Tyler Todd
e411bc9f19
Enable CAPTCHA
2023-01-30 22:46:59 +00:00
Bernward Sanchez
18bc336d7a
Potential fix
2023-01-11 18:21:40 +08:00
Matt Scott
89f3d4d01a
Revert "enhancement(routes/index.py): OIDC supports HTTP Scheme now"
2022-12-14 20:37:30 -05:00
Bernward Sanchez
f6c49c379d
Update index.py
2022-12-15 06:13:27 +08:00
corubba
3e462dab17
Fix csrf configuration
...
CSRF has been initialized *before* the app config was fully read. That
made it impossible to configure CSRF properly. Moved the CSRF init into
the routes module, and switched from programmatic to decorated
exemptions. GET routes don't need to be exempted because they are by
default.
2022-06-18 18:51:40 +02:00
Jérôme BECOT
a87b931520
feat: Move the account parse calls to a method
2022-06-18 14:30:56 +02:00
Jérôme BECOT
eb13b37e09
feat: Add the extra chars as an option
2022-06-18 14:30:56 +02:00
Jérôme BECOT
a3c50828a6
feat: Allow underscores and hyphens in account name
2022-06-18 14:28:32 +02:00
Vasileios Markopoulos
83d2f3c791
Merge pull request #1205 from joshsol1/master
...
Modification to SAML groups and group management
2022-06-18 13:39:01 +03:00
gadall
bf83e68a4b
Fix DynDNS2 using X-Forwarded-For ( #1214 )
...
utils.validate_ipaddress() takes a string, not a list
2022-06-18 13:11:22 +03:00
Josh Matthews
715c6b76cd
added code to raise user to operator on SAML auth if in the right group
2022-05-23 14:38:16 +10:00
jbe-dw
82f03a4de2
Merge pull request #1160 from AdvanticGmbH/json_load_error
...
Json load error
2022-04-26 17:54:08 +02:00
AdvanticGmbH
26c60f175d
Remove unnecessary call to str()
...
* json.dumps() already returns a str
2022-04-26 09:11:05 +02:00
AdvanticGmbH
44c9aff5db
Use json.dumps for every detail in history
...
This works much better instead of just writing a str to the db and
expect it to be loaded just fine from json.loads
2022-04-25 10:43:46 +02:00
KostasMparmparousis
4d6c6224b4
Login requirement removal for /ping endpoint
2022-04-20 13:31:23 +03:00
Veovis
bd92c5946c
Fix broken SAML login from 9c00e48f
2022-04-12 17:14:54 +02:00
jbe-dw
8cf2985335
Merge pull request #979 from mirko/make-onelogin-pkg-optional
...
routes/index.py: Make package 'onelogin.saml2.utils' optional
2022-04-07 13:37:00 +02:00
vmarkop
36cee8cddc
Fixed 'LOCAL' Authenticator Type showing for LDAP auth
2022-02-17 17:34:54 +02:00
Vasileios Markopoulos
94a923a965
Add 'otp_force' basic setting ( #1051 )
...
If the 'otp_force' and 'otp_field_enabled' basic settings are both enabled, automatically enable 2FA for the user after login or signup, if needed, by setting a new OTP secret. Redirect the user to a welcome page for scanning the QR code.
Also show the secret key in ASCII form on the user profile page for easier copying into other applications.
2021-12-17 11:41:51 +01:00
benshalev849
b3f9b4a2b0
OIDC list accounts ( #994 )
...
Added the function to use lists instead of a single string in account autoprovision.
2021-11-19 17:53:17 +02:00
zoeller-freinet
20b866a784
strip() whitespace from new local user master data ( #1019 )
...
When creating a new local user, there is a chance that, due to a copy &
paste or typing error, whitespace will be introduced at the start or end
of the username. This can lead to issues when trying to log in using the
affected username, as such a condition can easily be overlooked - no
user will be found in the database if entering the username without the
aforementioned whitespace. This commit therefore strip()s the username
string within routes/{admin,index}.py.
The firstname, lastname and email strings within
routes/{admin,index,user}.py are also strip()ped on this occasion.
2021-11-05 17:04:35 +02:00
Kostas Mparmparousis
6e04d0419b
Provision PDA user privileges based On LDAP Attributes ( #980 )
2021-08-05 19:37:48 +02:00
Mirko Vogt
9c00e48f0f
routes/index.py: Make package 'onelogin.saml2.utils' optional
...
The onelogin package is not part of all saml packages for whatever
reason (e.g. Debian) and not easily installable from pypi (requires
CC toolchain).
As the onelogin functionality is already guarded by whether
SAML_ENABLED is set in other places (services/saml.py), also do so
in routes/index.py.
2021-07-23 06:56:09 +00:00
Ian Bobbitt
39cddd3b34
SAML improvements for Docker ( #929 )
...
* Fix typo in managing user account membership with SAML assertion
* Support more config options from Docker env.
* Improve support for SAML key and cert from Docker secrets
Co-authored-by: Ian Bobbitt <ibobbitt@globalnoc.iu.edu>
2021-05-07 23:36:55 +02:00
jodygilbert
98db953820
Allow user role to view history ( #890 )
2021-03-27 19:33:11 +01:00
jodygilbert
4c19f95928
Improve account creation/permission handling based on Azure oAuth group membership ( #877 )
2021-01-31 11:31:56 +01:00
Khanh Ngo
55ad73d92e
Merge pull request #800 from cyso/pr/oidc-account
...
OIDC User and Account management during login
2020-10-10 14:32:14 +02:00
Khanh Ngo
a679073928
Merge pull request #773 from terbolous/azure-oauth
...
Add Account creation/permission handling based on Azure oAuth group membership
2020-10-10 14:20:26 +02:00
Nick Douma
f9f966df75
Allow for configuration of logout url
2020-08-06 15:29:02 +02:00
Nick Douma
27f5c89f70
Manage Account membership on oidc login
2020-08-06 15:28:54 +02:00
Nick Douma
ab6480a4b4
Update user with info from oidc during login
2020-08-06 15:28:27 +02:00
Erik Weber
22eabef06a
Use the correct matching group
2020-07-03 11:01:17 +02:00
Erik Weber
e993422106
Add regex matching for group/account description
2020-07-03 10:55:06 +02:00
Erik Weber
25db119d02
Add Account creation/permission handling based on Azure oAuth group membership
2020-07-03 08:55:31 +02:00
Ymage
4e39d5a461
Fix session clearing
2020-05-29 17:41:20 +02:00
Nicolás Fantone
52298f8289
Support login in through REMOTE_USER environment variable
...
Support redirecting remote users to logout URL and clearing remote login cookies
2020-05-22 15:31:24 +01:00
Khanh Ngo
78245d339f
Merge pull request #717 from RoeiGanor/master
...
OIDC custom claims
2020-05-17 13:44:52 +07:00
root
2044ce4737
oidc custom claims
2020-05-04 07:12:48 +00:00
Erik Weber
b03cbdea65
Azure oauth: Graph api calls it mail, not email
2020-04-30 12:15:19 +02:00
Erik Weber
b8442c4c5c
Azure oauth: remove preferredName from query
2020-04-30 12:14:32 +02:00
Marcus Knight
0e093d4eec
Support only having one auth method enabled (which isn't ldap/local)
2020-04-16 16:04:10 +08:00
Attila DEBRECZENI
e550b0a109
SAML debug attributes
2020-03-25 21:05:30 +00:00
Steve Shipway
cff4d0af53
Fix some formatting issues
2020-01-03 15:57:07 +13:00
Steve Shipway
765eab999a
Azure OAuth - add Group mappings to Roles
2020-01-03 15:36:38 +13:00
Khanh Ngo
4bdd433079
Fix migration script and LGTM
2019-12-21 22:26:56 +07:00
Khanh Ngo
7739bf7cfc
Add user email verification
2019-12-21 21:43:03 +07:00
Khanh Ngo
9a1b92fbc2
Add session timeout warning
2019-12-17 23:46:34 +07:00
Khanh Ngo
3e961d7b21
LGTM fixes
2019-12-16 16:27:18 +07:00
Khanh Ngo
f5b88ebc73
Merge branch 'master' into record_adjustment
2019-12-16 15:54:38 +07:00
Khanh Ngo
a891ed38e2
Add more log and history data
2019-12-16 11:01:16 +07:00