cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-09-19 14:59:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,129 Commits 1 Branch 6 Tags 36 MiB
52b704baeb
Commit Graph

47 Commits

Author SHA1 Message Date
corubba
52b704baeb Set SameSite on cookies 
Setting this attribute on a cookie marks it as non-cross-site, so it
is only send in requests to our own server. It is reasonable that no
one else should need our session or csrf data. Setting it explicitly
also prevents any issues from the ongoing change in browser behaviour [0]
when it is unset.

Seasurf supports the SameSite attribute starting with v0.3. As nothing
obviously broke, I used the opportunity and updated all the way to the
most recent version.

The SeaSurf default for SameSite is already `Lax`, so it only needs to
be set for the session cookie.

[0] https://developers.google.com/search/blog/2020/01/get-ready-for-new-samesitenone-secure
 2022-06-18 18:51:42 +02:00
corubba
564ec6086d Replace pyOpenSSL with cryptography 
This is literally the example from the docs [0]. The only thing I
adapted are the parameters for the keys and certificate, so they
stay the same.

Fixes #1086

[0] https://cryptography.io/en/latest/x509/tutorial/#creating-a-self-signed-certificate
 2022-05-07 21:32:19 +02:00
KostasMparmparousis
c8d14d91fe cryptography-dependency-addition 2022-04-27 16:11:09 +03:00
vmarkop
c9d97642b3 Fixed werkzeug dependency 2022-03-29 10:30:19 +03:00
KostasMparmparousis
063d259af8 jinja-dependency-fix 2022-03-27 15:19:35 +03:00
vmarkop
5d8e277b3f pinned compatible itsdangerous version 2022-02-28 11:35:24 +02:00
dependabot[bot]
9ef0f2b8d6 Bump python-ldap from 3.3.1 to 3.4.0 
Bumps [python-ldap](https://github.com/python-ldap/python-ldap) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/python-ldap/python-ldap/releases)
- [Commits](https://github.com/python-ldap/python-ldap/compare/python-ldap-3.3.1...python-ldap-3.4.0)

---
updated-dependencies:
- dependency-name: python-ldap
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-12-17 12:08:19 +01:00
jbe-dw
1c9ca60508
fix: jsmin 2.2.2 no longer available. Use 3.0.0 (#1021) 2021-10-30 21:30:53 +02:00
dependabot[bot]
5f10f739ea
Bump pyyaml from 5.3.1 to 5.4 (#912) 2021-03-27 19:33:49 +01:00
jodygilbert
7f86730909
allow-server-side-sessions (#855) 2021-01-24 09:09:53 +01:00
Khanh Ngo
94eeae0cad
Downgrade to dnspython>=1.16.0 2020-10-10 21:52:46 +02:00
Khanh Ngo
75a30f14fb
Dockerfile and requirements.txt update 
- Fix bug in python requests module missing after delete py3-pip from build stage
- Downgrade the requirement of bcrypt to >=3.1.7 for older python3 version compatibility
 2020-10-10 21:47:58 +02:00
Khanh Ngo
0dfced4968
Upgrade pip packages 2020-10-10 20:27:09 +02:00
Christian Burmeister
6381d87ec3
Update gunicorn 19.7.1 -> 20.0.4 2020-03-13 00:22:32 +01:00
Khanh Ngo
7739bf7cfc
Add user email verification 2019-12-21 21:43:03 +07:00
Khanh Ngo
53a7545ccc
Upgrade mysqlclient package to work with MySQL 8.x #571 2019-12-07 18:10:06 +07:00
Khanh Ngo
8de6df4d3b Fix the tests 
Fix the tests

Fix the tests
 2019-12-06 10:59:19 +07:00
Khanh Ngo
8ea00b9484
Refactoring the code 
- Use Flask blueprint
- Split model and views into smaller parts
- Bug fixes
- API adjustment
 2019-12-02 10:32:03 +07:00
Khanh Ngo
dfce7eb537
Upgrade SQLAlchemy version to pass the security check. Set version for other libs in requirements.txt 2019-07-15 09:50:23 +07:00
Pavol Ipoth
1feb77e2f3 Add Api to PowerDNS-Admin 2019-03-01 23:50:04 +01:00
Robert Kerr
c456aa2e7a Add ttl_options setting 
Adds a new setting to define the options in the TTL dropdown when
editing a record. The setting is a comma separated string with the
valid options.
 2018-11-24 12:45:14 +00:00
Khanh Ngo
5f049debe5 Adding Flask-SeaSurf module for CSRF protection. 2018-11-21 10:24:33 +07:00
Khanh Ngo
add5fd3e52 Upgrade requests module to 2.20.0 as CVE-2018-18074 2018-10-31 16:53:27 +07:00
Chris Pritchard
8a20d3f2d8
migrated to authlib 2018-10-22 02:33:46 +01:00
Chris Pritchard
396ce14b9f
OIDC (#1) 
Implemented OIDC using authlib
 2018-10-21 23:38:12 +01:00
Khanh Ngo
65b0c6e9b9 Remove Flask-WTF from requirements.txt 2018-09-10 10:15:38 +07:00
Khanh Ngo
866a6b49a1
Upgrade Flask modules 2018-08-25 15:02:05 +07:00
Khanh Ngo
585985e4f0
Merge changes from master, PR #280 and resolve conflicts 2018-06-13 11:05:53 +07:00
Felix Kaechele
1bf869f508 Add webassets support 
Also updates AdminLTE to latest stable version.

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
 2018-06-11 21:16:28 +02:00
Khanh Ngo
ab0124b3e2 Update requirements.txt 2018-06-11 11:11:43 +07:00
Khanh Ngo
17a892b18d Resolve the conflicts for #228 2018-04-02 13:38:53 +07:00
Khanh Ngo
b5b3b77acb Adjustment to work with Python3 2018-03-30 13:49:35 +07:00
Jeroen Boonstra
e9aa2e6848 Fix typo 2018-02-01 08:59:54 +01:00
Jeroen Boonstra
efd0e976a2 Add pytz to requirements 2018-02-01 08:52:41 +01:00
thomasDOTde
9185d875c1 added missing dependencies 2018-01-22 23:01:45 +01:00
thomasDOTde
f067d0d5f0 fixed requirements. caused redirect loop 2017-10-31 18:14:38 +01:00
thomasDOTde
a9408a4bd9 updated requirement to support saml 2017-10-31 16:18:48 +01:00
Felix Kaechele
cae8f92c97 Replace py-bcrypt with bcrypt 
bcrypt is more common and better maintained

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
 2016-09-17 07:32:33 -07:00
Felix Kaechele
b8e38b4d2f Replace PyQRCode with qrcode 
qrcode is more common and better maintained

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
 2016-09-17 06:41:22 -07:00
Felix Kaechele
9b8c85c5c1 Replace onetimepass with pyotp 
pyotp is more common and better maintained

Signed-off-by: Felix Kaechele <felix@kaechele.ca>
 2016-09-17 06:37:20 -07:00
Felix Kaechele
8118ed0a75 Fix noeol in requirements.txt 
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
 2016-09-17 06:34:06 -07:00
Joachim Tingvold
9ec1ac3e46 Update requirements. 2016-08-19 23:25:53 +00:00
Khanh Ngo
7ef76484d0 Merge pull request #103 from timfeirg/master 
support github oauth2 login
 2016-08-14 09:28:15 +07:00
timfeirg
683f633d7d minor code style change 2016-08-13 00:49:53 +08:00
Zhuoyun Wei
635cc8c3b3 Users could use SQLite instead of MySQL 2016-08-12 16:15:38 +08:00
Khanh Ngo
f4e2c3b3df Add OTP authentication feature 2016-06-16 15:36:05 +07:00
Khanh Ngo
2dac8205f6 Initial commit 2015-12-13 16:34:12 +07:00