Jens Langhammer
|
a4842c1f95
|
add sentry configuration
|
2019-03-03 20:48:31 +01:00 |
|
Jens Langhammer
|
a4707ddc54
|
fix failing unittests
|
2019-03-03 20:34:00 +01:00 |
|
Jens Langhammer
|
fb82d56307
|
create suspicious request detector and policy, add request to policy engine
|
2019-03-03 20:26:25 +01:00 |
|
Jens Langhammer
|
1a1005f80d
|
remove audit's LoginAttempt
|
2019-03-03 20:13:54 +01:00 |
|
Jens Langhammer
|
e86cae6cac
|
Merge branch '18-password-expiry' into 'master'
Resolve "Password Expiry"
Closes #18
See merge request BeryJu.org/passbook!2
|
2019-03-03 16:53:31 +00:00 |
|
Jens Langhammer
|
0b282f45e0
|
fix pylint messages
|
2019-03-03 17:45:20 +01:00 |
|
Jens Langhammer
|
791e88ffc1
|
Fix negate on FieldMatcherPolicy
|
2019-03-03 17:21:58 +01:00 |
|
Jens Langhammer
|
7bd3c4bccf
|
Better handle Policy.action and Policy.negate
|
2019-03-03 17:12:53 +01:00 |
|
Jens Langhammer
|
722e2e4050
|
Show warning when un-attached policies exist
|
2019-03-03 17:12:35 +01:00 |
|
Jens Langhammer
|
c7fc444c95
|
add password policy
|
2019-03-03 17:12:05 +01:00 |
|
Jens Langhammer
|
20ad062814
|
Log SAML Authorization actions
|
2019-03-03 00:34:34 +01:00 |
|
Jens Langhammer
|
fcb5d36e07
|
cleanup SAML urls
|
2019-03-03 00:07:40 +01:00 |
|
Jens Langhammer
|
9b131b619f
|
Show warning message when no Factor exists
|
2019-03-02 23:54:40 +01:00 |
|
Jens Langhammer
|
54427f7c68
|
use HTML5 autocomplete values to better handle password managers
|
2019-03-02 23:19:58 +01:00 |
|
Jens Langhammer
|
35eef9c28d
|
improve worker warning
|
2019-03-02 22:41:25 +01:00 |
|
Jens Langhammer
|
e88a82553d
|
use separate Form for Admin user editing (allow is_staff and is_active)
|
2019-03-02 22:41:14 +01:00 |
|
Jens Langhammer
|
01a9520140
|
add import_users script to import users from CSV with already hashed passwords
|
2019-03-02 22:40:47 +01:00 |
|
Jens Langhammer
|
c6721a83a4
|
bump version: 0.1.1-alpha -> 0.1.1-beta
|
2019-02-27 17:45:10 +01:00 |
|
Jens Langhammer
|
46866e8ef0
|
bump version: 0.1.0-beta -> 0.1.1-alpha
|
2019-02-27 17:43:28 +01:00 |
|
Jens Langhammer
|
4c3fced4e9
|
bump version: 0.1.0-alpha -> 0.1.0-beta
|
2019-02-27 16:45:52 +01:00 |
|
Jens Langhammer
|
172347d90f
|
bump version: 0.0.13-alpha -> 0.1.0-alpha
|
2019-02-27 16:42:52 +01:00 |
|
Jens Langhammer
|
f54520b5cf
|
bump version: 0.0.12-alpha -> 0.0.13-alpha
|
2019-02-27 16:06:28 +01:00 |
|
Jens Langhammer
|
d7c4697625
|
Only use one create template, get title from Form's Model
|
2019-02-27 16:06:20 +01:00 |
|
Jens Langhammer
|
5584f5bda8
|
switch to PolicyEngine everywhere
|
2019-02-27 15:49:20 +01:00 |
|
Jens Langhammer
|
2ce6f5a714
|
improve error display on forms
|
2019-02-27 15:49:05 +01:00 |
|
Jens Langhammer
|
c66945623a
|
Improve admin interface more (back links, better headlines)
|
2019-02-27 15:48:33 +01:00 |
|
Jens Langhammer
|
cbae05c74c
|
show more useful information on admin overview
|
2019-02-27 15:45:42 +01:00 |
|
Jens Langhammer
|
5b771da972
|
switch from first_name and last_name to name
|
2019-02-27 15:09:05 +01:00 |
|
Jens Langhammer
|
2db1738e4a
|
make Admin UI more consistent, better show when provider has no application assigned
|
2019-02-27 14:47:11 +01:00 |
|
Jens Langhammer
|
95de6a14fd
|
bump version: 0.0.11-alpha -> 0.0.12-alpha
|
2019-02-27 13:18:28 +01:00 |
|
Jens Langhammer
|
17132ebc19
|
Verify OAuth Username vuln and fix closes #9
|
2019-02-27 13:18:16 +01:00 |
|
Jens Langhammer
|
289be46388
|
fix SAML Views not having LoginRequiredMixin
|
2019-02-27 12:36:18 +01:00 |
|
Jens Langhammer
|
6c300b7b31
|
autofocus password field
|
2019-02-27 12:35:57 +01:00 |
|
Jens Langhammer
|
b726583084
|
Keep GET parameters throughout entire login process
|
2019-02-27 12:35:48 +01:00 |
|
Jens Langhammer
|
48055d1cfd
|
fix CSRF Bug in SAML
|
2019-02-27 11:20:52 +01:00 |
|
Jens Langhammer
|
e7a02104db
|
fix display on mobile
|
2019-02-27 09:33:12 +01:00 |
|
Jens Langhammer
|
556740d7bc
|
add PasswordPolicyForm back in
|
2019-02-26 15:41:11 +01:00 |
|
Jens Langhammer
|
421f51770c
|
implement password policy checking on signup and password change closes #8
|
2019-02-26 15:40:58 +01:00 |
|
Jens Langhammer
|
96f7e70f9e
|
enable always_eager when unittesting
|
2019-02-26 14:24:50 +01:00 |
|
Jens Langhammer
|
ad96f7dbb8
|
add E-Mail support via celery task, untested, closes #17
|
2019-02-26 14:10:53 +01:00 |
|
Jens Langhammer
|
e7fb48eba2
|
bump version: 0.0.10-alpha -> 0.0.11-alpha
|
2019-02-26 13:06:26 +01:00 |
|
Jens Langhammer
|
b19b5b644d
|
remove hardcoded passwords
|
2019-02-26 13:06:22 +01:00 |
|
Jens Langhammer
|
250b6691d4
|
bump version: 0.0.9-alpha -> 0.0.10-alpha
|
2019-02-26 12:44:02 +01:00 |
|
Jens Langhammer
|
e3b02a6e78
|
fix isort/pylint issues
|
2019-02-26 12:43:59 +01:00 |
|
Jens Langhammer
|
e94ef34d8f
|
bump version: 0.0.8-alpha -> 0.0.9-alpha
|
2019-02-26 12:35:28 +01:00 |
|
Jens Langhammer
|
49e945307a
|
Re-enable OTP Disable View
|
2019-02-26 12:35:24 +01:00 |
|
Jens Langhammer
|
edfe0e5450
|
fix broken Docker build and helm package
|
2019-02-26 12:34:51 +01:00 |
|
Jens Langhammer
|
06b65a7882
|
add unittests, woo
|
2019-02-26 10:57:05 +01:00 |
|
Jens Langhammer
|
ff9bc8aa70
|
Automatically create PasswordFactor on initial setup closes #16
|
2019-02-26 09:54:51 +01:00 |
|
Jens Langhammer
|
28da67abe6
|
Improve partially broken Delete Views, show success message on deletion
|
2019-02-26 09:49:42 +01:00 |
|
Jens Langhammer
|
39d9fe9bf0
|
add passbook.pretend to use passbook in applications which don't support generic OAuth
|
2019-02-26 09:10:37 +01:00 |
|
Jens Langhammer
|
750117b0fd
|
Cleanup templates, handle OAuth Provider without application better
|
2019-02-26 09:09:19 +01:00 |
|
Jens Langhammer
|
983462f80d
|
user/ -> _/user/ to prevent duplicate URLs
|
2019-02-26 09:08:49 +01:00 |
|
Jens Langhammer
|
4ae31d409b
|
directly use paths instead of including oauth2_provider's
|
2019-02-26 09:08:22 +01:00 |
|
Jens Langhammer
|
98b414f3e2
|
add SignUp Confirmation (required by default, can be disabled in invitations) closes #6
|
2019-02-25 21:03:24 +01:00 |
|
Jens Langhammer
|
a0d42092e3
|
add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7
|
2019-02-25 20:46:23 +01:00 |
|
Jens Langhammer
|
f2569b6424
|
improve placeholder on login template
|
2019-02-25 19:43:33 +01:00 |
|
Jens Langhammer
|
9d344d887c
|
add more information to administrator Overview
|
2019-02-25 17:52:51 +01:00 |
|
Jens Langhammer
|
7e9154a0ea
|
bump version: 0.0.7-alpha -> 0.0.8-alpha
|
2019-02-25 17:39:39 +01:00 |
|
Jens Langhammer
|
e0ef061771
|
fix pylint errors....
|
2019-02-25 17:32:52 +01:00 |
|
Jens Langhammer
|
b8694a7ade
|
fix bandit error (SHA1 has to be used)
|
2019-02-25 17:23:42 +01:00 |
|
Jens Langhammer
|
10d6a30f2c
|
add experimental HaveIBeenPwned Password Policy
|
2019-02-25 17:21:56 +01:00 |
|
Jens Langhammer
|
8c94aef6d0
|
add stub test so coverage doesn't crash
|
2019-02-25 17:21:06 +01:00 |
|
Jens Langhammer
|
8611ac624c
|
Make links on admin overview site actually useful
|
2019-02-25 17:11:52 +01:00 |
|
Jens Langhammer
|
fa93b59a8c
|
switch to toast notifications everywhere
|
2019-02-25 16:41:53 +01:00 |
|
Jens Langhammer
|
8b66b40f0d
|
move forgot password to PasswordFactor
|
2019-02-25 16:41:33 +01:00 |
|
Jens Langhammer
|
c2756f15fc
|
Correctly display action on Create/Update templates
|
2019-02-25 16:40:46 +01:00 |
|
Jens Langhammer
|
408e205c5f
|
add signal for password change, add field for password policies
|
2019-02-25 15:41:36 +01:00 |
|
Jens Langhammer
|
5f3ab49535
|
fix bug when Empty username is given to LoginAttempt.attempt
|
2019-02-25 14:10:29 +01:00 |
|
Jens Langhammer
|
33431ae013
|
improve OAuth Source Setup process, fix login template, closes #3
|
2019-02-25 14:10:10 +01:00 |
|
Jens Langhammer
|
b40ac6dc5d
|
more Icons cause everyone loves icons
|
2019-02-25 13:31:11 +01:00 |
|
Jens Langhammer
|
fec9b5cf94
|
bump version: 0.0.6-alpha -> 0.0.7-alpha
|
2019-02-25 13:20:12 +01:00 |
|
Jens Langhammer
|
986fed3e7c
|
add hook for Factors to show user settings. closes #5
|
2019-02-25 13:20:07 +01:00 |
|
Jens Langhammer
|
da5568b571
|
cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template
|
2019-02-25 13:02:50 +01:00 |
|
Jens Langhammer
|
bb81bb5a8d
|
totp => otp, integrate with factors, new setup form
|
2019-02-25 12:29:40 +01:00 |
|
Jens Langhammer
|
9c2cfd7db4
|
use Inheritance for Factors instead of JSONField
|
2019-02-24 22:39:09 +01:00 |
|
Jens Langhammer
|
292fbecca0
|
add password change view
|
2019-02-23 20:56:41 +01:00 |
|
Jens Langhammer
|
e5a405bf43
|
Register applications with Branded name for UI Dropdown
|
2019-02-23 20:42:14 +01:00 |
|
Jens Langhammer
|
66c0fc9d9a
|
Move factor base template to form_with_user
|
2019-02-23 20:41:43 +01:00 |
|
Jens Langhammer
|
5fa8711bfa
|
change hostname to localhost for k8s CI
|
2019-02-21 17:04:46 +01:00 |
|
Jens Langhammer
|
dd9cd7aa0c
|
automatically fill slug field while typing
|
2019-02-21 17:01:12 +01:00 |
|
Jens Langhammer
|
8bc8765035
|
use postgres service for CI
|
2019-02-21 16:50:36 +01:00 |
|
Jens Langhammer
|
b7ac4f1dd2
|
add psycopg2 as dependency
|
2019-02-21 16:30:56 +01:00 |
|
Jens Langhammer
|
183308e444
|
fix Contains not working correctly
|
2019-02-21 16:21:45 +01:00 |
|
Jens Langhammer
|
c941107d42
|
Rules -> Policies, more things
|
2019-02-21 16:06:57 +01:00 |
|
Jens Langhammer
|
d3d75737ed
|
switch to drf_yasg
|
2019-02-21 16:05:59 +01:00 |
|
Jens Langhammer
|
7601351f51
|
add help texts to explain naming
|
2019-02-16 11:25:53 +01:00 |
|
Jens Langhammer
|
df45797b4a
|
fix inconsistent naming again
|
2019-02-16 11:13:00 +01:00 |
|
Jens Langhammer
|
744a320731
|
fix inconsistent naming
|
2019-02-16 10:59:23 +01:00 |
|
Jens Langhammer
|
89722336e3
|
fix duplicate Class naming
|
2019-02-16 10:54:15 +01:00 |
|
Jens Langhammer
|
d6f4832e90
|
Rule -> Policies
|
2019-02-16 10:24:31 +01:00 |
|
Jens Langhammer
|
d32699b332
|
remove reversion
|
2019-02-16 09:53:32 +01:00 |
|
Jens Langhammer
|
59a15c988f
|
Move Factor instances to database
|
2019-02-16 09:52:37 +01:00 |
|
Jens Langhammer
|
6649eb401e
|
bump version: 0.0.5-alpha -> 0.0.6-alpha
|
2019-02-13 16:41:59 +01:00 |
|
Jens Langhammer
|
b657d7319d
|
fix failing docker build and failing helm packaging
|
2019-02-13 16:41:51 +01:00 |
|
Jens Langhammer
|
a9d29067bf
|
bump version: 0.0.4-alpha -> 0.0.5-alpha
|
2019-02-11 18:01:45 +01:00 |
|
Jens Langhammer
|
b4cb157257
|
bump version: 0.0.3-alpha -> 0.0.4-alpha
|
2019-02-11 17:44:42 +01:00 |
|
Jens Langhammer
|
d5ab20ee12
|
fix coverage failing
|
2019-02-11 17:36:36 +01:00 |
|
Jens Langhammer
|
0e73702fca
|
add PasswordPolicyRule (not used yet)
|
2019-02-10 20:09:47 +01:00 |
|
Jens Langhammer
|
58ebd15ada
|
fix mismatched Version numbers and missing verbose_names
|
2019-02-10 20:08:29 +01:00 |
|
Jens Langhammer
|
1a998e5020
|
bump version: 0.0.2-alpha -> 0.0.3-alpha
|
2019-02-08 15:19:31 +01:00 |
|
Jens Langhammer
|
d8eb926a76
|
fix migration import order
|
2019-02-08 15:19:29 +01:00 |
|
Jens Langhammer
|
4459f9c529
|
bump version: 0.0.1-alpha -> 0.0.2-alpha
|
2019-02-08 15:09:22 +01:00 |
|
Jens Langhammer
|
648f614a1a
|
redo migrations, cleanup
|
2019-02-08 14:57:59 +01:00 |
|
Jens Langhammer
|
26a23a448d
|
admin: fix requirements not being installed
|
2018-12-27 12:36:30 +01:00 |
|
Jens Langhammer
|
d4a6e28fe6
|
core: add custom group model with hierarchy , add tree admin
|
2018-12-27 00:38:42 +01:00 |
|
Jens Langhammer
|
ebda84bcaf
|
saml_idp: cleanup, fix XML signing
|
2018-12-26 21:56:08 +01:00 |
|
Jens Langhammer
|
aa7e3c2a15
|
saml_idp: cleanup settings, add was processor
|
2018-12-26 21:55:37 +01:00 |
|
Jens Langhammer
|
0c9a00acbe
|
admin: only add link if function returns not None
|
2018-12-26 21:55:14 +01:00 |
|
Jens Langhammer
|
4d5f688a44
|
saml_idp: fix bandit issues
|
2018-12-26 17:26:17 +01:00 |
|
Jens Langhammer
|
60d4a30992
|
saml_idp: cleanup urls, codex -> utils, remove registry
|
2018-12-26 17:21:20 +01:00 |
|
Jens Langhammer
|
2eae37107d
|
core: add slug to application
|
2018-12-26 17:17:39 +01:00 |
|
Jens Langhammer
|
7178468135
|
admin: add support for extra links
|
2018-12-26 17:17:24 +01:00 |
|
Jens Langhammer
|
70afabec7e
|
Switch to explicit AppConfig declaration
|
2018-12-26 14:32:33 +01:00 |
|
Jens Langhammer
|
856687475d
|
core: show text if no applications are defined
|
2018-12-19 10:17:30 +01:00 |
|
Jens Langhammer
|
af77a768fb
|
core: only show Admin menu if user is admin
|
2018-12-19 10:17:17 +01:00 |
|
Jens Langhammer
|
85468f386e
|
audit: fix usage of timezone-naive date-time
|
2018-12-19 10:16:52 +01:00 |
|
Jens Langhammer
|
9abcc8852d
|
core: add more logging
|
2018-12-18 15:35:30 +01:00 |
|
Jens Langhammer
|
2e4a0297a4
|
audit: add basic login attempt tracking
|
2018-12-18 15:35:23 +01:00 |
|
Jens Langhammer
|
0c53a95b06
|
core: mfa cleanup session after successful login
|
2018-12-18 15:34:26 +01:00 |
|
Jens Langhammer
|
c140c6f524
|
core: better handle MFA BackendFactor failures
|
2018-12-18 15:34:15 +01:00 |
|
Jens Langhammer
|
f26962268e
|
core: fix error display on login form
|
2018-12-18 15:33:52 +01:00 |
|
Jens Langhammer
|
1d4f49d269
|
core: fix invalid mfa-denied URL declaration
|
2018-12-18 15:33:06 +01:00 |
|
Jens Langhammer
|
d729dc45d5
|
lib: enable email as uid field by default
|
2018-12-18 15:32:52 +01:00 |
|
Jens Langhammer
|
b718be6593
|
Audit: fix invalid signal signature
|
2018-12-18 13:27:01 +01:00 |
|
Jens Langhammer
|
5f9befb5ee
|
core: load db from yml
|
2018-12-18 13:26:47 +01:00 |
|
Jens Langhammer
|
8383df2441
|
core: add temporary login form with support for sources
|
2018-12-18 13:26:14 +01:00 |
|
Jens Langhammer
|
b0fa302718
|
core: add is_link and get_url property to base Source
|
2018-12-18 13:24:58 +01:00 |
|
Jens Langhammer
|
f6c5f10d65
|
oauth_client: cleanup
|
2018-12-18 13:24:26 +01:00 |
|
Jens Langhammer
|
76d70ed3b0
|
core: slightly adjust login form
|
2018-12-18 10:40:59 +01:00 |
|
Jens Langhammer
|
65bdca30ae
|
oauth_client: add separate forms for Provider Types
|
2018-12-18 10:40:46 +01:00 |
|
Jens Langhammer
|
8d5abeaede
|
saml_idp: fix open todos
|
2018-12-17 11:52:02 +01:00 |
|
Jens Langhammer
|
764282ea9e
|
saml_idp: Rewrite to CBV
|
2018-12-16 17:09:26 +01:00 |
|
Jens Langhammer
|
7a62bf9829
|
oauth_provider: log authorisation to audit
|
2018-12-16 17:09:14 +01:00 |
|
Jens Langhammer
|
9e289e9937
|
core: add about modal
|
2018-12-16 16:02:03 +01:00 |
|
Jens Langhammer
|
9117e09f1c
|
core: update brand
|
2018-12-16 15:43:23 +01:00 |
|
Jens Langhammer
|
5c56888451
|
saml_idp: fix recursive import
|
2018-12-14 15:44:46 +01:00 |
|
Jens Langhammer
|
625835a266
|
saml_idp: start rewriting to use DB Certs
|
2018-12-14 15:30:11 +01:00 |
|
Jens Langhammer
|
e81f525cea
|
core,oauth_provider: cleanup templates, add MFA error view
|
2018-12-14 15:18:02 +01:00 |
|
Jens Langhammer
|
6314ffab46
|
admin: fix import errors
|
2018-12-14 14:33:15 +01:00 |
|
Jens Langhammer
|
25fbadc813
|
admin: add basic user admin
|
2018-12-14 14:24:04 +01:00 |
|
Jens Langhammer
|
196be4b3b0
|
Add captcha_factor
|
2018-12-14 13:51:12 +01:00 |
|
Jens Langhammer
|
c4cd602fcb
|
core: cleanup templates, add template for backend authentication
|
2018-12-14 13:50:58 +01:00 |
|
Jens Langhammer
|
a373054e90
|
admin: add basic audit display
|
2018-12-14 10:28:37 +01:00 |
|
Jens Langhammer
|
258d59ef1b
|
totp: fix invalid settings
|
2018-12-14 10:28:25 +01:00 |
|
Jens Langhammer
|
fbf58801ec
|
totp: rename tfa to totp
|
2018-12-14 10:09:57 +01:00 |
|
Jens Langhammer
|
52d1920914
|
core: fix mfa, split up into multiple files, move factors to settings
|
2018-12-14 09:49:34 +01:00 |
|
Jens Langhammer
|
83ed1d857b
|
core: implement new mfa authentication
|
2018-12-13 18:02:08 +01:00 |
|
Jens Langhammer
|
32a73cbbf3
|
audit: add created field
|
2018-12-13 18:01:45 +01:00 |
|
Jens Langhammer
|
3267d7fb99
|
core: shrink login wallpaper
|
2018-12-13 18:01:21 +01:00 |
|