Commit Graph

28 Commits

Author SHA1 Message Date
Ymage
7d153932b3 Fix back_populate relationships 2022-12-22 22:50:01 +01:00
Matt Scott
8373363c4d
Merge pull request #1323 from jbe-dw/fixLDAPDeprecatedOpt
Draft: Fix pyhton-ldap upgrade
2022-12-13 20:56:03 -05:00
Aaron Carson
ff671ebabe Fix 1329 2022-12-14 00:34:12 +00:00
Jérôme BECOT
8d5b92402d
fix: Remove deprecated option OPT_X_TLS 2022-12-12 15:57:11 +01:00
Matt Scott
2cd8f60f8d
Merge pull request #1247 from unilogicbv/models_user_plain_text_password_guard
models/user.py: properly guard plain_text_password property
2022-12-08 22:10:21 -05:00
Pascal de Bruijn
846c03f154 models/user.py: add non-zero valid_window to totp.verify
PyOTP's totp.verify defaults to the valid_window of zero, which means
it will reject valid codes, if submitted just past the 30 sec window.
It also means, users will run into authentication issues very quickly
if their phones time-sync isn't perfect.

Therefore valid_window should at the very least be 1 or more, settting
it higher trades security for robustness, especially with regard to
time desync issues.
2022-09-07 14:23:34 +02:00
Pascal de Bruijn
4fd1b10018 models/user.py: properly guard plain_text_password property
Resolves the following issue, which occurs with force_otp enabled
and OAuth authentication sources:

File "/srv/powerdnsadmin/powerdnsadmin/models/user.py", line 481, in update_profile
  "utf-8") if self.plain_text_password else user.password
AttributeError: 'User' object has no attribute 'plain_text_password'
2022-09-06 15:31:43 +02:00
Jérôme BECOT
88df88f30b
fix: Active directory filter is broken 2022-05-24 13:58:45 +02:00
corubba
0e2cd063c5 Remove python v2 remnant
As vermin [0] confirms, the codebase has long moved beyond supporting
python v2 (which is not a bad thing). This removes the last explicit py2
piece of code.

And in case anyone wonders, vermin currently reports the minium version
to be v3.6.

[0] https://pypi.org/project/vermin/
2022-05-07 21:14:48 +02:00
Ricardo Melo
ee0511ff4c
[Fix] AD recursive problem
- Fixing #1011[https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/1011]
2022-04-11 08:49:38 -04:00
Vasileios Markopoulos
94a923a965
Add 'otp_force' basic setting (#1051)
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.

Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
2021-12-17 11:41:51 +01:00
Dominic Zöller
6f12b783a8 models.user: get_accounts(): order by name
The order of account names returned by User.get_accounts() affects the
order account names are displyed in on /domain/add if the current user
neither has the Administrator role nor the Operator role and the
`allow_user_create_domain` setting is enabled at the same time.

If the current user does have the Administrator or Operator role,
routes.domain.add() already returns accounts ordered by name, so this
change makes it consistent.
2021-12-04 16:09:15 +01:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes (#980) 2021-08-05 19:37:48 +02:00
jbe-dw
86700f8fd7
upd: improve user api (#878) 2021-03-16 19:39:53 +01:00
jbe-dw
2c18e5c88f
fix: User role was not assigned upon creation (#860) 2021-01-07 23:07:20 +01:00
Nick Douma
27f5c89f70 Manage Account membership on oidc login 2020-08-06 15:28:54 +02:00
Nick Douma
7ef6f5db4e Check if plain_text_password is falsish instead of empty string 2020-08-06 15:28:45 +02:00
Nicolás Fantone
52298f8289 Support login in through REMOTE_USER environment variable
Support redirecting remote users to logout URL and clearing remote login cookies
2020-05-22 15:31:24 +01:00
mathieu.brunot
acef820c54
🐛 Fix logger for LDAP group filter
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:40:14 +01:00
mathieu.brunot
b4b5673cf1
Merge branch 'master' of github.com:johnwarburton/PowerDNS-Admin into feat/groupofnames
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2020-01-08 23:19:51 +01:00
Khanh Ngo
e1c0b4a1b4
Fix missing import 2020-01-03 10:03:20 +07:00
Khanh Ngo
9533d8a5aa
Adjustment in user profile email
- Don't allow to update to new email address that currently used by another user
- Reset the confirmed status if verify_user_email setting is enabled
2019-12-22 09:19:35 +07:00
Khanh Ngo
d09a645300
Fix migration script and user model 2019-12-22 08:40:05 +07:00
Khanh Ngo
4bdd433079
Fix migration script and LGTM 2019-12-21 22:26:56 +07:00
Khanh Ngo
7739bf7cfc
Add user email verification 2019-12-21 21:43:03 +07:00
Khanh Ngo
354383f0ec
Fix missing import 2019-12-08 08:57:24 +07:00
Khanh Ngo
19401699ca
Fix #596 missing import 2019-12-07 20:46:14 +07:00
Khanh Ngo
8ea00b9484
Refactoring the code
- Use Flask blueprint
- Split model and views into smaller parts
- Bug fixes
- API adjustment
2019-12-02 10:32:03 +07:00