Commit Graph

46 Commits

Author SHA1 Message Date
Jens Langhammer 660972e303 add ability to have non-expiring nonces, clean up expired nonces 2019-04-04 21:49:10 +02:00
Jens Langhammer a21012bf0c switch from raven to sentry_sdk 2019-04-04 21:48:50 +02:00
Jens Langhammer 10b7d99b37 Merge branch 'master' into 30-application-security-gateway
# Conflicts:
#	passbook/core/policies.py
#	passbook/core/settings.py
2019-03-21 14:58:10 +01:00
Jens Langhammer 260c5555fa add redis dependency back in for caching 2019-03-21 11:08:08 +01:00
Jens Langhammer ae3d3d0295 fix TypeError: can only concatenate list (not "str") to list 2019-03-20 22:50:09 +01:00
Jens Langhammer c23ceacd0b initial implementation of reverse proxy, using django-revproxy from within a middleware
add new config entry "primary_domain" which is used to set the cookie domain
2019-03-20 22:42:47 +01:00
Jens Langhammer 5f50fcfcf5 detect HTTPS from reverse proxy 2019-03-14 18:01:41 +01:00
Jens Langhammer 4c22e5c2c8 don't use celery heartbeat, use TCP keepalive instead 2019-03-12 13:34:54 +01:00
Jens Langhammer edd856df7d redis -> rabbitmq 2019-03-11 20:46:19 +01:00
Jens Langhammer 501fed1922 rewrite PasswordFactor to use backends setting instead of trying all backends 2019-03-10 21:47:08 +01:00
Jens Langhammer 2d7e8f1b50 add group administration 2019-03-08 15:49:45 +01:00
Jens Langhammer cd91d5ca15 Merge branch '1-suspicious-request' into 'master'
Resolve "Suspicious request detector (many invalid logins from one IP, many attempts on one username, etc)"

Closes #1

See merge request BeryJu.org/passbook!3
2019-03-03 20:04:56 +00:00
Jens Langhammer a4842c1f95 add sentry configuration 2019-03-03 20:48:31 +01:00
Jens Langhammer fb82d56307 create suspicious request detector and policy, add request to policy engine 2019-03-03 20:26:25 +01:00
Jens Langhammer c7fc444c95 add password policy 2019-03-03 17:12:05 +01:00
Jens Langhammer 96f7e70f9e enable always_eager when unittesting 2019-02-26 14:24:50 +01:00
Jens Langhammer 39d9fe9bf0 add passbook.pretend to use passbook in applications which don't support generic OAuth 2019-02-26 09:10:37 +01:00
Jens Langhammer 10d6a30f2c add experimental HaveIBeenPwned Password Policy 2019-02-25 17:21:56 +01:00
Jens Langhammer bb81bb5a8d totp => otp, integrate with factors, new setup form 2019-02-25 12:29:40 +01:00
Jens Langhammer b7ac4f1dd2 add psycopg2 as dependency 2019-02-21 16:30:56 +01:00
Jens Langhammer c941107d42 Rules -> Policies, more things 2019-02-21 16:06:57 +01:00
Jens Langhammer d32699b332 remove reversion 2019-02-16 09:53:32 +01:00
Jens Langhammer 59a15c988f Move Factor instances to database 2019-02-16 09:52:37 +01:00
Jens Langhammer d5ab20ee12 fix coverage failing 2019-02-11 17:36:36 +01:00
Jens Langhammer 648f614a1a redo migrations, cleanup 2019-02-08 14:57:59 +01:00
Jens Langhammer d4a6e28fe6
core: add custom group model with hierarchy , add tree admin 2018-12-27 00:38:42 +01:00
Jens Langhammer 70afabec7e
Switch to explicit AppConfig declaration 2018-12-26 14:32:33 +01:00
Jens Langhammer 5f9befb5ee core: load db from yml 2018-12-18 13:26:47 +01:00
Jens Langhammer 196be4b3b0 Add captcha_factor 2018-12-14 13:51:12 +01:00
Jens Langhammer fbf58801ec totp: rename tfa to totp 2018-12-14 10:09:57 +01:00
Jens Langhammer 52d1920914 core: fix mfa, split up into multiple files, move factors to settings 2018-12-14 09:49:34 +01:00
Jens Langhammer 43fe9e062d
core: add static root 2018-12-09 22:12:41 +01:00
Jens Langhammer db3ae58a21
core: switch to different cookie names 2018-12-09 21:06:36 +01:00
Jens Langhammer 731b745d0c core: switch role evaluating to celery worker 2018-11-27 16:23:29 +01:00
Jens Langhammer cde35515c7 Fix prospector errors and move secret_key to yaml config 2018-11-27 10:56:40 +01:00
Jens Langhammer c507e310b5 switch to self-rendered forms 2018-11-26 22:07:40 +01:00
Jens Langhammer 15ed14046e Fixup verbose names 2018-11-26 17:17:32 +01:00
Jens Langhammer 76a43a7818
Fix oauth2 authorisation form not working 2018-11-25 12:31:55 +01:00
Jens Langhammer 28557806c5
Fix some settings not being overwritten 2018-11-24 22:27:02 +01:00
Jens Langhammer d0a7bf5ecc Add api and audit structure 2018-11-23 17:05:41 +01:00
Jens Langhammer e9e6f632e3 Fix message icons and show messages on login view 2018-11-23 09:44:22 +01:00
Jens Langhammer 095a5c0268 core: add basic model against which rules can be checked 2018-11-22 13:12:59 +01:00
Jens Langhammer c1276e9695 redo models again 2018-11-16 11:41:14 +01:00
Jens Langhammer a2904d3ade more cleanup, remove supervisr imports 2018-11-16 10:08:15 +01:00
Jens Langhammer fbaab4efaf
Many broken things 2018-11-16 09:10:35 +01:00
Jens Langhammer 5aa245cac0
add working oauth and ldap client 2018-11-11 13:41:48 +01:00