The dashboard.domains_custom route was hardcoded to either return all
the domains, or at most 100, regardless of default_domain_table_size
setting.
Make this limit be dependent on default_domain_table_size instead.
The API will now limit to 100 or default_domain_table_size, whichever
one is higher. This is done to not break any seconday use-cases that
might depend on the hardcoded setting.
It seems when logging in and logging out, then logging back in, setting
the session timeout to 5 minutes, then waiting for expiry can cause
a situation when using SQLA-based sessions which results in a NULL field
in the database and causes a persistent 500 Internal Server Error.
As per issue 1439 here is a fix found by @raunz.
Resolves#1439.
Tested for about 8 hours and tons and tons of expired sessions, could not
reproduce with the fix applied.
Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a username, password = auth_header.split().
Similary passing a `Digest` authentication type would result in an exception as there is no :.
Thirdly passing invalid base64 encoded UTF-8 code sequences would result in exceptions as this issue (#1424).
I added code to check explicitly that we are doing basic authentication then by checking the number of entries returned by the split.
I also added exception handling for invalid UTF-8 code sequence exceptions.
Tested with a fuzzer.
Tested with valid and invalid credentials.
This fixes#1424.
* Rename `customBoxes` to be more descriptive and follow CamelCase name convention for classes
* Change the tab info from a tuple to a named tuple
* Change all access to the tab info tuple from index to (new) property name
* Rename/Relabel the tabs
* Add docstrings
* Simplify the domain filter logic
* Simplify/Unify the tab html template
This commit adds support for the `oidc_oauth_metadata_url` configuration
option. This option specifies the URL of the OIDC server's
metadata endpoint, which contains information about the OIDC server's
endpoints, supported scopes, and other configuration details. By using this
option, we can ensure compatibility with different OIDC servers and reduce
the risk of errors due to manual endpoint configuration.
Added server-side logic for register.html validation
Keep form firelds on register.html in the event of wrong input fields to save users from retyping info
More button rounding
