corubba
ae2ad6527a
Set csrf cookie to httponly
...
The CSRF token is currently inserted directly in the template and not
in the browser via JavaScript from the cookie, so making it inaccessible
is not a problem.
The Sesson-cookie is already httponly by default [0].
[0] https://flask.palletsprojects.com/en/2.1.x/config/?highlight=session_cookie_httponly#SESSION_COOKIE_HTTPONLY
2022-06-18 18:51:42 +02:00
Vasileios Markopoulos
83d2f3c791
Merge pull request #1205 from joshsol1/master
...
Modification to SAML groups and group management
2022-06-18 13:39:01 +03:00
Josh Matthews
2020055ab2
added code to pull the operator and admin groups from SAML auth requests
2022-05-23 14:39:29 +10:00
pixelrebel
8c85e80c2b
Add SAML_ATTRIBUTE_GROUP and SAML_GROUP_ADMIN_NAME to the development config, with instructions for use
2022-05-19 20:36:28 -07:00
pixelrebel
9221d58a1b
Allow SAML AttributeStatements to be optional
2022-05-19 14:52:51 -07:00
pixelrebel
5b36ad034d
Rename incorrect SAML cert/key config variables
2022-05-19 14:02:04 -07:00
Dominic Zöller
701a442d12
default config: add exemplary URL encoding step for SQLA DB URL params
...
SQLAlchemy database URLs follow RFC-1738, so parameters like username
and password need to be encoded accordingly.
https://docs.sqlalchemy.org/en/13/core/engines.html#database-urls
2021-11-30 22:29:00 +01:00
benshalev849
3081036c2c
Env oauth url ( #1030 )
...
Overriding settings in DB using environment variable in docker
2021-11-05 18:22:38 +02:00
Ian Bobbitt
39cddd3b34
SAML improvements for Docker ( #929 )
...
* Fix typo in managing user account membership with SAML assertion
* Support more config options from Docker env.
* Improve support for SAML key and cert from Docker secrets
Co-authored-by: Ian Bobbitt <ibobbitt@globalnoc.iu.edu>
2021-05-07 23:36:55 +02:00
jodygilbert
7f86730909
allow-server-side-sessions ( #855 )
2021-01-24 09:09:53 +01:00
Nicolás Fantone
eb730be8f9
Add remote user config settings
2020-05-25 14:12:32 +01:00
Roei Ganor
483c767d26
Offline installation and searchable inputs
2020-04-30 17:20:37 +00:00
Felix Kaechele
06266846ec
Use sqlite by default in docker
...
This allows for easy setup with no extra configuration.
Also update docs to reflect the new and easy way to run PowerDNS-Admin.
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2020-04-20 18:32:36 -04:00
Khanh Ngo
452c4a02d8
Merge pull request #690 from Atisom/master
...
SAML debug attributes
2020-04-06 09:40:03 +07:00
Khanh Ngo
b2d72d6603
Fix docker bool config value
2020-04-02 09:41:26 +07:00
Benjamin Bässler
7e97bec07f
Add docker secrets support
2020-03-27 00:59:28 +01:00
Attila DEBRECZENI
a581aa3cf2
add SAML_ASSERTION_ENCRYPTED envrionment
2020-03-25 21:35:20 +00:00
Khanh Ngo
7739bf7cfc
Add user email verification
2019-12-21 21:43:03 +07:00
Neven1986
3688cec91a
Support for SAML metadata Requested Attributes
...
Enhancements:
- More robust check when creating self-signed certificates
- Added support for SAML Requested Attributes through "SAML_SP_REQUESTED_ATTRIBUTES" parameter
2019-12-20 03:24:26 +01:00
Neven1986
567430790c
SAML certificate fix and enhancement
...
Problems resolved:
- Method create_self_signed_cert() was invoked nowhere. This puts parameter "SAML_SIGN_REQUEST" description in configs/development.py as incorrect
- Method create_self_signed_cert() was returning error while trying to write out certificate and private key. File handler was opened for writing out TEXT instead of BINARY data
Enhancements:
- Two new parameters are introduced SAML_CERT_FILE and SAML_KEY_FILE. User can now explicitly define own certificate and key file anywhere on file-system.
- If parameters mentioned in previous bullet aren't explicitly defined, in PowerDNS-Admin root directory self-signed certificate will be created.
- Certificates will be used or generated in any case, because in saml.py there are explicit parameters defined which require certificate/key in order to work normally. If they aren't, exception will be thrown. Examples of parameters defined in saml.py requiring certificate: wantAssertionsEncrypted, signMetadata, wantAssertionsSigned.
2019-12-19 00:40:25 +01:00
Khanh Ngo
8de6df4d3b
Fix the tests
...
Fix the tests
Fix the tests
2019-12-06 10:59:19 +07:00
Khanh Ngo
840e2a4750
Update docker stuff and bug fixes
2019-12-04 11:50:46 +07:00
Tim Jacomb
08de197cff
Sync config templates
2019-03-03 15:07:51 +00:00
Pavol Ipoth
1feb77e2f3
Add Api to PowerDNS-Admin
2019-03-01 23:50:04 +01:00
Pavol Ipoth
1ca311e120
Fix logging path, needs absolute path
2018-12-22 13:13:15 +01:00
Khanh Ngo
10d915ef92
Merge branch 'master' of github.com:ngoduykhanh/PowerDNS-Admin
2018-11-21 10:24:48 +07:00
Khanh Ngo
5f049debe5
Adding Flask-SeaSurf module for CSRF protection.
2018-11-21 10:24:33 +07:00
Balint Csergo
be96921864
support arbitrary db port, pdns_proto and pdns_port
2018-11-12 13:21:04 +01:00
Josh Soref
50e219039b
spelling: retrieve
2018-10-02 07:25:36 +00:00
Josh Soref
573291b4f5
spelling: configures
2018-10-02 07:05:42 +00:00
Josh Soref
7875be3b78
spelling: authentication
2018-10-02 07:03:41 +00:00
Khanh Ngo
05d2a5e3d3
Update PDA docker build and config
2018-08-26 00:12:58 +07:00
Khanh Ngo
9ed09e92fc
Fix ldap authentication
2018-08-09 16:21:42 +07:00
Khanh Ngo
c6bb58cfda
Sync config template to developement config
2018-08-07 09:14:52 +07:00
Xavier Krantz
363a093387
Fixes for a docker-compose working out of the box
2018-07-06 17:17:01 +02:00
Khanh Ngo
ef947aa896
Make A as default record when create a new one
2018-07-05 10:42:46 +07:00
Khanh Ngo
f85f814d9f
Add BG_DOMAIN_UPDATES config for docker development env
2018-06-11 17:02:01 +07:00
Khanh Ngo
2958ae663c
Validate user role and DNSSEC_ADMINS_ONLY config on DNSSEC related routes
2018-06-07 09:28:14 +07:00
Khanh Ngo
fba93a57e1
Merge updates from master branch
2018-04-18 10:12:07 +07:00
Khanh Ngo
5024cfad82
Change docker stuff
2018-04-16 22:42:29 +07:00
Khanh Ngo
0826702537
Update config template
2018-04-06 13:22:09 +07:00
Khanh Ngo
17a892b18d
Resolve the conflicts for #228
2018-04-02 13:38:53 +07:00
Khanh Ngo
bfb54e8bda
Add LDAP_ENABLE in config file
2018-04-01 15:08:55 +07:00
Khanh Ngo
65da9a7a4f
Adjustment in LDAP feature to work with python 3
2018-04-01 07:23:53 +07:00
Khanh Ngo
27074e688e
Update development config
2018-04-01 07:05:57 +07:00
Khanh Ngo
c668c21fc9
Adjustment to prevent exception in Google/Github authentication when local user cannot be created
2018-03-30 17:43:34 +07:00
Khanh Ngo
004ced015d
Update development config to add REVERSE_ALLOW_EDIT
2018-03-30 16:25:20 +07:00
Khanh Ngo
becca44a1d
Add more record to RECORDS_ALLOW_EDIT
2018-03-30 14:42:54 +07:00
Khanh Ngo
b5b3b77acb
Adjustment to work with Python3
2018-03-30 13:49:35 +07:00