Clement Michaud
1bc0029651
Introduce authelia-cli to ease development cycle.
2019-03-03 11:39:40 +01:00
Clement Michaud
317611b099
Replace material-UI by material-components-web.
2019-03-03 11:39:40 +01:00
Clement Michaud
7c6023fee4
Remove themes directory.
2019-03-03 11:39:40 +01:00
Clement Michaud
419c883a8c
Replace client by client-react.
2019-03-03 11:39:40 +01:00
Clement Michaud
605002a333
Complete rewrite of the UI.
2019-03-03 11:39:40 +01:00
Clement Michaud
694840790b
Redirect to https://login.example.com to avoid errors due to https://localhost
2019-03-03 11:39:40 +01:00
Clement Michaud
f61a052bf5
Authentication workflow is complete.
2019-03-03 11:39:40 +01:00
Clement Michaud
9d7155a969
Almost full authentication workflow with U2F and TOTP.
2019-03-03 11:39:40 +01:00
Clement Michaud
fe14bde29b
Backend and frontend are reloaded on code change.
2019-03-03 11:39:40 +01:00
Clement Michaud
be357f8e69
First complete version of the Authelia frontend in React.
2019-03-03 11:38:51 +01:00
Clement Michaud
721ad59545
Add email confirmation page.
2019-03-03 11:38:51 +01:00
Clement Michaud
337f0df12a
First design of second factor page.
2019-03-03 11:38:51 +01:00
Clement Michaud
f5c653551a
First design of first factor page.
2019-03-03 11:38:51 +01:00
Clement Michaud
9fe3d83c26
Move to typescript.
2019-03-03 11:38:51 +01:00
Clement Michaud
a22d69d98b
Create initial react boilerplate.
2019-03-03 11:38:51 +01:00
Clement Michaud
61742c1ec4
Add changelog for version 3.12.0.
2019-03-03 11:38:22 +01:00
Clement Michaud
bc8897c35b
3.12.0
2019-03-03 11:35:53 +01:00
Clement Michaud
65ca1f0499
Add changelog for version 3.11.0.
2019-03-03 11:35:05 +01:00
Clément Michaud
12d0cf465b
Merge pull request #329 from ViViDboarder/ldap-member-uid-search
...
Add ability to search for groups using {uid}
2019-03-01 21:13:07 +01:00
ViViDboarder
264a94d4e7
Add ability to search for groups using {uid}
...
On some LDAP servers, the `uid` attribute is more like a guid, while the
username exists instead in a dedicated field, like `username`. This
means the `uid` is not necessarily equal to `username`.
This is allows referencing using the `uid` to search for groups in the same
way as `dn` so that one can explicitly match the `memberuid` to the `uid` for
the user without the assumptions that come with using `{0}`.
2019-02-27 21:34:18 -08:00
Clément Michaud
23e28ee659
Merge pull request #323 from clems4ever/sanitizer-error
...
Log error in LDAP input sanitizer to help with troubleshooting.
2019-02-12 00:21:23 +01:00
Clement Michaud
9f2d7fe37f
Temporarily disable npm packaging tests.
2019-02-11 23:23:40 +01:00
Clement Michaud
cc8cb36e04
Log error in LDAP input sanitizer to help with troubleshooting.
2019-02-11 23:01:29 +01:00
Clement Michaud
b118ac5516
3.11.0
2019-02-09 23:42:59 +01:00
Clément Michaud
ec71f848db
Merge pull request #320 from kevynb/patch-1
...
Fix dead link in docs/deployment-dev.md
2019-01-30 19:07:04 +01:00
Kevyn Bruyere
ac004f266d
Fix dead link in docs/deployment-dev.md
2019-01-30 22:55:05 +08:00
Clément Michaud
dc2d4d43ef
Merge pull request #309 from BankaiNoJutsu/master
...
Adding theming to Authelia. One can now build with any theme.
2019-01-08 23:42:18 +01:00
Clément Michaud
84b1194711
Merge branch 'master' into master
2019-01-08 21:32:28 +01:00
Clément Michaud
e83af9b687
Merge pull request #316 from Tedyst/master
...
Modified regex in file database mode
2019-01-08 21:30:25 +01:00
Tedy Stoica
0bbf4dc299
Added "/" to regex
2019-01-08 12:52:17 +02:00
Tedy Stoica
99bc50f2ff
Modified regex
2019-01-08 12:15:20 +02:00
BankaiNoJutsu
17cc93425a
fix config.minimal.yml user db path
2018-12-18 19:12:09 +01:00
BankaiNoJutsu
7d4a9c566b
fix +x permissions on all scripts in folder
2018-12-18 18:02:20 +01:00
BankaiNoJutsu
5a11641ff3
fixed all scripts permissions +x
2018-12-18 17:55:37 +01:00
BankaiNoJutsu
bace1159f5
fixed perm on travis.sh
2018-12-18 17:48:48 +01:00
BankaiNoJutsu
55c06b975e
Add readme in themes folder, and remove uneccessary check in gruntfile
2018-12-18 17:36:01 +01:00
BankaiNoJutsu
3d1448d3cc
fix permissions
2018-12-18 16:34:56 +01:00
BankaiNoJutsu
48c204fc68
added all themes, clean and backup of dist, --theme value check
2018-12-18 16:30:23 +01:00
BankaiNoJutsu
1e71815b00
added squares and triangles themes
2018-12-18 08:32:04 +01:00
BankaiNoJutsu
dedd712039
added black theme and fixed main css matrix.js (not needed)
2018-12-18 07:47:07 +01:00
BankaiNoJutsu
6bd9d04eb9
Added cleaning of dist folder before build, by adding grunt-clean, fixed css concat
2018-12-17 23:27:58 +01:00
BankaiNoJutsu
08544858de
Added Theming functionality and theme folder
2018-12-17 22:49:01 +01:00
Clément Michaud
6c4d06b2a8
Merge pull request #289 from clems4ever/remove-auth-methods
...
Introduce "bypass", "one_factor", "two_factor" and "deny" ACL rules
2018-11-17 18:44:36 +01:00
Clement Michaud
b53d16d8a1
Introduce Subject and Object in authorization module.
2018-11-17 18:29:10 +01:00
Clement Michaud
97bfafb6eb
[BREAKING] Flatten the ACL rules to enable some use cases.
...
With previous configuration format rules were not ordered between groups and
thus not predictable. Also in some cases `any` must have been a higher
precedence than `groups`. Flattening the rules let the user apply whatever
policy he can think of.
When several rules match the (subject, domain, resource), the first one is
applied.
NOTE: This commit changed the format for declaring ACLs. Be sure to update
your configuration file before upgrading.
2018-11-17 18:08:29 +01:00
Clement Michaud
2bc650fd97
Create a docker-compose.dev.yml to reproduce integration test cases.
2018-11-17 18:08:29 +01:00
Clement Michaud
9fc55543fd
Integrate more policy options in ACL rules.
...
The possible values for ACL policies are now: bypass, one_factor, two_factor,
deny.
This change also deprecate auth_methods because the method is now associated
directly to a resource in the ACLs instead of a domain.
2018-11-17 18:08:29 +01:00
Clément Michaud
d898fa2c0c
Merge pull request #293 from clems4ever/closed-redirection
...
Fix open redirection vulnerability.
2018-11-17 18:04:33 +01:00
Clement Michaud
42581dfe93
Fix open redirection vulnerability.
...
In order to redirect the user after authentication, Authelia uses
rd query parameter provided by the proxy. However an attacker could
use phishing to make the user be redirected to a bad domain. In order
to avoid the user to be redirected to a bad location, Authelia now
verifies the redirection URL is under the protected domain.
2018-11-17 17:48:20 +01:00
Clement Michaud
8871ccd65e
3.10.0
2018-11-17 15:06:08 +01:00