514 Commits

Author	SHA1	Message	Date
Matt Scott	2e30b83545	Added jQuery Validation 1.19.5 to the project NPM configuration as well as the Flask assets build script for js_main.	2023-04-10 13:06:06 -04:00
Matt Scott	022e780d77	Working on authentication editor data saving workflow.	2023-04-10 12:49:12 -04:00
Matt Scott	0912dd2805	Working on Knockout model integration into existing authentication settings editor view. ... Settings are now loading via new backend API.	2023-04-10 07:39:21 -04:00
Matt Scott	827da59ae2	Working on Knockout model integration into existing authentication settings editor view.	2023-04-09 10:26:07 -04:00
Matt Scott	737e104912	Added KnockoutJS NPM package. ... Re-formatted and re-organized settings model. Working on Knockout model integration into existing authentication settings editor view.	2023-04-09 10:11:00 -04:00
Matt Scott	ece9626212	Updated the OAuth login handlers to utilize uniform user naming variables. ... Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.	2023-04-08 18:14:40 -04:00
Matt Scott	9168dd99e0	Updated the OAuth login handlers to utilize uniform user naming variables. ... Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.	2023-04-08 18:11:55 -04:00
Matt Scott	a46ab760fd	Reorganized universal OAuth fields' order to a uniform standard. Also updated the Client ID field prompts to a uniform standard.	2023-04-08 17:40:30 -04:00
Matt Scott	ee9012fa24	Completed OAuth change to make the use of the metadata URL setting exclusive to the authorization and token URL settings. If the former is defined, it will be used in preference to the latter.	2023-04-08 17:14:55 -04:00
Matt Scott	ab4495dc46	Completed the implementation of the SERVER_EXTERNAL_SSL environment setting into the app config files. ... Completed the implementation of the aforementioned environment setting into the OAuth workflows. Documented the aforementioned setting in the Environment-variables.md wiki document.	2023-04-08 17:05:27 -04:00
Stefan Ubbink	a2429ad9d6	Make it possible again to use a different Zone Type than 'native', fixes #1501	2023-04-02 20:46:32 +02:00
Matt Scott	19335439bd	Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used. ... For additional information, reference GitHub issue #1499.	2023-04-02 09:19:05 -04:00
Rauno Tuul	e0dffff325	Fix activity search form structure	2023-03-25 11:47:58 +02:00
Nigel Kukard	a954800869	fix(api): fixed internal server error being generated from invalid UTF-8 encoded X-API-KEY	2023-03-22 01:27:52 +00:00
Nigel Kukard	138532fb95	fix: allow the specification of any combination of groups in LDAP group security configuration ... Previous behavior required the specification of all three group security groups before the "Save Settings" button would be enabled. This adds a check into users.py which checks that the group is set before searching and removes the javascript preventing the specification of any combination of groups. Tested: - Tested all combinations on AD after MR 1238 - Tested all combinations on OpenLDAP - Tested enabling the Group Security with no groups set which correctly prevents login Resolves #1462	2023-03-18 20:30:52 +00:00
Matt Scott	c24b4b047d	Merge pull request #1461 from nkukard/nkupdates-fix-session-clear ... fix: fixed session clearing and let logout_user take care of cleanup	2023-03-18 16:05:20 -04:00
Matt Scott	defb3e5a48	Merge pull request #1238 from melck/fix-ldap-ad-nested-member ... Fix LDAP user group search for nested groups #1238	2023-03-18 16:03:48 -04:00
Nigel Kukard	f44ff7d261	fix: fixed session clearing and let logout_user take care of cleanup ... It seems when logging in and logging out, then logging back in, setting the session timeout to 5 minutes, then waiting for expiry can cause a situation when using SQLA-based sessions which results in a NULL field in the database and causes a persistent 500 Internal Server Error. As per issue 1439 here is a fix found by @raunz. Resolves #1439. Tested for about 8 hours and tons and tons of expired sessions, could not reproduce with the fix applied.	2023-03-18 19:14:58 +00:00
Matt Scott	a25dda8ac1	Made some formatting tweaks to the authentication settings view to unify section header styling. ... Corrected improper markup introduced by recent PR for password complexity requirements.	2023-03-17 15:50:08 -04:00
Matt Scott	78f0332a2d	Merge branch 'dev' into nkupdates-password-policy	2023-03-17 15:31:10 -04:00
Matt Scott	4fa8bf2556	Merge pull request #1454 from nkukard/nkupdates-fix-basic-auth-exception2 ... fix(auth:basic): Basic auth exception handling improvement	2023-03-17 15:28:20 -04:00
Nigel Kukard	64017195da	feat(authentication): check password policy during user profile password change	2023-03-17 03:45:37 +00:00
Nigel Kukard	fc14e9189d	feat(authentication): check password policy during registration of new users	2023-03-17 03:45:09 +00:00
Nigel Kukard	1cea4b7ce3	feat(authentication): added password policy checker function	2023-03-17 03:44:08 +00:00
Nigel Kukard	bb6d2d0497	feat(authentication): added admin settings for password policies	2023-03-17 03:42:45 +00:00
Stefan Ubbink	a9e18ec594	Make sure old history items will also be shown	2023-03-16 18:36:47 +01:00
Stefan Ubbink	a2d1179fd2	Change domain(s) to zone(s) in the python code and docs	2023-03-16 17:02:23 +01:00
Stefan Ubbink	34902f6cf9	Change domain(s) to zone(s) in the templates	2023-03-16 17:02:23 +01:00
Nigel Kukard	17e3a8f942	fix(auth:basic): Basic auth exception handling improvement ... Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a username, password = auth_header.split(). Similary passing a `Digest` authentication type would result in an exception as there is no :. Thirdly passing invalid base64 encoded UTF-8 code sequences would result in exceptions as this issue (#1424). I added code to check explicitly that we are doing basic authentication then by checking the number of entries returned by the split. I also added exception handling for invalid UTF-8 code sequence exceptions. Tested with a fuzzer. Tested with valid and invalid credentials. This fixes #1424.	2023-03-15 01:09:46 +00:00
Nigel Kukard	24f94abc32	fix(auth:basic): improved API basic auth handling to avoid exceptions ... Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a `username, password = auth_header.split()`. I refactored the code in this decorator by checking explicitly that we are doing basic authentication then by checking the number of entries returned by the split. I also added exception handling for invalid UTF-8 code sequences. Tested with a fuzzer. Tested with valid and invalid credentials. This fixes #1447.	2023-03-14 23:19:40 +00:00
Stefan Ubbink	6eef5eb59c	Make the OTP label the same as the site_name #1237	2023-03-13 18:54:49 +01:00
benshalev849	bd30c73ca4	Merge branch 'dev' into custom_current_user	2023-03-12 17:23:44 +02:00
Matt Scott	84cfd165b4	Re-arranged side navigation to include the "Global Search" feature regardless of user role as the global search feature is now accessible to all users. ... Also moved the "Activity" feature link higher in the menu to remove duplicate code from the navigation code base.	2023-03-12 10:27:04 -04:00
Your Name	ee68b18e27	Added custom header in created_by segment option	2023-03-12 13:36:30 +00:00
Matt Scott	1afe9b4908	Finished adding new OAuth Server Metadata URL setting to Google, GitHub, and Microsoft OAuth service configuration features.	2023-03-12 09:13:54 -04:00
Matt Scott	fd30e3ff49	Added new JWKS URL setting for each OAuth provider and updated the associated authorization service to use the setting during the initialization of the authlib.	2023-03-11 14:46:58 -05:00
Matt Scott	87891a3eb9	Re-formatted the assets.py file to current PEP8 standards. ... Modified the yarn.lock file to remove what appears to be a dependency overwrite for Font Awesome icons which results in an older 5.x release overwriting the newer 6.x release.	2023-03-11 08:48:19 -05:00
Matt Scott	dd867eb4e8	Added application version to base template footer, starting with the next planned production release of 0.4.0.	2023-03-10 18:43:20 -05:00
Matt Scott	cb929c3265	Tweaked the assets.py build script to switch to rcssmin for the login CSS build process.	2023-03-10 18:16:55 -05:00
Matt Scott	c617aa1483	Merge branch 'raunz-session_type_sqlalchemy' into dev	2023-03-10 16:35:22 -05:00
Matt Scott	356667f989	Tweaked PR to include the latest asset build changes for CSS minimizer. Also updated the default session storage to use SQLAlchemy instead of the file system.	2023-03-10 16:34:55 -05:00
Matt Scott	1d6fdb1c23	Merge branch 'session_type_sqlalchemy' of github.com:raunz/PowerDNS-Admin into raunz-session_type_sqlalchemy	2023-03-10 16:27:06 -05:00
Matt Scott	26f3f79388	Corrected unauthorized side navigation change regarding the placement of the "Global Search" feature. ... Removed the statistics and recent activity / history data display from the dashboard view.	2023-03-10 16:23:33 -05:00
Matt Scott	6be6f3d389	Updated core project to also use rcssmin filter.	2023-03-10 16:10:42 -05:00
Rauno Tuul	aa70951964	Read flask session type from environment variable and create sessions table if not exist.	2023-03-08 17:05:32 +02:00
Rauno Tuul	68d9fb3755	Support multiple Flask session types, not just filesystem. Set via generic SESSION_TYPE environment variable	2023-03-08 12:08:07 +02:00
Lukas	d055fd83c5	Documentation, Fix	2023-03-08 08:52:27 +01:00
Matt Scott	4933351ac1	Revert "Revert "Clean up dashboard zone tabs"" ... This reverts commit 5f2fc514df.	2023-03-06 08:30:00 -05:00
Matt Scott	5f2fc514df	Revert "Clean up dashboard zone tabs" ... This reverts commit fc39cc40ee.	2023-03-04 11:27:44 -05:00
Matt Scott	9003b3f6c8	Merge pull request #1422 from corubba/feature/dashboard-tab-cleanup ... Clean up dashboard zone tabs	2023-03-04 11:03:57 -05:00