4dab950efc
Reverting a bad change I made to remove a deprecated feature that is removed in Flask 2.3.
2023-11-24 09:28:21 -05:00
09014bf4a9
Correcting case-sensitivity issue with zone type comparison.
2023-11-24 09:03:39 -05:00
28c63abea4
Updated the index router to pivot from the use of the deprecated before_app_first_request event to the replacement of record_once.
2023-11-24 08:18:20 -05:00
5147d72999
Fixes local user setup to perform case-insensitive verification of existing usernames / emails ( #1658 )
2023-11-24 08:07:20 -05:00
4442577b0b
Created a new model to represent the Flask-Session storage schema sessions with a method for removing expired sessions.
...
Added a trigger for the Flask-Session model's session clean-up method to the `before_request` handler of the user router.
2023-11-24 06:26:38 -05:00
ad9e4938bc
Add additional log information
...
Print out the message returned by create_local_user() when it fails to create a new local user.
2023-08-31 16:25:12 +10:00
08c39c64c2
Fix non rr_set events in Zone Changelog display
...
This will resolve #1566
2023-06-22 12:03:42 -04:00
601539f16e
Removed unnecessary parenthesis.
2023-04-14 19:00:39 -04:00
ccd7373efe
Corrected issue with encoding / decoding of dictionary and list type settings values.
...
Updated zone record settings management to use valid JSON format with backwards compatibility support for the non-JSON literal format.
2023-04-14 18:52:27 -04:00
c842d09195
Overhauled app settings implementation to remove redundancy of definitions. Additionally, re-factored settings initialization code to allow for every setting to be defined by environment variable for both bare metal and Docker container deployments.
2023-04-14 07:12:02 -04:00
0ccdf9ac0d
resolved conflict from 737e104912
2023-04-12 09:28:58 +03:00
1081751c41
Merge remote-tracking branch 'origin/dev' into dev
2023-04-11 19:09:46 -04:00
f66d64ecbc
Fixed an issue with Azure and OIDC sessions not being properly cleared on logout.
2023-04-11 19:09:33 -04:00
71405549a7
Feature Update: Allow more than 100 rows in the zone list view. ( #1491 )
2023-04-11 18:57:51 -04:00
db30c77584
Show the current zone type and soa-edit-api settings on the zone settings page ( #1504 )
2023-04-11 18:56:29 -04:00
9f076330d6
Removed legacy backend controller code for handling authentication settings form submission.
2023-04-10 19:54:47 -04:00
6a19ed2903
Completed basic handling of authentication settings save process to the database.
2023-04-10 13:24:42 -04:00
022e780d77
Working on authentication editor data saving workflow.
2023-04-10 12:49:12 -04:00
0912dd2805
Working on Knockout model integration into existing authentication settings editor view.
...
Settings are now loading via new backend API.
2023-04-10 07:39:21 -04:00
737e104912
Added KnockoutJS NPM package.
...
Re-formatted and re-organized settings model.
Working on Knockout model integration into existing authentication settings editor view.
2023-04-09 10:11:00 -04:00
ece9626212
Updated the OAuth login handlers to utilize uniform user naming variables.
...
Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.
2023-04-08 18:14:40 -04:00
9168dd99e0
Updated the OAuth login handlers to utilize uniform user naming variables.
...
Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.
2023-04-08 18:11:55 -04:00
ab4495dc46
Completed the implementation of the SERVER_EXTERNAL_SSL environment setting into the app config files.
...
Completed the implementation of the aforementioned environment setting into the OAuth workflows.
Documented the aforementioned setting in the Environment-variables.md wiki document.
2023-04-08 17:05:27 -04:00
f5565bef23
merged activity_sql_perf_tuning #1487 to solve conflicts in forehand
2023-04-06 12:55:13 +03:00
d27fa2aa96
minor syntax improvement to use single history object as list
2023-04-04 22:27:21 +03:00
84d792ac07
Resolved merge conflict
2023-04-04 15:50:46 +03:00
fe10665e19
Refactored zone history retrieval, parsing and displaying code.
2023-04-04 15:32:52 +03:00
bae746cffe
Show the current zone type and soa-edit-api settings on the zone settings page
2023-04-03 17:40:46 +02:00
a2429ad9d6
Make it possible again to use a different Zone Type than 'native', fixes #1501
2023-04-02 20:46:32 +02:00
19335439bd
Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used.
...
For additional information, reference GitHub issue #1499 .
2023-04-02 09:19:05 -04:00
e6c0b4c15f
Performance gain in activity records list as in #1381
2023-03-30 16:23:03 +03:00
0d0339a316
fix #1485 : allow more than 100 rows default in dashboard
...
The dashboard.domains_custom route was hardcoded to either return all
the domains, or at most 100, regardless of default_domain_table_size
setting.
Make this limit be dependent on default_domain_table_size instead.
The API will now limit to 100 or default_domain_table_size, whichever
one is higher. This is done to not break any seconday use-cases that
might depend on the hardcoded setting.
2023-03-29 14:52:00 +02:00
bb34daa333
Activity pages history base_query unification and perfomance improvement for standard user
2023-03-28 16:41:08 +03:00
f44ff7d261
fix: fixed session clearing and let logout_user take care of cleanup
...
It seems when logging in and logging out, then logging back in, setting
the session timeout to 5 minutes, then waiting for expiry can cause
a situation when using SQLA-based sessions which results in a NULL field
in the database and causes a persistent 500 Internal Server Error.
As per issue 1439 here is a fix found by @raunz.
Resolves #1439 .
Tested for about 8 hours and tons and tons of expired sessions, could not
reproduce with the fix applied.
2023-03-18 19:14:58 +00:00
78f0332a2d
Merge branch 'dev' into nkupdates-password-policy
2023-03-17 15:31:10 -04:00
4fa8bf2556
Merge pull request #1454 from nkukard/nkupdates-fix-basic-auth-exception2
...
fix(auth:basic): Basic auth exception handling improvement
2023-03-17 15:28:20 -04:00
64017195da
feat(authentication): check password policy during user profile password change
2023-03-17 03:45:37 +00:00
fc14e9189d
feat(authentication): check password policy during registration of new users
2023-03-17 03:45:09 +00:00
1cea4b7ce3
feat(authentication): added password policy checker function
2023-03-17 03:44:08 +00:00
bb6d2d0497
feat(authentication): added admin settings for password policies
2023-03-17 03:42:45 +00:00
a9e18ec594
Make sure old history items will also be shown
2023-03-16 18:36:47 +01:00
a2d1179fd2
Change domain(s) to zone(s) in the python code and docs
2023-03-16 17:02:23 +01:00
17e3a8f942
fix(auth:basic): Basic auth exception handling improvement
...
Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a username, password = auth_header.split().
Similary passing a `Digest` authentication type would result in an exception as there is no :.
Thirdly passing invalid base64 encoded UTF-8 code sequences would result in exceptions as this issue (#1424 ).
I added code to check explicitly that we are doing basic authentication then by checking the number of entries returned by the split.
I also added exception handling for invalid UTF-8 code sequence exceptions.
Tested with a fuzzer.
Tested with valid and invalid credentials.
This fixes #1424 .
2023-03-15 01:09:46 +00:00
bd30c73ca4
Merge branch 'dev' into custom_current_user
2023-03-12 17:23:44 +02:00
ee68b18e27
Added custom header in created_by segment option
2023-03-12 13:36:30 +00:00
1afe9b4908
Finished adding new OAuth Server Metadata URL setting to Google, GitHub, and Microsoft OAuth service configuration features.
2023-03-12 09:13:54 -04:00
fd30e3ff49
Added new JWKS URL setting for each OAuth provider and updated the associated authorization service to use the setting during the initialization of the authlib.
2023-03-11 14:46:58 -05:00
26f3f79388
Corrected unauthorized side navigation change regarding the placement of the "Global Search" feature.
...
Removed the statistics and recent activity / history data display from the dashboard view.
2023-03-10 16:23:33 -05:00
4933351ac1
Revert "Revert "Clean up dashboard zone tabs""
...
This reverts commit 5f2fc514df
2023-03-06 08:30:00 -05:00
5f2fc514df
Revert "Clean up dashboard zone tabs"
...
This reverts commit fc39cc40ee
2023-03-04 11:27:44 -05:00
