, and remove uneccessary check in gruntfile 2018-12-18 17:36:01 +01:00
BankaiNoJutsu 3d1448d3cc fix permissions 2018-12-18 16:34:56 +01:00
BankaiNoJutsu 48c204fc68 added all themes, clean and backup of dist, --theme value check 2018-12-18 16:30:23 +01:00
BankaiNoJutsu 1e71815b00 added squares and triangles themes 2018-12-18 08:32:04 +01:00
BankaiNoJutsu dedd712039 added black theme and fixed main css matrix.js (not needed) 2018-12-18 07:47:07 +01:00
BankaiNoJutsu 6bd9d04eb9 Added cleaning of dist folder before build, by adding grunt-clean, fixed css concat 2018-12-17 23:27:58 +01:00
BankaiNoJutsu 08544858de Added Theming functionality and theme folder 2018-12-17 22:49:01 +01:00
Clément Michaud 6c4d06b2a8
Merge pull request #289 from clems4ever/remove-auth-methods
Introduce "bypass", "one_factor", "two_factor" and "deny" ACL rules
2018-11-17 18:44:36 +01:00
Clement Michaud b53d16d8a1 Introduce Subject and Object in authorization module. 2018-11-17 18:29:10 +01:00
Clement Michaud 97bfafb6eb [BREAKING] Flatten the ACL rules to enable some use cases.
With previous configuration format rules were not ordered between groups and
thus not predictable. Also in some cases `any` must have been a higher
precedence than `groups`. Flattening the rules let the user apply whatever
policy he can think of.

When several rules match the (subject, domain, resource), the first one is
applied.

NOTE: This commit changed the format for declaring ACLs. Be sure to update
your configuration file before upgrading.
2018-11-17 18:08:29 +01:00
Clement Michaud 2bc650fd97 Create a docker-compose.dev.yml to reproduce integration test cases. 2018-11-17 18:08:29 +01:00
Clement Michaud 9fc55543fd Integrate more policy options in ACL rules.
The possible values for ACL policies are now: bypass, one_factor, two_factor,
deny.

This change also deprecate auth_methods because the method is now associated
directly to a resource in the ACLs instead of a domain.
2018-11-17 18:08:29 +01:00
Clément Michaud d898fa2c0c
Merge pull request #293 from clems4ever/closed-redirection
Fix open redirection vulnerability.
2018-11-17 18:04:33 +01:00
Clement Michaud 42581dfe93 Fix open redirection vulnerability.
In order to redirect the user after authentication, Authelia uses
rd query parameter provided by the proxy. However an attacker could
use phishing to make the user be redirected to a bad domain. In order
to avoid the user to be redirected to a bad location, Authelia now
verifies the redirection URL is under the protected domain.
2018-11-17 17:48:20 +01:00
Clement Michaud 8871ccd65e 3.10.0 2018-11-17 15:06:08 +01:00